chromium/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/sandbox-in-http-header-control.html

<!DOCTYPE html>
<iframe src="resources/sandbox.php?sandbox=allow-top-navigation%20allow-same-origin"></iframe>
<script>
if (window.testRunner)
    testRunner.dumpAsText();

window.onload = function() {
    var frame = document.getElementsByTagName("iframe")[0];
    if (frame.contentDocument)
        alert("PASS: Iframe was not in a unique origin");
    else
        alert("FAIL: Iframe was in a unique origin");
};
</script>