| <!DOCTYPE html> |
| <html> |
| <head> |
| <script src="/js-test-resources/js-test.js"></script> |
| </head> |
| <body> |
| <iframe id="cross-origin-frame" src="http://localhost:8000/resources/dummy.html"></iframe> |
| <script> |
| description("Cross-origin access through 'get' and 'set' in a property descriptor should throw a SecurityError."); |
| |
| window.jsTestIsAsync = true; |
| |
| var targetFrame = window['cross-origin-frame']; |
| shouldBeNonNull(targetFrame); |
| var targetWindow = targetFrame.contentWindow; |
| shouldBeNonNull(targetWindow); |
| |
| var pathnameDescriptor = Object.getOwnPropertyDescriptor(location, "pathname"); |
| shouldBeNonNull("pathnameDescriptor"); |
| shouldBe("typeof pathnameDescriptor.get", '"function"'); |
| shouldBe("typeof pathnameDescriptor.set", '"function"'); |
| |
| var devicePixelRatioDescriptor = Object.getOwnPropertyDescriptor(window, "devicePixelRatio"); |
| shouldBeNonNull("devicePixelRatio"); |
| shouldBe("typeof devicePixelRatioDescriptor.get", '"function"'); |
| shouldBe("typeof devicePixelRatioDescriptor.set", '"function"'); |
| |
| targetFrame.onload = function() { |
| shouldThrow("pathnameDescriptor.get.call(targetWindow.location)", '"SecurityError: Blocked a frame with origin \\"http://127.0.0.1:8000\\" from accessing a cross-origin frame."'); |
| shouldThrow("pathnameDescriptor.set.call(targetWindow.location, 1)", '"SecurityError: Blocked a frame with origin \\"http://127.0.0.1:8000\\" from accessing a cross-origin frame."'); |
| |
| shouldThrow("devicePixelRatioDescriptor.get.call(targetWindow)", '"SecurityError: Blocked a frame with origin \\"http://127.0.0.1:8000\\" from accessing a cross-origin frame."'); |
| shouldThrow("devicePixelRatioDescriptor.set.call(targetWindow, 1)", '"SecurityError: Blocked a frame with origin \\"http://127.0.0.1:8000\\" from accessing a cross-origin frame."'); |
| |
| finishJSTest(); |
| }; |
| </script> |
| </body> |
| </html> |