git://git.webkit.org / WebKit-https.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Update frame-ancestor directive to match Content Security Policy Level 3
[WebKit-https.git] / LayoutTests / http / tests / security / contentSecurityPolicy / 1.1 / frame-ancestors / frame-ancestors-nested-cross-in-sandboxed-cross-url-block-expected.txt
1 CONSOLE MESSAGE: Refused to load http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://127.0.0.1:8000%20http://localhost:8080 because it does not appear in the frame-ancestors directive of the Content Security Policy.
2 A 'frame-ancestors' CSP directive with a URL value should compare against each frame's origin rather than URL, so a nested frame with a sandboxed parent frame should be blocked due to the parent having a unique origin.
3
4 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
5
6
7 PASS successfullyParsed is true
8
9 TEST COMPLETE
10
11
12 --------
13 Frame: '<!--framePath //<!--frame0-->-->'
14 --------
15 Testing a cross-origin child with a policy of "http://127.0.0.1:8000 http://localhost:8080" nested in a cross-origin parent.
16
17
18
19 --------
20 Frame: '<!--framePath //<!--frame0-->/<!--frame0-->-->'
21 --------
22
Mirror of the WebKit open source project from svn.webkit.org.