Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/cross-frame-access-location-get.html 

<html>
<head>
    <script src="resources/cross-frame-access.js"></script>
    <script>
        window.onload = function()
        {
            if (window.testRunner) {
                testRunner.dumpAsText();
                testRunner.waitUntilDone();
            }

            window.targetWindow = frames[0];

            log("\n----- tests for getting window.location's properties -----\n");

            shouldBeTrue("canGet('targetWindow.location')");
            shouldBe("toString('targetWindow.location', '')", "''");

            log("Firefox allows access to 'location.toString' but throws an exception when you call it.");
            shouldBeFalse("canGet('targetWindow.location.toString')");
            shouldBeTrue("accessThrowsException('targetWindow.location.toString')");

            shouldBeFalse("canGet('targetWindow.location.assign')");
            shouldBeFalse("canGet('targetWindow.location.hash')");
            shouldBeFalse("canGet('targetWindow.location.host')");
            shouldBeFalse("canGet('targetWindow.location.hostname')");
            shouldBeFalse("canGet('targetWindow.location.href')");
            shouldBeFalse("canGet('targetWindow.location.pathname')");
            shouldBeFalse("canGet('targetWindow.location.port')");
            shouldBeFalse("canGet('targetWindow.location.protocol')");
            shouldBeFalse("canGet('targetWindow.location.reload')");
            shouldBeFalse("canGet('targetWindow.location.search')");
            shouldBeFalse("canGet('targetWindow.location.existingCustomProperty')");
            shouldBeFalse("canGet('targetWindow.location[1]')");

            shouldBeTrue("accessThrowsException('targetWindow.location.href')");
            shouldBeTrue("accessThrowsException('targetWindow.location.hash')");
            shouldBeTrue("accessThrowsException('targetWindow.location.host')");
            shouldBeTrue("accessThrowsException('targetWindow.location.hostname')");
            shouldBeTrue("accessThrowsException('targetWindow.location.pathname')");
            shouldBeTrue("accessThrowsException('targetWindow.location.port')");
            shouldBeTrue("accessThrowsException('targetWindow.location.protocol')");
            shouldBeTrue("accessThrowsException('targetWindow.location.search')");
            shouldBeTrue("accessThrowsException('targetWindow.location.existingCustomProperty')");
            shouldBeTrue("accessThrowsException('targetWindow.location[1]')");

            shouldBeTrue("canGet('targetWindow.location.replace')");

            if (window.testRunner)
                testRunner.notifyDone();
        }
    </script>
</head>
<body>
    <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html"></iframe>
    <pre id="console"></pre>
</body>
</html>