<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[205136] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/205136">205136</a></dd>
<dt>Author</dt> <dd>cdumez@apple.com</dd>
<dt>Date</dt> <dd>2016-08-29 12:37:01 -0700 (Mon, 29 Aug 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>We should throw a SecurityError when denying access to cross-origin Window properties
https://bugs.webkit.org/show_bug.cgi?id=161316
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaseline existing tests to reflect behavior change.
* web-platform-tests/domparsing/innerhtml-05-expected.txt:
* web-platform-tests/html/semantics/forms/form-submission-0/getactionurl-expected.txt:
Source/WebCore:
We should throw a SecurityError when denying access to cross-origin Window properties:
- https://html.spec.whatwg.org/#crossorigingetownpropertyhelper-(-o,-p-)
- https://html.spec.whatwg.org/#crossoriginproperties-(-o-)
Firefox and Chrome already throw.
No new tests, updated existing tests.
* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
LayoutTests:
Update / rebaselined existing tests to reflect behavior change.
* fast/frames/sandboxed-iframe-history-denied-expected.txt:
* fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt:
* fast/xmlhttprequest/xmlhttprequest-no-file-access.html:
* http/tests/dom/window-open-about-webkit-org-and-access-document-expected.txt:
* http/tests/dom/window-open-about-webkit-org-and-access-document.html:
* http/tests/history/cross-origin-replace-history-object-child-expected.txt:
* http/tests/history/cross-origin-replace-history-object-child.html:
* http/tests/plugins/cross-frame-object-access-expected.txt:
* http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt:
* http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt:
* http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt:
* http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header-expected.txt:
* http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html:
* http/tests/security/cross-frame-access-call-expected.txt:
* http/tests/security/cross-frame-access-call.html:
* http/tests/security/cross-frame-access-child-explicit-domain-expected.txt:
* http/tests/security/cross-frame-access-custom-expected.txt:
* http/tests/security/cross-frame-access-first-time-expected.txt:
* http/tests/security/cross-frame-access-first-time.html:
* http/tests/security/cross-frame-access-get-custom-property-cached-expected.txt:
* http/tests/security/cross-frame-access-get-custom-property-cached.html:
* http/tests/security/cross-frame-access-get-expected.txt:
* http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt:
* http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html:
* http/tests/security/cross-frame-access-history-get-expected.txt:
* http/tests/security/cross-frame-access-history-get-override-expected.txt:
* http/tests/security/cross-frame-access-history-prototype-expected.txt:
* http/tests/security/cross-frame-access-name-getter-expected.txt:
* http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt:
* http/tests/security/cross-frame-access-object-getPrototypeOf.html:
* http/tests/security/cross-frame-access-object-prototype-expected.txt:
* http/tests/security/cross-frame-access-object-prototype.html:
* http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt:
* http/tests/security/cross-frame-access-port-expected.txt:
* http/tests/security/cross-frame-access-protocol-expected.txt:
* http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt:
* http/tests/security/cross-frame-access-selection-expected.txt:
* http/tests/security/cross-frame-access-selection.html:
* http/tests/security/cross-origin-reified-window-property-access-expected.txt:
* http/tests/security/cross-origin-window-property-access-expected.txt:
* http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-iframe.html:
* http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-opened-frame.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-subframe-expected.txt:
* http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open-expected.txt:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level-expected.txt:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-expected.txt:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame.html:
* http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url-expected.txt:
* http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url.html:
* http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt:
* http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level.html:
* http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-uppercase-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt:
* http/tests/security/dataURL/xss-DENIED-to-data-url-window-open.html:
* http/tests/security/document-all-expected.txt:
* http/tests/security/document-all.html:
* http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html:
* http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html:
* http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe-expected.txt:
* http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-window-open-expected.txt:
* http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-expected.txt:
* http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html:
* http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open-expected.txt:
* http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html:
* http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html:
* http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html:
* http/tests/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html:
* http/tests/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html:
* http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html:
* http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html:
* http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt:
* http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt:
* http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt:
* http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt:
* http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt:
* http/tests/security/listener/xss-window-onclick-shortcut-expected.txt:
* http/tests/security/resources/cross-frame-access.js:
(test):
(cannotAccessFrame):
* http/tests/security/resources/cross-frame-history-prototype-iframe.html:
* http/tests/security/resources/iframe-for-synchronous-form.html:
* http/tests/security/resources/sandboxed-iframe-origin-add-step1.html:
* http/tests/security/resources/sandboxed-iframe-origin-remove-step2.html:
* http/tests/security/sandboxed-iframe-modify-self-expected.txt:
* http/tests/security/sandboxed-iframe-origin-add-expected.txt:
* http/tests/security/sandboxed-iframe-origin-remove-expected.txt:
* http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt:
* http/tests/security/xss-DENIED-defineProperty-expected.txt:
* http/tests/security/xss-DENIED-frame-name-expected.txt:
* http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto-expected.txt:
* http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto.html:
* http/tests/security/xss-DENIED-invalid-domain-change-expected.txt:
* http/tests/security/xss-DENIED-invalid-domain-change.html:
* http/tests/security/xss-DENIED-method-with-iframe-proto-expected.txt:
* http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt:
* http/tests/security/xss-DENIED-synchronous-form-expected.txt:
* http/tests/security/xss-DENIED-window-name-navigator-expected.txt:
* http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt:
* http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml:
* http/tests/security/xss-eval-expected.txt:
* http/tests/security/xss-eval.html:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkLayoutTestsfastframessandboxediframehistorydeniedexpectedtxt">trunk/LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt</a></li>
<li><a href="#trunkLayoutTestsfastxmlhttprequestxmlhttprequestnofileaccessexpectedtxt">trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt</a></li>
<li><a href="#trunkLayoutTestsfastxmlhttprequestxmlhttprequestnofileaccesshtml">trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access.html</a></li>
<li><a href="#trunkLayoutTestshttptestsdomwindowopenaboutwebkitorgandaccessdocumentexpectedtxt">trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsdomwindowopenaboutwebkitorgandaccessdocumenthtml">trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document.html</a></li>
<li><a href="#trunkLayoutTestshttptestshistorycrossoriginreplacehistoryobjectchildexpectedtxt">trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestshistorycrossoriginreplacehistoryobjectchildhtml">trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child.html</a></li>
<li><a href="#trunkLayoutTestshttptestspluginscrossframeobjectaccessexpectedtxt">trunk/LayoutTests/http/tests/plugins/cross-frame-object-access-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityaboutBlankxssDENIEDnavigateopenerdocumentwriteexpectedtxt">trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityaboutBlankxssDENIEDnavigateopenerjavascripturlexpectedtxt">trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityaboutBlankxssDENIEDsetopenerexpectedtxt">trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicysandboxallowscriptsinhttpheaderexpectedtxt">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycontentSecurityPolicysandboxallowscriptsinhttpheaderhtml">trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccesscallexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-call-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccesscallhtml">trunk/LayoutTests/http/tests/security/cross-frame-access-call.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccesschildexplicitdomainexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccesscustomexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-custom-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessfirsttimeexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-first-time-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessfirsttimehtml">trunk/LayoutTests/http/tests/security/cross-frame-access-first-time.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessgetcustompropertycachedexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessgetcustompropertycachedhtml">trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessgetexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-get-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessgetOwnPropertyDescriptorexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessgetOwnPropertyDescriptorhtml">trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccesshistorygetexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccesshistorygetoverrideexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-override-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccesshistoryprototypeexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-history-prototype-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessnamegetterexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-name-getter-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessobjectgetPrototypeOfexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessobjectgetPrototypeOfhtml">trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessobjectprototypeexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessobjectprototypehtml">trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessparentexplicitdomainexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessportexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-port-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessprotocolexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessprotocolexplicitdomainexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessselectionexpectedtxt">trunk/LayoutTests/http/tests/security/cross-frame-access-selection-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossframeaccessselectionhtml">trunk/LayoutTests/http/tests/security/cross-frame-access-selection.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossoriginreifiedwindowpropertyaccessexpectedtxt">trunk/LayoutTests/http/tests/security/cross-origin-reified-window-property-access-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritycrossoriginwindowpropertyaccessexpectedtxt">trunk/LayoutTests/http/tests/security/cross-origin-window-property-access-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLresourcesforeigndomaindataurlaccessoriframehtml">trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-iframe.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLresourcesforeigndomaindataurlaccessoropenedframehtml">trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-opened-frame.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlinforeigndomainsubframeexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-subframe-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlinforeigndomainwindowopenexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframe2levelexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframe2levelhtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframeexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframetodataurlsubframeexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframetodataurlsubframehtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframehtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurltodataurlexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurltodataurlhtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromjavascripturlwindowopenexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromjavascripturlwindowopenhtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlfromdataurlexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlfromdataurlhtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframeexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframelocationchangeexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframelocationchangehtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframehtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainwindowopenexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainwindowopenhtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframe2levelexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframe2levelhtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframeexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframeuppercaseexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-uppercase-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlwindowopenexpectedtxt">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlwindowopenhtml">trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydocumentallexpectedtxt">trunk/LayoutTests/http/tests/security/document-all-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritydocumentallhtml">trunk/LayoutTests/http/tests/security/document-all.