blob: caa95ea8d637ff0bccb74059a03678b1ebb8654d [file] [log] [blame]
CONSOLE ERROR: line 9: Uncaught SecurityError: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
This is a "sanity" test case to verify that a sandboxed frame cannot break out of its sandbox by modifying its own sandbox attribute. Two attempts are made:
First, an attempt is made to modify the sandbox attribute of the "self" object, referring to the frame's window. This should not have any effect (the attribute is associated with the iframe DOM node, not the window). No warning is expected.
Second, an attempt is made to modify the iframe DOM object's sandbox attribute. A warning message (about cross-site scripting) is expected, and the sandbox attribute should remain intact.
This test will print "PASS" on success.
PASS