The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a data: URL. This tests that this main document does not have access to that data: URL loaded iframe.
PASS: Cross frame access to a data: URL embed in a frame on a foreign domain denied!
--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
Inner iframe on a foreign domain.
--------
Frame: 'aFrame'
--------
PASS: Cross frame access from a frame on a foreign domain denied!
Inner-inner iframe. This iframe (which is data: URL and whose parent is on a foreign domain) is the frame that the main frame is trying to access. It should not have access to it.
Codebase Browser
chromium