Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/cannot-read-cssrules.html 

<!DOCTYPE html>
<html>
<head>
<script src="../../../resources/testharness.js"></script>
<script src="../../../resources/testharnessreport.js"></script>
<link rel="stylesheet"
      href="http://localhost:8000/security/resources/cssStyle.css">
<link rel="stylesheet" href="resources/cssStyle.css">
<script>

test(() => {
  var sheet1 = document.styleSheets[0];
  assert_throws_dom("SecurityError", () => {
    sheet1.cssRules;
  });
  assert_throws_dom("SecurityError", () => {
    sheet1.rules;
  });
}, "Can't access Cross-Origin sheets");

test(() => {
  var sheet2 = document.styleSheets[1];
  assert_not_equals(sheet2.cssRules, null);
  assert_not_equals(sheet2.rules, null);
}, "Can access Same-Origin sheets");

</script>
</head>
<body>
<p>This test whether a script can read the rules from a cross-origin style
sheet.  For more information on why we block this, please see
<a href="https://bugs.webkit.org/show_bug.cgi?id=20527">https://bugs.webkit.org/show_bug.cgi?id=20527</a>.
</p>
</body>
</html>