<html>
<body>
<p>
Test that window.onerror won't reveal any potentially sensitive script content if the latter is loaded from a different domain after a redirect. The test passes if you don't see any data from the linked resource. <a href="https://bugs.webkit.org/show_bug.cgi?id=52903">Bug 52903.</a>
</p>
<div id="result"></div>
<script>
if (window.testRunner) {
testRunner.waitUntilDone();
testRunner.dumpAsText();
}
window.onerror = function(message, url, line) {
document.getElementById("result").textContent = "window.onerror message: " + message + " at " + url + ": " + line;
if (window.testRunner)
testRunner.notifyDone();
return true;
}
</script>
<script src="resources/redir.php?url=http://localhost:8000/security/resources/cross-origin-script.txt">
</script>
</body>
</html>
Codebase Browser
chromium