chromium/src/third_party/blink/web_tests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe-expected.txt - manifest_repos/chromium_src - Git at Google

 The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a javascript: URL. This tests that the javascript: URL loaded iframe does not have access to the main frame using top.document.

 Pass: Cross frame access from a javascript: URL on a different domain was denied.

 --------
 Frame: '<!--framePath //<!--frame0-->-->'
 --------
 Inner iframe on a foreign domain.

 --------
 Frame: 'aFrame'
 --------
 Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame attempting to access the main frame. It should not have access to it.
	The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a javascript: URL. This tests that the javascript: URL loaded iframe does not have access to the main frame using top.document.

	Pass: Cross frame access from a javascript: URL on a different domain was denied.

	--------
	Frame: '<!--framePath //<!--frame0-->-->'
	--------
	Inner iframe on a foreign domain.

	--------
	Frame: 'aFrame'
	--------
	Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame attempting to access the main frame. It should not have access to it.