| A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. |
| |
| On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". |
| |
| |
| Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked. |
| PASS The inner IFrame passed. |
| PASS successfullyParsed is true |
| |
| TEST COMPLETE |
| |
| |
| -------- |
| Frame: '<!--framePath //<!--frame0-->-->' |
| -------- |
| Testing a cross-origin child with a policy of "*" nested in a same-origin parent. |
| |
| On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". |
| |
| |
| IFrame load event fired: the IFrame is cross-origin (or was blocked). |
| PASS The IFrame should have been blocked (or cross-origin). It was. |
| |
| |
| -------- |
| Frame: '<!--framePath //<!--frame0-->/<!--frame0-->-->' |
| -------- |
| This is an IFrame sending a Content Security Policy header containing "frame-ancestors *". |