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLresourcesforeigndomainjavascripturlaccessoriframehtml">trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLresourcesforeigndomainjavascripturlaccessoropenedframehtml">trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDfromjavascripturlinforeigndomainsubframeexpectedtxt">trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDfromjavascripturlinforeigndomainwindowopenexpectedtxt">trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-window-open-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainsubframeexpectedtxt">trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainsubframehtml">trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainwindowopenexpectedtxt">trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainwindowopenhtml">trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerresourcestargetChildJSTargetNodeonclickaddEventListenerhtml">trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerresourcestargetChildJSTargetNodeonclickshortcuthtml">trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerresourcestargetChildXMLHttpRequestaddEventListenerhtml">trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerresourcestargetChildXMLHttpRequestshortcuthtml">trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerresourcestargetChildwindowonclickaddEventListenerhtml">trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerresourcestargetChildwindowonclickshortcuthtml">trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerxssJSTargetNodeonclickaddEventListenerexpectedtxt">trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerxssJSTargetNodeonclickshortcutexpectedtxt">trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerxssXMLHttpRequestaddEventListenerexpectedtxt">trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerxssXMLHttpRequestshortcutexpectedtxt">trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerxsswindowonclickaddEventListenerexpectedtxt">trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritylistenerxsswindowonclickshortcutexpectedtxt">trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-shortcut-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityresourcescrossframeaccessjs">trunk/LayoutTests/http/tests/security/resources/cross-frame-access.js</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityresourcescrossframehistoryprototypeiframehtml">trunk/LayoutTests/http/tests/security/resources/cross-frame-history-prototype-iframe.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityresourcesiframeforsynchronousformhtml">trunk/LayoutTests/http/tests/security/resources/iframe-for-synchronous-form.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityresourcessandboxediframeoriginaddstep1html">trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-add-step1.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityresourcessandboxediframeoriginremovestep2html">trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-remove-step2.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritysandboxediframemodifyselfexpectedtxt">trunk/LayoutTests/http/tests/security/sandboxed-iframe-modify-self-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritysandboxediframeoriginaddexpectedtxt">trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-add-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritysandboxediframeoriginremoveexpectedtxt">trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-remove-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecuritysrcdocinsandboxcannotaccessparentexpectedtxt">trunk/LayoutTests/http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDdefinePropertyexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-defineProperty-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDframenameexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-frame-name-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDhtmlelelmentwithiframeprotoexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDhtmlelelmentwithiframeprotohtml">trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDinvaliddomainchangeexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDinvaliddomainchangehtml">trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDmethodwithiframeprotoexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-method-with-iframe-proto-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDsandboxediframeexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDsynchronousformexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-synchronous-form-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDwindownamenavigatorexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDxsldocumentsecurityOriginexpectedtxt">trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssDENIEDxsldocumentsecurityOriginxml">trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssevalexpectedtxt">trunk/LayoutTests/http/tests/security/xss-eval-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityxssevalhtml">trunk/LayoutTests/http/tests/security/xss-eval.html</a></li>
<li><a href="#trunkLayoutTestsimportedw3cChangeLog">trunk/LayoutTests/imported/w3c/ChangeLog</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestsdomparsinginnerhtml05expectedtxt">trunk/LayoutTests/imported/w3c/web-platform-tests/domparsing/innerhtml-05-expected.txt</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestshtmlsemanticsformsformsubmission0getactionurlexpectedtxt">trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/forms/form-submission-0/getactionurl-expected.txt</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorebindingsjsJSDOMWindowCustomcpp">trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/ChangeLog 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,128 @@
</span><ins>+2016-08-29 Chris Dumez <cdumez@apple.com>
+
+ We should throw a SecurityError when denying access to cross-origin Window properties
+ https://bugs.webkit.org/show_bug.cgi?id=161316
+
+ Reviewed by Darin Adler.
+
+ Update / rebaselined existing tests to reflect behavior change.
+
+ * fast/frames/sandboxed-iframe-history-denied-expected.txt:
+ * fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt:
+ * fast/xmlhttprequest/xmlhttprequest-no-file-access.html:
+ * http/tests/dom/window-open-about-webkit-org-and-access-document-expected.txt:
+ * http/tests/dom/window-open-about-webkit-org-and-access-document.html:
+ * http/tests/history/cross-origin-replace-history-object-child-expected.txt:
+ * http/tests/history/cross-origin-replace-history-object-child.html:
+ * http/tests/plugins/cross-frame-object-access-expected.txt:
+ * http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt:
+ * http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt:
+ * http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt:
+ * http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header-expected.txt:
+ * http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html:
+ * http/tests/security/cross-frame-access-call-expected.txt:
+ * http/tests/security/cross-frame-access-call.html:
+ * http/tests/security/cross-frame-access-child-explicit-domain-expected.txt:
+ * http/tests/security/cross-frame-access-custom-expected.txt:
+ * http/tests/security/cross-frame-access-first-time-expected.txt:
+ * http/tests/security/cross-frame-access-first-time.html:
+ * http/tests/security/cross-frame-access-get-custom-property-cached-expected.txt:
+ * http/tests/security/cross-frame-access-get-custom-property-cached.html:
+ * http/tests/security/cross-frame-access-get-expected.txt:
+ * http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt:
+ * http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html:
+ * http/tests/security/cross-frame-access-history-get-expected.txt:
+ * http/tests/security/cross-frame-access-history-get-override-expected.txt:
+ * http/tests/security/cross-frame-access-history-prototype-expected.txt:
+ * http/tests/security/cross-frame-access-name-getter-expected.txt:
+ * http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt:
+ * http/tests/security/cross-frame-access-object-getPrototypeOf.html:
+ * http/tests/security/cross-frame-access-object-prototype-expected.txt:
+ * http/tests/security/cross-frame-access-object-prototype.html:
+ * http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt:
+ * http/tests/security/cross-frame-access-port-expected.txt:
+ * http/tests/security/cross-frame-access-protocol-expected.txt:
+ * http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt:
+ * http/tests/security/cross-frame-access-selection-expected.txt:
+ * http/tests/security/cross-frame-access-selection.html:
+ * http/tests/security/cross-origin-reified-window-property-access-expected.txt:
+ * http/tests/security/cross-origin-window-property-access-expected.txt:
+ * http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-iframe.html:
+ * http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-opened-frame.html:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-subframe-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level.html:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame.html:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame.html:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url.html:
+ * http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open.html:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url.html:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change.html:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe.html:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open.html:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level.html:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-uppercase-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt:
+ * http/tests/security/dataURL/xss-DENIED-to-data-url-window-open.html:
+ * http/tests/security/document-all-expected.txt:
+ * http/tests/security/document-all.html:
+ * http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html:
+ * http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html:
+ * http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe-expected.txt:
+ * http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-window-open-expected.txt:
+ * http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-expected.txt:
+ * http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html:
+ * http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open-expected.txt:
+ * http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html:
+ * http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html:
+ * http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html:
+ * http/tests/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html:
+ * http/tests/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html:
+ * http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html:
+ * http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html:
+ * http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt:
+ * http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt:
+ * http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt:
+ * http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt:
+ * http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt:
+ * http/tests/security/listener/xss-window-onclick-shortcut-expected.txt:
+ * http/tests/security/resources/cross-frame-access.js:
+ (test):
+ (cannotAccessFrame):
+ * http/tests/security/resources/cross-frame-history-prototype-iframe.html:
+ * http/tests/security/resources/iframe-for-synchronous-form.html:
+ * http/tests/security/resources/sandboxed-iframe-origin-add-step1.html:
+ * http/tests/security/resources/sandboxed-iframe-origin-remove-step2.html:
+ * http/tests/security/sandboxed-iframe-modify-self-expected.txt:
+ * http/tests/security/sandboxed-iframe-origin-add-expected.txt:
+ * http/tests/security/sandboxed-iframe-origin-remove-expected.txt:
+ * http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt:
+ * http/tests/security/xss-DENIED-defineProperty-expected.txt:
+ * http/tests/security/xss-DENIED-frame-name-expected.txt:
+ * http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto-expected.txt:
+ * http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto.html:
+ * http/tests/security/xss-DENIED-invalid-domain-change-expected.txt:
+ * http/tests/security/xss-DENIED-invalid-domain-change.html:
+ * http/tests/security/xss-DENIED-method-with-iframe-proto-expected.txt:
+ * http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt:
+ * http/tests/security/xss-DENIED-synchronous-form-expected.txt:
+ * http/tests/security/xss-DENIED-window-name-navigator-expected.txt:
+ * http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt:
+ * http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml:
+ * http/tests/security/xss-eval-expected.txt:
+ * http/tests/security/xss-eval.html:
+
</ins><span class="cx"> 2016-08-29 Youenn Fablet <youenn@apple.com>
</span><span class="cx">
</span><span class="cx"> Image Loader should use FetchOptions::mode according its crossOrigin attribute
</span></span></pre></div>
<a id="trunkLayoutTestsfastframessandboxediframehistorydeniedexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Sandbox access violation: Blocked a frame at "null" from accessing a frame at "". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
-CONSOLE MESSAGE: line 1: TypeError: undefined is not an object (evaluating 'top.history.back')
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "null" from accessing a frame at "". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx"> ALERT: PASS
</span><span class="cx"> This test verifies that a sandboxed IFrame cannot navigate the top-level frame using the history API.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestsfastxmlhttprequestxmlhttprequestnofileaccessexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,20 @@
</span><span class="cx"> CONSOLE MESSAGE: line 23: XMLHttpRequest cannot load xmlhttprequest-no-file-access-expected.txt. Cross origin requests are only supported for HTTP.
