Commit 8c5918e6 authored by abarth@webkit.org's avatar abarth@webkit.org
Browse files

https://bugs.webkit.org/show_bug.cgi?id=21288

Reviewed by Darin Adler.

Add sneaky test that has tabs.

* fast/frames/sandboxed-iframe-attribute-parsing-expected.txt: Added.
* fast/frames/sandboxed-iframe-attribute-parsing.html: Added.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@51579 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 18d381ea
2009-12-01 Adam Barth <abarth@webkit.org>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=21288
Add sneaky test that has tabs.
* fast/frames/sandboxed-iframe-attribute-parsing-expected.txt: Added.
* fast/frames/sandboxed-iframe-attribute-parsing.html: Added.
2009-12-01 Patrik Persson <patrik.j.persson@ericsson.com>
 
Reviewed by Darin Adler.
This test case verifies the parsing of the iframe sandbox attribute. Two sets of iframes are used: one where scripting is allowed, and another one where it is disallowed. The test verifies that the allowed frames execute scripts (but other sandboxed properties still apply -- specifically, forms are disabled), and the disallowed ones do not. If successful the test prints "PASS".
PASS
<html>
<head>
<script>
if (window.layoutTestController)
window.layoutTestController.dumpAsText();
var failed = false;
var frames = 0; /* number of allowed frames that called back */
function fail(message)
{
setStatus("FAIL: " + message);
failed = true;
}
function setStatus(status)
{
document.getElementById("testStatus").innerHTML = status;
}
function allowedCallFromSandbox()
{
++frames;
}
function disallowedCallFromSandbox()
{
fail("disallowed script executed");
}
function disallowedFormSubmitted()
{
fail("sandboxing failed: form submitted in sandboxed frame");
}
window.onload = function()
{
if (frames == 5 && !failed)
setStatus("PASS");
else if (!failed)
fail("scripting disabled in one or more frames where it should be enabled");
}
</script>
</head>
<body>
<p>This test case verifies the parsing of the iframe sandbox attribute. Two sets of iframes
are used: one where scripting is allowed, and another one where it is disallowed. The test
verifies that the allowed frames execute scripts (but other sandboxed properties still
apply -- specifically, forms are disabled), and the disallowed ones do not. If successful
the test prints &quot;PASS&quot;.</p>
<!-- iframes where script execution is allowed, but origin is not shared -->
<!-- plain, proper attribute value -->
<iframe sandbox="allow-scripts"
name="f1"
src="resources/sandboxed-iframe-attribute-parsing-allowed.html">
</iframe>
<!-- line feed characters before and after attribute value -->
<iframe sandbox="
allow-scripts
"
name="f2"
src="resources/sandboxed-iframe-attribute-parsing-allowed.html">
</iframe>
<!-- ridiculously long, invalid text (well, for these purposes at least)
with non-ASCII characters surrounding attribute value -->
<iframe sandbox="
För var vers, jag gör,
Lovar du en kyss mig giva;
Arket fullt jag borde skriva,
Mindre har jag skrivit för.
Men man måste hålla måtta,
Jag med vers, med kyssar du.
Låt mig räkna: Där är sju!
En därtill det gör mig åtta.
Numro åtta är fatal,
Greklands sångmör voro nio,
Och en svensk därtill gör tio. —
Elva var apostelns tal,
Ty jag räknar icke Judas,
Honom, som i vänners lag
Kysste falskt; det gör ej jag,
Helst när vackra läppar bjudas.
Huru står min räkning här?
Aderton; det är dock något.
Nitton — rimmet gör besvär,
Därföre jag fyller tjoget.
Strofen är ej full som jag,
In i hamnen vill jag styra,
Därföre till godo tag
Denna gång med tjugofyra.
'Kyssarna' ('The kisses'), Esaias Tegnér, 1782-1846
allow-scripts
int main(void)
{
return 0;
}"
name="f3"
src="resources/sandboxed-iframe-attribute-parsing-allowed.html">
</iframe>
<!-- tab characters before and after attribute value -->
<iframe sandbox=" allow-scripts "
name="f4"
src="resources/sandboxed-iframe-attribute-parsing-allowed.html">
</iframe>
<!-- mixed case -->
<iframe sandbox="AlLoW-sCrIpTs"
name="f5"
src="resources/sandboxed-iframe-attribute-parsing-allowed.html">
</iframe>
<!-- iframes where script execution is disallowed -->
<iframe sandbox="allowscripts"
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<iframe sandbox="allows-cripts"
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<iframe sandbox="-allow-scripts"
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<iframe sandbox="allow_scripts"
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<iframe sandbox="allowScripts"
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<iframe sandbox="aallow-scripts"
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<iframe sandbox="allow-scriptss"
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<iframe sandbox
src="resources/sandboxed-iframe-attribute-parsing-disallowed.html">
</iframe>
<p id='testStatus'>FAIL: Script didn't run</p>
</body>
</html>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment