Update frame-ancestor directive to match Content Security Policy Level 3
[WebKit-https.git] / LayoutTests / http / tests / security / contentSecurityPolicy / 1.1 / frame-ancestors / frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html
1 <!DOCTYPE html>
2 <html>
3 <head>
4 <script src="/js-test-resources/js-test.js"></script>
5 <script src="../../resources/frame-ancestors-test.js"></script>
6 </head>
7 <body>
8 <script>
9 description("A 'frame-ancestors' CSP directive with a URL value should compare against each frame's origin rather than URL, " +
10             "so a nested frame with a sandboxed parent frame should be blocked due to the parent having a unique origin.");
11
12 testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK, "allow-scripts");
13 </script>
14 </body>
15 </html>