forked from web-platform-tests/wpt
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add tests to prevent a sandbox iframe from using history APIs
Spec change whatwg/html#4787 BUG=705583 Change-Id: I6fc5fee627156c10c771b63b609d1d25c6fd439c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1749444 Reviewed-by: Domenic Denicola <[email protected]> Commit-Queue: Domenic Denicola <[email protected]> Cr-Commit-Position: refs/heads/master@{#686032}
- Loading branch information
1 parent
53673e5
commit b520a7f
Showing
4 changed files
with
80 additions
and
0 deletions.
There are no files selected for viewing
16 changes: 16 additions & 0 deletions
16
...antics/embedded-content/the-iframe-element/iframe_sandbox_navigate_history_go_back-2.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <!doctype html> | ||
| <meta charset="utf-8"> | ||
| <title>Check that sandboxed iframe can navigate their self</title> | ||
| <script src="/resources/testharness.js"></script> | ||
| <script src="/resources/testharnessreport.js"></script> | ||
| <script> | ||
| var t = async_test(); | ||
| onmessage = t.step_func((e) => { | ||
| if (e.data == 'pushstatebackdone') t.done(); | ||
| }); | ||
|
|
||
| function doNavigation() { | ||
| frames[0].postMessage('pushstateback', '*'); | ||
| } | ||
| </script> | ||
| <iframe id="child_frame" sandbox="allow-scripts" src="support/iframe-tried-to-be-navigated-by-history.html" onload="doNavigation();"></iframe> |
18 changes: 18 additions & 0 deletions
18
...emantics/embedded-content/the-iframe-element/iframe_sandbox_navigate_history_go_back.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| <!doctype html> | ||
| <meta charset="utf-8"> | ||
| <title>Check that sandboxed iframe can not navigate their ancestors</title> | ||
| <script src="/resources/testharness.js"></script> | ||
| <script src="/resources/testharnessreport.js"></script> | ||
| <script> | ||
| var t = async_test(); | ||
| onpopstate = t.unreached_func('no pop state'); | ||
|
|
||
| function doNavigation() { | ||
| history.pushState( {state: "one past"}, 'page 2', ''); | ||
| frames[0].postMessage('back', '*'); | ||
| t.step_timeout(() => { | ||
| t.done(); | ||
| }, 1000); | ||
| } | ||
| </script> | ||
| <iframe id="child_frame" sandbox="allow-scripts" src="support/iframe-tried-to-be-navigated-by-history.html" onload="doNavigation();"></iframe> |
28 changes: 28 additions & 0 deletions
28
...ntics/embedded-content/the-iframe-element/iframe_sandbox_navigate_history_go_forward.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| <!doctype html> | ||
| <meta charset="utf-8"> | ||
| <title>Check that sandboxed iframe can not navigate their ancestors</title> | ||
| <script src="/resources/testharness.js"></script> | ||
| <script src="/resources/testharnessreport.js"></script> | ||
| <script> | ||
| var t = async_test(); | ||
| var pop_state_count = 0; | ||
| onpopstate = t.step_func((e) => { | ||
| pop_state_count++; | ||
| if (pop_state_count == 1) { | ||
| // Should not generate a pop state | ||
| frames[0].postMessage('forward', '*'); | ||
| t.step_timeout(() => { | ||
| t.done(); | ||
| }, 1000); | ||
| } else if (pop_state_count > 1) { | ||
| assert_unreached('no pop state'); | ||
| } | ||
| }); | ||
|
|
||
| function doNavigation() { | ||
| history.pushState( {state: "one past"}, 'page 2', ''); | ||
| // Should generate a pop state | ||
| history.back(); | ||
| } | ||
| </script> | ||
| <iframe id="child_frame" sandbox="allow-scripts" src="support/iframe-tried-to-be-navigated-by-history.html" onload="doNavigation();"></iframe> |
18 changes: 18 additions & 0 deletions
18
.../embedded-content/the-iframe-element/support/iframe-tried-to-be-navigated-by-history.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| <!DOCTYPE html> | ||
| <p>This is a frame that tries to navigate via history API.</p> | ||
| <script> | ||
| window.onmessage = (e) => { | ||
| if (e.data == 'back') { | ||
| history.back(); | ||
| } else if (e.data == 'forward') { | ||
| history.forward(); | ||
| } else if (e.data = 'pushstateback') { | ||
| onpopstate = (e) => { | ||
| parent.postMessage('pushstatebackdone', '*'); | ||
| }; | ||
|
|
||
| history.pushState({someState: 'blah'}, ''); | ||
| history.back(); | ||
| } | ||
| }; | ||
| </script> |