| <!doctype html> |
| <html> |
| <head> |
| <script> |
| if (location.search == "?setdomain") { |
| document.domain = document.domain; |
| } |
| |
| // Override the |frames| and |focus| property to test that such overrides are |
| // properly ignored cross-origin. |
| window.frames = "override"; |
| window.focus = "override"; |
| |
| // Also add a |then| property to test that it doesn't get exposed. |
| window.then = "something"; |
| window.location.then = "something-else"; |
| |
| // If we get a postMessage, we grab references to everything and set |
| // document.domain to trim off our topmost subdomain. |
| window.onmessage = function(evt) { |
| window.windowReferences = []; |
| window.locationReferences = []; |
| for (var i = 0; i < parent.length; ++i) { |
| windowReferences.push(parent[i]); |
| locationReferences.push(parent[i].location); |
| } |
| try { |
| document.domain = document.domain.substring(document.domain.indexOf('.') + 1); |
| evt.source.postMessage('PASS', '*'); |
| } catch (e) { |
| evt.source.postMessage('FAIL: cannot trim off document.domain: ' + e, '*'); |
| } |
| } |
| |
| function checkWindowReferences() { |
| for (var i = 0; i < parent.length; ++i) { |
| if (windowReferences[i] != parent[i]) |
| throw new Error("Window references don't match for " + i + " after document.domain"); |
| if (locationReferences[i] != parent[i].location) |
| throw new Error("Location references don't match for " + i + " after document.domain"); |
| } |
| return true; |
| } |
| </script> |
| </head> |
| <body> |
| <!-- Two subframes to give us some indexed properties --> |
| <iframe></iframe> |
| <iframe name=donotleakme></iframe><!-- "donotleakme" is excluded as cross-origin named property due to [[HideFromKeys]] --> |
| </body> |
| </html> |