chromium/src/third_party/blink/web_tests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html

<html>
<head>
    <script src="../resources/cross-frame-access.js"></script>
    <script>
        var openedWindow;

        window.onload = function()
        {
            if (window.testRunner) {
                testRunner.dumpAsText();
                testRunner.setCanOpenWindows();
                testRunner.waitUntilDone();
            }

            openedWindow = window.open("http://localhost:8000/security/javascriptURL/resources/foreign-domain-javascript-url-accessee-opened-frame.html");

            window.addEventListener('message', function ()
            {
                runTest();
                closeWindowAndNotifyDone(openedWindow);
            });
        }

        runTest = function()
        {
            try {
                openedWindow[0].document.getElementById('accessMe').innerHTML = "FAIL: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain allowed.";
                log("FAIL: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain allowed.");
                return;
            } catch (e) {
            }
            log("PASS: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain denied!");
        }
    </script>
</head>
<body>
    <pre id="console"></pre>
</body>
</html>