</span><del>-CONSOLE MESSAGE: line 40: Blocked a frame with origin "null" from accessing a frame with origin "". Protocols, domains, and ports must match.
</del><span class="cx">
</span><span class="cx"> The child iframe cannot paste its textual results into this iframe because it is considered a different domain - that's the point of this test! Therefore, success is denoted by the child iframe calling notifyDone. The test will hang if something goes amiss with the access control checks.
</span><ins>+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+
+We're checking we can't read an arbitrary file when we set each file:// URI to have a unique domain.
+
+Checking that same-origin iframes work.
+Doing an XHR to an existing file.
+Exception: A network error occurred.
+Exception: Blocked a frame with origin "null" from accessing a frame with origin "file://". Protocols, domains, and ports must match.
+
+
+--------
+Frame: 'f'
+--------
+Successful write into iframe
</ins></span></pre></div>
<a id="trunkLayoutTestsfastxmlhttprequestxmlhttprequestnofileaccesshtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -4,6 +4,7 @@
</span><span class="cx"> if (window.testRunner) {
</span><span class="cx"> testRunner.dumpAsText();
</span><span class="cx"> testRunner.waitUntilDone();
</span><ins>+ testRunner.dumpChildFramesAsText();
</ins><span class="cx"> testRunner.setAllowUniversalAccessFromFileURLs(false);
</span><span class="cx"> testRunner.setAllowFileAccessFromFileURLs(false);
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestsdomwindowopenaboutwebkitorgandaccessdocumentexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,6 +1,5 @@
</span><del>-CONSOLE MESSAGE: line 34: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "about". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 29: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "about". Protocols must match.
</ins><span class="cx">
</span><del>-CONSOLE MESSAGE: line 526: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "about". Protocols must match.
</del><ins>+PASS newWindow.document threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "about". Protocols must match.
+.
</ins><span class="cx">
</span><del>-PASS newWindow.document is undefined.
-
</del></span></pre></div>
<a id="trunkLayoutTestshttptestsdomwindowopenaboutwebkitorgandaccessdocumenthtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/dom/window-open-about-webkit-org-and-access-document.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -13,7 +13,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> function checkNewWindowDocumentIsUndefined () {
</span><del>- shouldBeUndefined("newWindow.document");
</del><ins>+ shouldThrowErrorName("newWindow.document", "SecurityError");
</ins><span class="cx"> if (window.testRunner)
</span><span class="cx"> testRunner.notifyDone();
</span><span class="cx"> }
</span><span class="lines">@@ -26,6 +26,7 @@
</span><span class="cx"> if (window.testRunner)
</span><span class="cx"> testRunner.notifyDone();
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> setTimeout(checkNewWindowDocumentIsUndefined, 500);
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestshistorycrossoriginreplacehistoryobjectchildexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,7 +1,7 @@
</span><del>-CONSOLE MESSAGE: line 30: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 15: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> ALERT: Child window's history object before attempt to clear: undefined
</span><span class="cx"> ALERT: About to shadow child window's history object: [object History]
</span><span class="cx"> ALERT: PASS: Could not shadow child window's history object: [object History]
</span><del>-CONSOLE MESSAGE: line 18: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 15: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> ALERT: Child window's history object after attempt to clear: undefined
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestshistorycrossoriginreplacehistoryobjectchildhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/history/cross-origin-replace-history-object-child.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -7,6 +7,15 @@
</span><span class="cx"> testRunner.waitUntilDone();
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+function getSubframeHistory()
+{
+ try {
+ return window.frames[0].history;
+ } catch (e) {
+ console.log(e);
+ }
+}
+
</ins><span class="cx"> window.onmessage = function(evt)
</span><span class="cx"> {
</span><span class="cx"> if (evt.data != "done") {
</span><span class="lines">@@ -15,13 +24,13 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- alert("Child window's history object after attempt to clear: " + window.frames[0].history);
</del><ins>+ alert("Child window's history object after attempt to clear: " + getSubframeHistory());
</ins><span class="cx"> testRunner.notifyDone();
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> function setHistoryLength()
</span><span class="cx"> {
</span><del>- alert("Child window's history object before attempt to clear: " + window.frames[0].history);
</del><ins>+ alert("Child window's history object before attempt to clear: " + getSubframeHistory());
</ins><span class="cx"> window.frames[0].postMessage("setHistoryLength", "*");
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestspluginscrossframeobjectaccessexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/plugins/cross-frame-object-access-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/plugins/cross-frame-object-access-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/plugins/cross-frame-object-access-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,7 +1,5 @@
</span><span class="cx"> CONSOLE MESSAGE: line 22: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 22: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 62: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</del><span class="cx">
</span><span class="cx">
</span><span class="cx"> --------
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityaboutBlankxssDENIEDnavigateopenerdocumentwriteexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-document-write-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 1: TypeError: undefined is not an object (evaluating 'target.document.body')
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This page opens a window to "", injects malicious code, and then navigates its opener to the victim. The opened window then tries to scripts its opener after document.writeing a new document.
</span><span class="cx"> Code injected into window:
</span><span class="cx"> <script>document.write('<script>function write(target, message) { target.document.body.innerHTML = message; }setTimeout(function() {write(window.opener, \'FAIL: XSS was allowed.\');}, 100);setTimeout(function() {write(window.opener.top.frames[1], \'SUCCESS: Window remained in original SecurityOrigin.\');}, 200);setTimeout(function() { if (window.testRunner) testRunner.globalFlag = true; }, 300);<\/script>');</script>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityaboutBlankxssDENIEDnavigateopenerjavascripturlexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 1: TypeError: undefined is not an object (evaluating 'target.document.body')
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This page opens a window to "", injects malicious code, and then navigates its opener to the victim. The opened window then tries to scripts its opener after reloading itself as a javascript URL.
</span><span class="cx"> Code injected into window:
</span><span class="cx"> <script>window.location = 'javascript:\'<script>function write(target, message) { target.document.body.innerHTML = message; }setTimeout(function() {write(window.opener, \\\'FAIL: XSS was allowed.\\\');}, 100);setTimeout(function() {write(window.opener.top.frames[1], \\\'SUCCESS: Window remained in original SecurityOrigin.\\\');}, 200);setTimeout(function() { if (window.testRunner) testRunner.globalFlag = true; }, 300);<\\\/script>\''</script>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityaboutBlankxssDENIEDsetopenerexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,6 +1,5 @@
</span><span class="cx"> CONSOLE MESSAGE: line 55: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 2: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 1: TypeError: undefined is not an object (evaluating 'target.document.body')
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This page opens a window to "", injects malicious code, and then uses window.open.call to set its opener to the victim. The opened window then tries to scripts its opener.
</span><span class="cx"> Code injected into window:
</span><span class="cx"> <script>function write(target, message) { target.document.body.innerHTML = message; }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicysandboxallowscriptsinhttpheaderexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><span class="cx"> ALERT: Script executed in iframe.
</span><del>-CONSOLE MESSAGE: line 9: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.
</del><ins>+CONSOLE MESSAGE: line 13: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx"> ALERT: PASS: Iframe was in a unique origin
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycontentSecurityPolicysandboxallowscriptsinhttpheaderhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/contentSecurityPolicy/sandbox-allow-scripts-in-http-header.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,7 +6,12 @@
</span><span class="cx">
</span><span class="cx"> window.onload = function() {
</span><span class="cx"> var frame = document.getElementsByTagName("iframe")[0];
</span><del>- var secret = frame.contentWindow.secret;
</del><ins>+ var secret;
+ try {
+ secret = frame.contentWindow.secret;
+ } catch (e) {
+ console.log(e);
+ }
</ins><span class="cx"> if (secret)
</span><span class="cx"> alert("FAIL: Iframe was not in a unique origin: " + secret);
</span><span class="cx"> else
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccesscallexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-call-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-call-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-call-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 10: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx">
</span><span class="cx"> Tests for calling methods of another frame using Function.call
</span><span class="cx">
</span><span class="lines">@@ -35,7 +34,7 @@
</span><span class="cx"> PASS window.showModalDialog.call(targetWindow); threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
</span><span class="cx"> PASS: window.eval.call(targetWindow, '1+2'); should be '3' and is.
</span><span class="cx"> PASS window.location.toString.call(targetWindow.location) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
</span><del>-PASS: targetWindow.history should be 'undefined' and is.
</del><ins>+PASS targetWindow.history threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
</ins><span class="cx"> PASS: successfullyParsed should be 'true' and is.
</span><span class="cx">
</span><span class="cx"> TEST COMPLETE
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccesscallhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-call.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-call.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-call.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -64,7 +64,7 @@
</span><span class="cx"> shouldThrowErrorName("window.location.toString.call(targetWindow.location)", "SecurityError");
</span><span class="cx">
</span><span class="cx"> // - Tests for the History object -
</span><del>- shouldBeUndefined("targetWindow.history");
</del><ins>+ shouldThrowErrorName("targetWindow.history", "SecurityError");
</ins><span class="cx">
</span><span class="cx"> // Work around DRT bug that causes subsequent tests to fail.
</span><span class="cx"> window.stop();
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccesschildexplicitdomainexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 172: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://127.0.0.1:8000". The frame being accessed set "document.domain" to "127.0.0.1", but the frame requesting access did not. Both must set "document.domain" to the same value to allow access.
</del><ins>+CONSOLE MESSAGE: line 194: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://127.0.0.1:8000". The frame being accessed set "document.domain" to "127.0.0.1", but the frame requesting access did not. Both must set "document.domain" to the same value to allow access.
</ins><span class="cx">
</span><span class="cx"> PASS: Cross frame access to frame explicitly setting document.domain was denied.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccesscustomexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-custom-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-custom-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-custom-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,27 +1,24 @@
</span><del>-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 83: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 84: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 86: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 83: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 84: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 86: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 83: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 84: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 86: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 83: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 84: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 86: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 83: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 84: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 86: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 83: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 84: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 86: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 83: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 84: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 111: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 111: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 111: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 114: TypeError: No default value
</del><ins>+CONSOLE MESSAGE: line 86: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 114: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx"> ----- tests for getting/setting interesting properties -----
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessfirsttimeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-first-time-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-first-time-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-first-time-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,7 +1,7 @@
</span><del>-CONSOLE MESSAGE: line 28: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx"> This test checks cross-frame access security for first-time access to the document (rdar://problem/5251309).
</span><span class="cx">
</span><span class="cx">
</span><ins>+PASS: Exception thrown trying to get cross-domain document: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> canGet(frames[0], 'document'): false
</span><span class="cx"> canGet(frames[0].document, 'cookie'): false
</span><span class="cx"> canGet(frames[0].document, 'body'): false
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessfirsttimehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-first-time.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-first-time.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-first-time.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -27,7 +27,7 @@
</span><span class="cx"> try {
</span><span class="cx"> doc = frames[0].document;
</span><span class="cx"> } catch (e) {
</span><del>- log("Exception thrown trying to get cross-domain document: " + e);
</del><ins>+ log("PASS: Exception thrown trying to get cross-domain document: " + e);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> log("canGet(frames[0], 'document'): " + (doc !== undefined));
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessgetcustompropertycachedexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,10 +1,10 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx"> This test checks that caching of property accesses doesn't allow for illegal cross-frame access of a custom property. It also checks for an assertion failure that once occurred in this situation.
</span><span class="cx">
</span><span class="cx">
</span><del>-PASS: getCustomProperty(targetWindow) should be 'undefined' and is.
-PASS: getCustomProperty(targetWindow) should be 'undefined' and is.
-PASS: getCustomProperty(targetWindow) should be 'undefined' and is.
</del><ins>+PASS getCustomProperty(targetWindow) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS getCustomProperty(targetWindow) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS getCustomProperty(targetWindow) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS: successfullyParsed should be 'true' and is.
</ins><span class="cx">
</span><ins>+TEST COMPLETE
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessgetcustompropertycachedhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-get-custom-property-cached.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,15 +1,13 @@
</span><span class="cx"> <html>
</span><span class="cx"> <head>
</span><ins>+ <script src="/js-test-resources/js-test-pre.js"></script>
</ins><span class="cx"> <script src="resources/cross-frame-access.js"></script>
</span><span class="cx"> <script>
</span><ins>+ jsTestIsAsync = true;
+
</ins><span class="cx"> window.onload = function()
</span><span class="cx"> {
</span><span class="cx"> if (window.testRunner) {
</span><del>- testRunner.dumpAsText();
- testRunner.waitUntilDone();
- }
-
- if (window.testRunner) {
</del><span class="cx"> setTimeout(pollForTest, 1);
</span><span class="cx"> } else {
</span><span class="cx"> log("To run the test, click the button below when the opened window finishes loading.");
</span><span class="lines">@@ -27,7 +25,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx"> runTest();
</span><del>- testRunner.notifyDone();
</del><ins>+ finishJSTest();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> function getCustomProperty(o)
</span><span class="lines">@@ -39,9 +37,9 @@
</span><span class="cx"> {
</span><span class="cx"> window.targetWindow = frames[0];
</span><span class="cx">
</span><del>- shouldBeUndefined("getCustomProperty(targetWindow)");
- shouldBeUndefined("getCustomProperty(targetWindow)");
- shouldBeUndefined("getCustomProperty(targetWindow)");
</del><ins>+ shouldThrowErrorName("getCustomProperty(targetWindow)", "SecurityError");
+ shouldThrowErrorName("getCustomProperty(targetWindow)", "SecurityError");
+ shouldThrowErrorName("getCustomProperty(targetWindow)", "SecurityError");
</ins><span class="cx"> }
</span><span class="cx"> </script>
</span><span class="cx"> </head>
</span><span class="lines">@@ -49,5 +47,6 @@
</span><span class="cx"> <p>This test checks that caching of property accesses doesn't allow for illegal cross-frame access of a custom property. It also checks for an assertion failure that once occurred in this situation.</p>
</span><span class="cx"> <iframe src="http://localhost:8000/security/resources/cross-frame-access-get-custom-property-cached-iframe.html" style=""></iframe>
</span><span class="cx"> <pre id="console"></pre>
</span><ins>+<script src="/js-test-resources/js-test-post.js"></script>
</ins><span class="cx"> </body>
</span><span class="cx"> </html>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessgetexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-get-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-get-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-get-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,193 +1,193 @@
</span><del>-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This test checks cross-frame access security (rdar://problem/5251309).
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessgetOwnPropertyDescriptorexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,189 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 65: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx"> CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="lines">@@ -196,14 +10,193 @@
</span><span class="cx"> CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 224: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 70: TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(target, property)')
-CONSOLE MESSAGE: line 70: TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(target, property)')
-CONSOLE MESSAGE: line 70: TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(target, property)')
-CONSOLE MESSAGE: line 70: TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(target, property)')
-CONSOLE MESSAGE: line 70: TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(target, property)')
-CONSOLE MESSAGE: line 70: TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(target, property)')
-CONSOLE MESSAGE: line 70: TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(target, property)')
</del><ins>+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 70: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 271: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This test checks cross-frame access security of getOwnPropertyDescriptor (https://bugs.webkit.org/show_bug.cgi?id=32119).
</span><span class="cx">
</span><span class="cx">
</span><span class="lines">@@ -421,11 +414,5 @@
</span><span class="cx"> PASS: canGetDescriptor(targetLocation, 'reload') should be 'false' and is.
</span><span class="cx"> PASS: canGetDescriptor(targetLocation, 'replace') should be 'true' and is.
</span><span class="cx"> ----- tests access to cross domain history object -----
</span><del>-PASS: canGetDescriptor(targetHistory, 'length') should be 'false' and is.
-PASS: canGetDescriptor(targetHistory, 'pushState') should be 'false' and is.
-PASS: canGetDescriptor(targetHistory, 'replaceState') should be 'false' and is.
-PASS: canGetDescriptor(targetHistory, 'customProperty') should be 'false' and is.
-PASS: canGetDescriptor(targetHistory, 'back') should be 'false' and is.
-PASS: canGetDescriptor(targetHistory, 'forward') should be 'false' and is.
-PASS: canGetDescriptor(targetHistory, 'go') should be 'false' and is.
</del><ins>+PASS: Could not access targetWindow.history
</ins><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessgetOwnPropertyDescriptorhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -264,12 +264,13 @@
</span><span class="cx"> shouldBeTrue("canGetDescriptor(targetLocation, '" + locationPropertiesAllowed[i] + "')");
</span><span class="cx">
</span><span class="cx"> log("----- tests access to cross domain history object -----");
</span><del>- window.targetHistory = targetWindow.history;
- var historyPropertiesNotAllowed = [
- "length", "pushState", "replaceState", "customProperty", "back", "forward", "go"
- ];
- for (var i = 0; i < historyPropertiesNotAllowed.length; i++)
- shouldBeFalse("canGetDescriptor(targetHistory, '" + historyPropertiesNotAllowed[i] + "')");
</del><ins>+ try {
+ window.targetHistory = targetWindow.history;
+ log("FAIL: Could access targetWindow.history");
+ } catch (e) {
+ console.log(e);
+ log("PASS: Could not access targetWindow.history");
+ }
</ins><span class="cx"> }
</span><span class="cx"> </script>
</span><span class="cx"> </head>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccesshistorygetexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,23 +1,14 @@
</span><del>-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.length')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.back')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.forward')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.go')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.toString')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.existingCustomProperty')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.__proto__')
-CONSOLE MESSAGE: line 94: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 97: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.existingCustomFunction')
-CONSOLE MESSAGE: line 94: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 97: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.prototypeCustomFunction')
</del><ins>+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 97: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 97: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx"> ----- tests for getting window.history and its properties -----
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccesshistorygetoverrideexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-override-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-override-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-history-get-override-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,9 +1,6 @@
</span><del>-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.back')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.forward')
-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 57: TypeError: undefined is not an object (evaluating 'window.targetWindow.history.go')
</del><ins>+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx">
</span><span class="cx"> ----- tests for getting a targetWindow's history object's functions which have custom overrides. The desired behavior is for the targetWindow to return the builtin function, not the override -----
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccesshistoryprototypeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-history-prototype-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-history-prototype-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-history-prototype-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 2: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 5: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> PASS: History object prototype not tainted.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessnamegetterexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-name-getter-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-name-getter-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-name-getter-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 55: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 57: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx"> ----- tests for getting properties by name -----
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessobjectgetPrototypeOfexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,7 +1,9 @@
</span><span class="cx"> CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 10: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx"> This tests that you can't get the prototype of the window or history objects cross-origin using Object.getPrototypeOf().
</span><span class="cx">
</span><span class="cx"> PASS: Object.getPrototypeOf(targetWindow) should be 'undefined' and is.
</span><del>-PASS: targetWindow.history should be 'undefined' and is.
</del><ins>+PASS targetWindow.history threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS: successfullyParsed should be 'true' and is.
</ins><span class="cx">
</span><ins>+TEST COMPLETE
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessobjectgetPrototypeOfhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,11 +1,9 @@
</span><span class="cx"> <html>
</span><span class="cx"> <head>
</span><ins>+ <script src="/js-test-resources/js-test-pre.js"></script>
</ins><span class="cx"> <script src="resources/cross-frame-access.js"></script>
</span><span class="cx"> <script>
</span><del>- if (window.testRunner) {
- testRunner.dumpAsText();
- testRunner.waitUntilDone();
- }
</del><ins>+ jsTestIsAsync = true;
</ins><span class="cx">
</span><span class="cx"> // Set up listener for message from iframe
</span><span class="cx"> addEventListener('message', function(event) {
</span><span class="lines">@@ -19,10 +17,9 @@
</span><span class="cx"> targetWindow = document.getElementById("target").contentWindow;
</span><span class="cx">
</span><span class="cx"> shouldBeUndefined("Object.getPrototypeOf(targetWindow)");
</span><del>- shouldBeUndefined("targetWindow.history");
</del><ins>+ shouldThrowErrorName("targetWindow.history", "SecurityError");
</ins><span class="cx">
</span><del>- if (window.testRunner)
- testRunner.notifyDone();
</del><ins>+ finishJSTest();
</ins><span class="cx"> }
</span><span class="cx"> </script>
</span><span class="cx"> </head>
</span><span class="lines">@@ -30,5 +27,6 @@
</span><span class="cx"> <div>This tests that you can't get the prototype of the window or history objects cross-origin using Object.getPrototypeOf().</div>
</span><span class="cx"> <iframe id="target" src="http://localhost:8000/security/resources/cross-frame-iframe-for-object-getPrototypeOf-test.html"></iframe>
</span><span class="cx"> <pre id="console"></pre>
</span><ins>+ <script src="/js-test-resources/js-test-post.js"></script>
</ins><span class="cx"> </body>
</span><span class="cx"> </html>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessobjectprototypeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,15 +1,13 @@
</span><span class="cx"> CONSOLE MESSAGE: line 39: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 40: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 1: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx">
</span><span class="cx">
</span><span class="cx"> ----- test getting values cross-frame using Object.prototype -----
</span><span class="cx">
</span><del>-PASS: Object.prototype.__lookupGetter__.call(targetFrame, 'myGetter'); should be 'undefined' and is.
-PASS: Object.prototype.__lookupSetter__.call(targetFrame, 'mySetter'); should be 'undefined' and is.
-PASS: Object.prototype.propertyIsEnumerable.call(targetFrame, 'myProp'); should be 'false' and is.
</del><ins>+PASS Object.prototype.__lookupGetter__.call(targetFrame, 'myGetter'); threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.prototype.__lookupSetter__.call(targetFrame, 'mySetter'); threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.prototype.propertyIsEnumerable.call(targetFrame, 'myProp'); threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.prototype.hasOwnProperty.call(targetFrame, 'myProp'); threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx"> --------
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessobjectprototypehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-object-prototype.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,12 +1,12 @@
</span><span class="cx"> <html>
</span><span class="cx"> <head>
</span><ins>+ <script src="/js-test-resources/js-test-pre.js"></script>
</ins><span class="cx"> <script src="resources/cross-frame-access.js"></script>
</span><span class="cx"> <script>
</span><del>- if (window.testRunner) {
- testRunner.dumpAsText();
</del><ins>+ jsTestIsAsync = true;
+
+ if (window.testRunner)
</ins><span class="cx"> testRunner.dumpChildFramesAsText();
</span><del>- testRunner.waitUntilDone();
- }
</del><span class="cx">
</span><span class="cx"> onload = function()
</span><span class="cx"> {
</span><span class="lines">@@ -42,12 +42,11 @@
</span><span class="cx"> log("\n----- test getting values cross-frame using Object.prototype -----\n");
</span><span class="cx">
</span><span class="cx"> // Attempt to detect values set on the target frame.
</span><del>- try { shouldBe("Object.prototype.__lookupGetter__.call(targetFrame, 'myGetter');", "undefined"); } catch(e) { log(e); }
- try { shouldBe("Object.prototype.__lookupSetter__.call(targetFrame, 'mySetter');", "undefined"); } catch(e) { log(e); }
</del><ins>+ shouldThrowErrorName("Object.prototype.__lookupGetter__.call(targetFrame, 'myGetter');", "SecurityError");
+ shouldThrowErrorName("Object.prototype.__lookupSetter__.call(targetFrame, 'mySetter');", "SecurityError");
</ins><span class="cx">
</span><del>- try { shouldBe("Object.prototype.propertyIsEnumerable.call(targetFrame, 'myProp');", "false"); } catch(e) { log(e); }
- // FIXME: Unfortunatly, all cross-cross frame calls hasOwnProperty will return true so there is no way to test this right now.
- // try { shouldBe("Object.prototype.hasOwnProperty.call(targetFrame, 'myProp');", "false"); } catch(e) { log(e); }
</del><ins>+ shouldThrowErrorName("Object.prototype.propertyIsEnumerable.call(targetFrame, 'myProp');", "SecurityError");
+ shouldThrowErrorName("Object.prototype.hasOwnProperty.call(targetFrame, 'myProp');", "SecurityError");
</ins><span class="cx">
</span><span class="cx"> if (window.postMessage)
</span><span class="cx"> targetFrame.postMessage("settingValuesComplete", "*");
</span><span class="lines">@@ -59,5 +58,6 @@
</span><span class="cx"> <body>
</span><span class="cx"> <iframe name="target" src="http://localhost:8000/security/resources/cross-frame-iframe-for-object-prototype-test.html"></iframe>
</span><span class="cx"> <pre id="console"></pre>
</span><ins>+ <script src="/js-test-resources/js-test-post.js"></script>
</ins><span class="cx"> </body>
</span><span class="cx"> </html>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessparentexplicitdomainexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 172: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access set "document.domain" to "127.0.0.1", but the frame being accessed did not. Both must set "document.domain" to the same value to allow access.
</del><ins>+CONSOLE MESSAGE: line 194: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access set "document.domain" to "127.0.0.1", but the frame being accessed did not. Both must set "document.domain" to the same value to allow access.
</ins><span class="cx">
</span><span class="cx"> PASS: Cross frame access from frame explicitly setting document.domain was denied.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessportexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-port-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-port-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-port-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 172: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://127.0.0.1:8080". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 194: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://127.0.0.1:8080". Protocols, domains, and ports must match.
</ins><span class="cx">
</span><span class="cx"> PASS: Cross frame access to different port was denied!
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessprotocolexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 172: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "https://127.0.0.1:8443". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 194: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "https://127.0.0.1:8443". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match.
</ins><span class="cx">
</span><span class="cx">
</span><span class="cx"> PASS: Cross frame access to https from http was denied!
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessprotocolexplicitdomainexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 172: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "https://127.0.0.1:8443". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 194: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "https://127.0.0.1:8443". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> This test currently fails because we check the port and protocol even if document.domain is explicitly set (rdar://problem/5366437).
