2011-01-21 Yury Semikhatsky <yurys@chromium.org>
[WebKit-https.git] / LayoutTests / http / tests / security / cross-origin-script-window-onerror.html
1 <html>
2 <body>
3 <p>
4 Test that window.onerror won't reveal any potentially sensitive script content if the latter is loaded from a different domain. The test passes if you don't see any data from the linked resource. <a href="https://bugs.webkit.org/show_bug.cgi?id=52903">Bug 52903.</a>
5 </p>
6
7 </p>
8 <div id="result"></div>
9 <script>
10 if (window.layoutTestController) {
11   layoutTestController.waitUntilDone();
12   layoutTestController.dumpAsText();
13 }
14
15 window.onerror = function(message, url, line) {
16   document.getElementById("result").textContent = "window.onerror message: " + message + " at " + url + ": " + line;
17   if (window.layoutTestController)
18     layoutTestController.notifyDone();
19   return false;
20 }
21 </script>
22 <script src="http://localhost:8000/security/resources/cross-origin-script.txt">
23 </script>
24 </body>
25 </html>