Loads an iframe (a) which loads an iframe (b) which in turns tries to load an external script. The iframe (a) has a content security policy disabling external scripts. As this policy does not apply to (b), the script should be executed. | |
-------- | |
Frame: '<!--framePath //<!--frame0-->-->' | |
-------- | |
-------- | |
Frame: '<!--framePath //<!--frame0-->/<!--frame0-->-->' | |
-------- | |
PASS |