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessselectionexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-selection-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-selection-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-selection-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 36: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+PASS: Exception thrown trying to get cross-domain document: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> PASS: Cross-site access denied.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossframeaccessselectionhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-frame-access-selection.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-frame-access-selection.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-frame-access-selection.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -38,7 +38,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx"> } catch (e) {
</span><del>- log("Exception thrown trying to get cross-domain document: " + e);
</del><ins>+ log("PASS: Exception thrown trying to get cross-domain document: " + e);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> try {
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossoriginreifiedwindowpropertyaccessexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-origin-reified-window-property-access-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-origin-reified-window-property-access-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-origin-reified-window-property-access-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,14 +1,11 @@
</span><del>-CONSOLE MESSAGE: line 16: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 16: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 16: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx"> Tests that reification does not bypass cross-origin checks.
</span><span class="cx">
</span><span class="cx"> On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
</span><span class="cx">
</span><span class="cx">
</span><del>-PASS crossOriginWindow.document returned undefined.
-PASS crossOriginWindow.name returned undefined.
-PASS crossOriginWindow.menubar returned undefined.
</del><ins>+PASS crossOriginWindow.document threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS crossOriginWindow.name threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS crossOriginWindow.menubar threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
</ins><span class="cx"> PASS crossOriginWindow.scrollbars") threw exception SyntaxError: Unexpected EOF.
</span><span class="cx"> PASS crossOriginWindow.navigator") threw exception SyntaxError: Unexpected EOF.
</span><span class="cx"> PASS crossOriginWindow.screenX") threw exception SyntaxError: Unexpected EOF.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritycrossoriginwindowpropertyaccessexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/cross-origin-window-property-access-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/cross-origin-window-property-access-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/cross-origin-window-property-access-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 15: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 15: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx"> Tests that using another window's property getter does not bypass cross-origin checks.
</span><span class="cx">
</span><span class="cx"> On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
</span><span class="lines">@@ -13,8 +11,8 @@
</span><span class="cx"> PASS Object.getOwnPropertyDescriptor(window, "screenX").get.call(crossOriginWindow) threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
</span><span class="cx"> PASS Object.getOwnPropertyDescriptor(window.__proto__, "constructor").get.call(crossOriginWindow) threw exception TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(window.__proto__, "constructor").get.call').
</span><span class="cx"> PASS Object.getOwnPropertyDescriptor(window.__proto__, "constructor").get.call(crossOriginWindow.__proto__) threw exception TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(window.__proto__, "constructor").get.call').
</span><del>-PASS crossOriginWindow.constructor returned undefined.
-PASS Object.getOwnPropertyDescriptor(crossOriginWindow.__proto__, "constructor").value threw exception TypeError: undefined is not an object (evaluating 'Object.getOwnPropertyDescriptor(crossOriginWindow.__proto__, "constructor")').
</del><ins>+PASS crossOriginWindow.constructor threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS Object.getOwnPropertyDescriptor(crossOriginWindow.__proto__, "constructor").value threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
</ins><span class="cx"> PASS Object.getOwnPropertyDescriptor(window, "location").get.call(crossOriginWindow) === crossOriginWindow.location is true
</span><span class="cx"> PASS successfullyParsed is true
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLresourcesforeigndomaindataurlaccessoriframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-iframe.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-iframe.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-iframe.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -13,6 +13,7 @@
</span><span class="cx"> + "top.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a data: URL on a different domain was allowed';"
</span><span class="cx"> + "alert('FAIL: No exception thrown.');"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "alert('PASS: Exception thrown successfully.');"
</span><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLresourcesforeigndomaindataurlaccessoropenedframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-opened-frame.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-opened-frame.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/resources/foreign-domain-data-url-accessor-opened-frame.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -12,6 +12,7 @@
</span><span class="cx"> + "parent.opener.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a data: URL on a different domain was allowed';"
</span><span class="cx"> + "alert('FAIL: No exception thrown.');"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "alert('PASS: Exception thrown successfully.');"
</span><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlinforeigndomainsubframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-subframe-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> ALERT: PASS: Exception thrown successfully.
</span><span class="cx"> The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a data: URL. This tests that the data: URL loaded iframe does not have access to the main frame using top.document.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlinforeigndomainwindowopenexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> ALERT: PASS: Exception thrown successfully.
</span><span class="cx"> Opener Frame
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframe2levelexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> This tests that a data: URL loaded in an iframe inside another data: URL loaded iframe doesn't have access to the main frame.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframe2levelhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-2-level.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -14,6 +14,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "top.document.getElementById(\"accessMe\").innerHTML = \"FAIL: Cross frame access from a data: URL inside another data: URL was allowed.\";"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.notifyDone();"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> This tests that a data: URL loaded in an iframe doesn't have access to its parent's frame
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframetodataurlsubframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that a data: URL subframe can't access a sibling data: URL subframe.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframetodataurlsubframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -48,6 +48,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "parent.frames['firstSubFrame'].document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a sibling data: URL was allowed.';"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.notifyDone();"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurlsubframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -15,6 +15,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "parent.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a data: URL was allowed.';"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.notifyDone();"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurltodataurlexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that a data: URL subframe can't access a child data: URL subframe of itself.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromdataurltodataurlhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-to-data-url.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -53,6 +53,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "frames[0].document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a data: URL was allowed.';"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.notifyDone();"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromjavascripturlwindowopenexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "http://127.0.0.1:8000". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> Opener Frame
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDfromjavascripturlwindowopenhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -15,6 +15,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "opener.document.getElementById(\"accessMe\").innerHTML = \"FAIL: Access from a window opened with a data: URL was allowed!\";"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.globalFlag = true;" // Flag that the test has completed and we can close the window now
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlfromdataurlexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that a data: URL loaded in an iframe inside another data: URL loaded iframe doesn't have access to its parent, the first data: URL loaded iframe.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlfromdataurlhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-from-data-url.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -16,6 +16,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "parent.document.getElementById(\"accessMe\").innerHTML = \"FAIL: Cross frame access from a data: URL was allowed.\";"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.notifyDone();"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 30: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 41: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a data: URL. This tests that this main document does not have access to that data: URL loaded iframe.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframelocationchangeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 30: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 41: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> Opener frame
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframelocationchangehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe-location-change.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -38,6 +38,7 @@
</span><span class="cx"> log("FAIL: Cross frame access to a data: URL embed in a frame on a foreign domain allowed.");
</span><span class="cx"> return;
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx"> log("PASS: Cross frame access to a data: URL embed in a frame on a foreign domain denied!");
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainsubframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -38,6 +38,7 @@
</span><span class="cx"> log("FAIL: Cross frame access to a data: URL embed in a frame on a foreign domain allowed.");
</span><span class="cx"> return;
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx"> log("PASS: Cross frame access to a data: URL embed in a frame on a foreign domain denied!");
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainwindowopenexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 34: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 45: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> PASS: Cross frame access to a data: URL embed in a frame window.open'ed on foreign domain denied!
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlinforeigndomainwindowopenhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-window-open.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -42,6 +42,7 @@
</span><span class="cx"> log("FAIL: Cross frame access to a data: URL embed in a frame window.open'ed on foreign domain allowed.");
</span><span class="cx"> return;
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx"> log("PASS: Cross frame access to a data: URL embed in a frame window.open'ed on foreign domain denied!");
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframe2levelexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 44: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 62: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> This tests that the main frame doesn't have access to a data: URL loaded in an iframe inside another data: URL loaded iframe.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframe2levelhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-2-level.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -59,6 +59,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> log('PASS: Cross frame access to a data: URL 2 levels deep was denied.');
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 172: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 194: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> This tests that the main frame can't access the contents of an iframe that contains a data: URL loaded page
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlsubframeuppercaseexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-uppercase-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-uppercase-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-sub-frame-uppercase-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 172: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 194: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> This tests that the main frame can't access the contents of an iframe that contains a data: URL loaded page using the uppercased variant DATA:
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlwindowopenexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 38: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 49: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><span class="cx"> Opener Frame
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydataURLxssDENIEDtodataurlwindowopenhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -46,6 +46,7 @@
</span><span class="cx"> try {
</span><span class="cx"> openedWindow.document.getElementById('accessMe').innerHTML = 'FAIL: Access to a window opened with a data: URL was allowed.';
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (window.testRunner)
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydocumentallexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/document-all-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/document-all-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/document-all-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,6 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "http://localhost:8080". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "http://localhost:8080". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</ins><span class="cx">
</span><del>-CONSOLE MESSAGE: line 1: Blocked a frame with origin "null" from accessing a frame with origin "http://localhost:8080". The frame requesting access has a protocol of "data", the frame being accessed has a protocol of "http". Protocols must match.
