content/test/data/frame-src-self-and-b.html - chromium/src.git - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
 <title>This page should only allow subframes from the same origin or b.com</title>
 </head>
 <body>
 This page should only allow subframes from the same origin or from b.com,
 because its CSP headers specify frame-src 'self' and 'b.com'.
 <iframe src="/cross-site/b.com/title2.html"></iframe>
 <iframe srcdoc="
   <html>
     <head>
       <title>subtitle1</title>
     </head>
     <body>
       <iframe src='/cross-site/b.com/title2.html'></iframe>
     </body>
   </html>"></iframe>
 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<title>This page should only allow subframes from the same origin or b.com</title>
	</head>
	<body>
	This page should only allow subframes from the same origin or from b.com,
	because its CSP headers specify frame-src 'self' and 'b.com'.
	<iframe src="/cross-site/b.com/title2.html"></iframe>
	<iframe srcdoc="
	<html>
	<head>
	<title>subtitle1</title>
	</head>
	<body>
	<iframe src='/cross-site/b.com/title2.html'></iframe>
	</body>
	</html>"></iframe>
	</body>
	</html>