<html>
<head>
<script>
var local = "FAIL: Access to cross-origin scope.";
// Set a foo function on the object prototype.
Object.prototype.foo = function() {
top.postMessage('PASS: Called the correct method.', '*');
}
window.onload = function() {
top.postMessage('ready', '*');
}
window.addEventListener('message', function(e) {
// This call should always hit the function above, but
// using on object literal, we manage to overwrite it.
Object.prototype.foo();
top.postMessage('done', '*');
}, false);
</script>
</head>
<body>
object-literals-cross-origin
</body>
</html>
Codebase Browser
chromium