</del><span class="cx">
</span><del>-CONSOLE MESSAGE: line 1: TypeError: undefined is not an object (evaluating 'obj.alert.constructor')
-
</del></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritydocumentallhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/document-all.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/document-all.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/document-all.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -21,7 +21,11 @@
</span><span class="cx"> window.name = "alert";
</span><span class="cx"> obj = document.all;
</span><span class="cx"> obj.__proto__ = parent;
</span><del>- alert(obj.alert.constructor("return document.body.innerHTML")());
</del><ins>+ try {
+ alert(obj.alert.constructor("return document.body.innerHTML")());
+ } catch (e) {
+ console.log(e);
+ }
</ins><span class="cx"> } + ")()</scr" + "ipt>";
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLresourcesforeigndomainjavascripturlaccessoriframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -11,6 +11,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "top.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a javascript: URL on a different domain was allowed';"
</span><span class="cx"> + "} catch (e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.notifyDone();"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLresourcesforeigndomainjavascripturlaccessoropenedframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -11,6 +11,7 @@
</span><span class="cx"> + "try {"
</span><span class="cx"> + "parent.opener.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a javascript: URL on a different domain was allowed';"
</span><span class="cx"> + "} catch(e) {"
</span><ins>+ + "console.log(e);"
</ins><span class="cx"> + "}"
</span><span class="cx"> + "if (window.testRunner)"
</span><span class="cx"> + "testRunner.globalFlag = true;"
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDfromjavascripturlinforeigndomainsubframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 27: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a javascript: URL. This tests that the javascript: URL loaded iframe does not have access to the main frame using top.document.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDfromjavascripturlinforeigndomainwindowopenexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-window-open-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-from-javascript-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 27: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> Opener Frame
</span><span class="cx">
</span><span class="cx"> Pass: Cross frame access from a javascript: URL on a different domain was denied.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainsubframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 30: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 41: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a javascript: URL. This tests that this main document does not have access to that javascript: URL loaded iframe.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainsubframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -38,6 +38,7 @@
</span><span class="cx"> log("FAIL: Cross frame access to a javascript: URL embed in a frame on a foreign domain allowed.");
</span><span class="cx"> return;
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> log("PASS: Cross frame access to a javascript: URL embed in a frame on a foreign domain denied!");
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainwindowopenexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 34: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 45: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> PASS: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain denied!
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityjavascriptURLxssDENIEDtojavascripturlinforeigndomainwindowopenhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -42,6 +42,7 @@
</span><span class="cx"> log("FAIL: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain allowed.");
</span><span class="cx"> return;
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx"> log("PASS: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain denied!");
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerresourcestargetChildJSTargetNodeonclickaddEventListenerhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-addEventListener.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,6 +6,7 @@
</span><span class="cx"> try {
</span><span class="cx"> alert("document.domain: " + window.document.domain);
</span><span class="cx"> } catch(e) {
</span><ins>+ alert(e);
</ins><span class="cx"> }
</span><span class="cx"> }, false);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerresourcestargetChildJSTargetNodeonclickshortcuthtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/resources/targetChild-JSTargetNode-onclick-shortcut.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,6 +6,7 @@
</span><span class="cx"> try {
</span><span class="cx"> alert("document.domain: " + window.document.domain);
</span><span class="cx"> } catch(e) {
</span><ins>+ alert(e);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerresourcestargetChildXMLHttpRequestaddEventListenerhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-addEventListener.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,6 +6,7 @@
</span><span class="cx"> try {
</span><span class="cx"> alert("document.domain: " + window.document.domain);
</span><span class="cx"> } catch(e) {
</span><ins>+ alert(e);
</ins><span class="cx"> }
</span><span class="cx"> }, false);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerresourcestargetChildXMLHttpRequestshortcuthtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/resources/targetChild-XMLHttpRequest-shortcut.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,6 +6,7 @@
</span><span class="cx"> try {
</span><span class="cx"> alert("document.domain: " + window.document.domain);
</span><span class="cx"> } catch(e) {
</span><ins>+ alert(e);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerresourcestargetChildwindowonclickaddEventListenerhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-addEventListener.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,6 +6,7 @@
</span><span class="cx"> try {
</span><span class="cx"> alert("document.domain: " + window.document.domain);
</span><span class="cx"> } catch(e) {
</span><ins>+ alert(e);
</ins><span class="cx"> }
</span><span class="cx"> }, false);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerresourcestargetChildwindowonclickshortcuthtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/resources/targetChild-window-onclick-shortcut.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,6 +6,7 @@
</span><span class="cx"> try {
</span><span class="cx"> alert("document.domain: " + window.document.domain);
</span><span class="cx"> } catch(e) {
</span><ins>+ alert(e);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerxssJSTargetNodeonclickaddEventListenerexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-addEventListener-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 17: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that frame used when setting eventListeners on an EventTarget using addEventListener is the target nodes frame. (rdar://problem/5426142). This test passes if you don't see an alert dialog with the domain of "localhost" in it and an "Unsafe JavaScript" warning is logged to the console.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerxssJSTargetNodeonclickshortcutexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/xss-JSTargetNode-onclick-shortcut-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 17: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that frame used when setting eventListeners on an EventTarget with the shortcut (onclick, etc), is the target nodes frame. (rdar://problem/5426142). This test passes if you don't see an alert dialog with the domain of "localhost" in it and an "Unsafe JavaScript" warning is logged to the console.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerxssXMLHttpRequestaddEventListenerexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-addEventListener-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 19: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that frame used when setting eventListeners on an XMLHttpRequest using addEventListener, is the requests frame. (rdar://problem/5426142). This test passes if you don't see an alert dialog with the domain of "localhost" in it and an "Unsafe JavaScript" warning is logged to the console.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerxssXMLHttpRequestshortcutexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/xss-XMLHttpRequest-shortcut-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 17: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that frame used when setting eventListeners on an XMLHttpRequest with the shortcut (onreadystatechange), is the requests frame. (rdar://problem/5426142). This test passes if you don't see an alert dialog with the domain of "localhost" in it and an "Unsafe JavaScript" warning is logged to the console.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerxsswindowonclickaddEventListenerexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-addEventListener-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 24: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that frame used when setting eventListeners on the window using addEventListener is the window's frame. (rdar://problem/5426142). This test passes if you don't see an alert dialog with the domain of "localhost" in it and an "Unsafe JavaScript" warning is logged to the console.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritylistenerxsswindowonclickshortcutexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-shortcut-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-shortcut-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/listener/xss-window-onclick-shortcut-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 24: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This tests that frame used when setting eventListeners on the window with the shortcut (onclick, etc), is the window's frame. (rdar://problem/5426142). This test passes if you don't see an alert dialog with the domain of "localhost" in it and an "Unsafe JavaScript" warning is logged to the console.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityresourcescrossframeaccessjs"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/resources/cross-frame-access.js (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/resources/cross-frame-access.js 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/resources/cross-frame-access.js 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -191,6 +191,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> log(passMessage);
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityresourcescrossframehistoryprototypeiframehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/resources/cross-frame-history-prototype-iframe.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/resources/cross-frame-history-prototype-iframe.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/resources/cross-frame-history-prototype-iframe.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,9 @@
</span><span class="cx"> <script>
</span><del>-parent.history;
</del><ins>+try {
+ parent.history;
+} catch (e) {
+ console.log(e);
+}
</ins><span class="cx"> Object.prototype.fail = "fail";
</span><span class="cx"> parent.postMessage("done", "*");
</span><span class="cx"> </script>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityresourcesiframeforsynchronousformhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/resources/iframe-for-synchronous-form.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/resources/iframe-for-synchronous-form.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/resources/iframe-for-synchronous-form.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,6 +6,7 @@
</span><span class="cx"> try {
</span><span class="cx"> parent.attacked();
</span><span class="cx"> } catch(ex) {
</span><ins>+ console.log(ex);
</ins><span class="cx"> }
</span><span class="cx"> parent.postMessage('Done.', '*');
</span><span class="cx"> };
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityresourcessandboxediframeoriginaddstep1html"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-add-step1.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-add-step1.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-add-step1.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -3,6 +3,7 @@
</span><span class="cx"> try {
</span><span class="cx"> top.fail();
</span><span class="cx"> } catch(e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> top.postMessage("step1-done", "*");
</span><span class="cx"> }
</span><span class="cx"> }, false);
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityresourcessandboxediframeoriginremovestep2html"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-remove-step2.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-remove-step2.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/resources/sandboxed-iframe-origin-remove-step2.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -2,6 +2,7 @@
</span><span class="cx"> try {
</span><span class="cx"> top.fail();
</span><span class="cx"> } catch(e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> top.postMessage("step2-done", "*");
</span><span class="cx"> }
</span><span class="cx"> </script>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritysandboxediframemodifyselfexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/sandboxed-iframe-modify-self-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/sandboxed-iframe-modify-self-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/sandboxed-iframe-modify-self-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 9: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx"> This is a "sanity" test case to verify that a sandboxed frame cannot break out of its sandbox by modifying its own sandbox attribute. Two attempts are made:
</span><span class="cx">
</span><span class="cx"> First, an attempt is made to modify the sandbox attribute of the "self" object, referring to the frame's window. This should not have any effect (the attribute is associated with the iframe DOM node, not the window). No warning is expected.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritysandboxediframeoriginaddexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-add-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-add-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-add-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 4: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</del><ins>+CONSOLE MESSAGE: line 6: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx"> Test that adding allow-origin after creating an iframe doesn't modify the origin of an existing document, but it doesn modify the origin of the next document.
