<html>
<head>
<script src="resources/cross-frame-access.js"></script>
</head>
<body>
<iframe id="aFrame" name="aFrame"></iframe>
<pre id="console"></pre>
<script>
// Explicitly set the domain.
document.domain = "127.0.0.1";
var url = "http://127.0.0.1:8000/security/resources/cross-frame-iframe.html";
var iframeId ="aFrame";
var passMessage = "PASS: Cross frame access from frame explicitly setting document.domain was denied.";
var failMessage = "Fail: Cross frame access from frame explicitly setting document.domain was allowed.";
cannotAccessFrame(url, iframeId, passMessage, failMessage);
</script>
</body>
</html>
Codebase Browser
chromium