xss-DENIED-synchronous-form.html | Explore in Territory

<html>
<head>
<script>
if (window.testRunner) {
  testRunner.dumpAsText();
  testRunner.waitUntilDone();
}

function log(msg) {
  var div = document.createElement('div');
  div.appendChild(document.createTextNode(msg));
  document.getElementById('console').appendChild(div);
}

function attacked() {
  log('FAIL: Cross-domain iframe was able to access this frame');
}

window.addEventListener('message', function(e) {
  log(e.data);
  if (window.testRunner)
    testRunner.notifyDone();
}, false);
</script>
</head>
<body>
<div id="console"></div>
<script>
log('Waiting for iframe...');
</script>
<iframe src="http://localhost:8000/security/resources/iframe-for-synchronous-form.html"></ifame>
</body>
</html>

chromium/third_party/blink/web_tests/http/tests/security/xss-DENIED-synchronous-form.html