<html>
<head>
<script>
if (window.testRunner)
testRunner.dumpAsText();
window.onload = function()
{
document.getElementById("result").innerHTML = (document.getElementById("f").sandbox != "allow-scripts")
? "FAIL: sandbox attribute modified"
: "PASS";
}
</script>
</head>
<body>
<p>This is a "sanity" test case to verify that a sandboxed
frame cannot break out of its sandbox by modifying its own sandbox
attribute. Two attempts are made:</p>
<ol>
<li>First, an attempt is made to modify the sandbox attribute of the
"self" object, referring to the frame's window. This should
not have any effect (the attribute is associated with the iframe DOM
node, not the window). No warning is expected.</li>
<li>Second, an attempt is made to modify the iframe DOM object's sandbox
attribute. A warning message (about cross-site scripting) is expected,
and the sandbox attribute should remain intact.</li>
</ol>
<p>This test will print "PASS" on success.</p>
<p id="result">FAIL</p>
<iframe id="f"
sandbox="allow-scripts"
src="resources/sandboxed-iframe-modify-self.html">
</iframe>
</body>
</html>
Codebase Browser
chromium