chromium/src/third_party/blink/web_tests/external/wpt/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html - manifest_repos/chromium_src - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="support/frame-ancestors-test.sub.js"></script>
 </head>
 <body>
     <script>
         test = async_test("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");

         // Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.
         testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
     </script>
 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="support/frame-ancestors-test.sub.js"></script>
	</head>
	<body>
	<script>
	test = async_test("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");

	// Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.
	testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
	</script>
	</body>
	</html>