</span><span class="cx">
</span><span class="cx"> PASS
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritysandboxediframeoriginremoveexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-remove-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-remove-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/sandboxed-iframe-origin-remove-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 3: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</del><ins>+CONSOLE MESSAGE: line 5: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx"> Test that removing allow-origin after creating an iframe doesn't modify the origin of an existing document, but it doesn modify the origin of the next document.
</span><span class="cx">
</span><span class="cx"> PASS
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecuritysrcdocinsandboxcannotaccessparentexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/srcdoc-in-sandbox-cannot-access-parent-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 4: Sandbox access violation: Blocked a frame at "null" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
-CONSOLE MESSAGE: line 4: TypeError: undefined is not an object (evaluating 'parent.document.getElementById')
</del><ins>+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "null" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx"> PASS
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDdefinePropertyexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-defineProperty-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-defineProperty-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-defineProperty-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -16,12 +16,6 @@
</span><span class="cx"> CONSOLE MESSAGE: line 24: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 24: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 24: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><del>-CONSOLE MESSAGE: line 40: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 40: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 40: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 40: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 40: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 40: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</del><span class="cx">
</span><span class="cx"> PASS: cross-site assignment of Object constructor not allowed
</span><span class="cx"> PASS: cross-site assignment of new property not allowed
</span><span class="lines">@@ -76,10 +70,10 @@
</span><span class="cx"> SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><span class="cx"> SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><span class="cx"> SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</span><del>-TypeError: undefined is not an object (evaluating 'parent.Object.prototype')
-TypeError: undefined is not an object (evaluating 'parent.Object.prototype')
-TypeError: undefined is not an object (evaluating 'parent.Object.prototype')
-TypeError: undefined is not an object (evaluating 'parent.Object.prototype')
-TypeError: undefined is not an object (evaluating 'parent.Object.prototype')
-TypeError: undefined is not an object (evaluating 'parent.Object.prototype')
</del><ins>+SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
+SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</ins><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDframenameexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-frame-name-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-frame-name-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-frame-name-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,2 @@
</span><del>-CONSOLE MESSAGE: line 2: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
-ALERT: undefined
</del><ins>+CONSOLE MESSAGE: line 2: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> This test passes if it doesn't alert fail.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDhtmlelelmentwithiframeprotoexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,11 @@
</span><del>-CONSOLE MESSAGE: line 10: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx">
</span><span class="cx"> Tests that making other frame window a prototype doesn't expose that window subframe
</span><del>-PASS: targetWindow.myinput should be 'undefined' and is.
</del><span class="cx">
</span><ins>+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS targetWindow.myinput threw exception SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match..
+PASS: successfullyParsed should be 'true' and is.
+
+TEST COMPLETE
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDhtmlelelmentwithiframeprotohtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-htmlelelment-with-iframe-proto.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,6 @@
</span><span class="cx"> <html>
</span><span class="cx"> <head>
</span><ins>+<script src="/js-test-resources/js-test-pre.js"></script>
</ins><span class="cx"> <script src="resources/cross-frame-access.js"></script>
</span><span class="cx"> </head>
</span><span class="cx"> <body>
</span><span class="lines">@@ -7,17 +8,17 @@
</span><span class="cx"> </iframe>
</span><span class="cx"> <pre id="console"></pre>
</span><span class="cx"> <script>
</span><del>-if (window.testRunner)
- testRunner.dumpAsText();
</del><ins>+description("Tests that making other frame window a prototype doesn't expose that window subframe");
+jsTestIsAsync = true;
</ins><span class="cx">
</span><del>-log("Tests that making other frame window a prototype doesn't expose that window subframe");
-
</del><span class="cx"> targetWindow = frames[0];
</span><span class="cx">
</span><span class="cx"> window.onload = function() {
</span><span class="cx"> __proto__ = targetWindow;
</span><del>- shouldBeUndefined('targetWindow.myinput');
</del><ins>+ shouldThrowErrorName('targetWindow.myinput', 'SecurityError');
+ finishJSTest();
</ins><span class="cx"> }
</span><span class="cx"> </script>
</span><ins>+<script src="/js-test-resources/js-test-post.js"></script>
</ins><span class="cx"> </body>
</span><span class="cx"> </html>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDinvaliddomainchangeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 24: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 17: SecurityError (DOM Exception 18): The operation is insecure.
</ins><span class="cx">
</span><span class="cx"> PASS: cross-site not access allowed
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDinvaliddomainchangehtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-invalid-domain-change.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -14,6 +14,7 @@
</span><span class="cx"> // change own domain to an invalid one
</span><span class="cx"> document.domain = 'apple.com';
</span><span class="cx"> } catch (e) {
</span><ins>+ console.log(e);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> window.onload = cross_frame_access;
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDmethodwithiframeprotoexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-method-with-iframe-proto-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-method-with-iframe-proto-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-method-with-iframe-proto-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 37: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
-CONSOLE MESSAGE: line 40: TypeError: targetWindow.setTimeout is not a function. (In 'targetWindow.setTimeout(callback, 0, this)', 'targetWindow.setTimeout' is undefined)
</del><ins>+CONSOLE MESSAGE: line 40: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> CONSOLE MESSAGE: line 47: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="cx"> CONSOLE MESSAGE: line 54: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDsandboxediframeexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-sandboxed-iframe-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 4: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
-CONSOLE MESSAGE: line 4: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</del><ins>+CONSOLE MESSAGE: line 4: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx"> This test verifies that sandboxed iframe prevents cross-domain script access. It will print "PASS" on success.
</span><span class="cx">
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDsynchronousformexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-synchronous-form-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-synchronous-form-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-synchronous-form-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 7: Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 9: SecurityError (DOM Exception 18): Blocked a frame with origin "http://localhost:8000" from accessing a frame with origin "http://127.0.0.1:8000". Protocols, domains, and ports must match.
</ins><span class="cx"> Waiting for iframe...
</span><span class="cx"> Done.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDwindownamenavigatorexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,2 @@
</span><del>-CONSOLE MESSAGE: line 1: Sandbox access violation: Blocked a frame at "null" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
-ALERT: PASS
</del><ins>+CONSOLE MESSAGE: line 1: SecurityError (DOM Exception 18): Sandbox access violation: Blocked a frame at "null" from accessing a frame at "http://127.0.0.1:8000". The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
</ins><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDxsldocumentsecurityOriginexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,2 +1,2 @@
</span><del>-CONSOLE MESSAGE: line 28: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8080". Protocols, domains, and ports must match.
</del><ins>+CONSOLE MESSAGE: line 32: SecurityError (DOM Exception 18): Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8080". Protocols, domains, and ports must match.
</ins><span class="cx"> This test passes if it doesn't alert the contents of innocent-victim.html.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssDENIEDxsldocumentsecurityOriginxml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -6,33 +6,37 @@
</span><span class="cx"> <script>
</span><span class="cx"> <![CDATA[
</span><span class="cx"> if (window.testRunner) {
</span><del>- testRunner.dumpAsText();
- testRunner.waitUntilDone();
- testRunner.setCanOpenWindows();
- testRunner.setCloseRemainingWindowsWhenComplete(true);
</del><ins>+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+ testRunner.setCanOpenWindows();
+ testRunner.setCloseRemainingWindowsWhenComplete(true);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> window.onload = function()
</span><span class="cx"> {
</span><del>- if (!opener) {
- victim = document.body.appendChild(document.createElement("iframe"));
- wnd = victim.contentWindow.open();
- victim.src = "http://localhost:8080/security/resources/innocent-victim.html";
- victim.onload = function() { wnd.eval("location = '" + location + "'"); }
- } else if (location != "about:blank") {
- url = location.href;
- blank = document.body.appendChild(document.createElement("iframe"));
- blank.contentWindow.eval("parent.document.open()");
- location = "javascript:(\"\x3C?xml-stylesheet type='text/xsl' href='" + url + "'?\x3E\x3Croot/\x3E\")";
- } else {
- victim = opener;
- open("javascript:void(0)", "_self");
- if (victim.eval)
- victim.eval("alert(document.body.innerHTML)");
</del><ins>+ if (!opener) {
+ victim = document.body.appendChild(document.createElement("iframe"));
+ wnd = victim.contentWindow.open();
+ victim.src = "http://localhost:8080/security/resources/innocent-victim.html";
+ victim.onload = function() { wnd.eval("location = '" + location + "'"); }
+ } else if (location != "about:blank") {
+ url = location.href;
+ blank = document.body.appendChild(document.createElement("iframe"));
+ blank.contentWindow.eval("parent.document.open()");
+ location = "javascript:(\"\x3C?xml-stylesheet type='text/xsl' href='" + url + "'?\x3E\x3Croot/\x3E\")";
+ } else {
+ try {
+ victim = opener;
+ open("javascript:void(0)", "_self");
+ if (victim.eval)
+ victim.eval("alert(document.body.innerHTML)");
+ } catch (e) {
+ console.log(e);
+ }
</ins><span class="cx">
</span><del>- if (window.testRunner)
- testRunner.notifyDone();
- }
</del><ins>+ if (window.testRunner)
+ testRunner.notifyDone();
+ }
</ins><span class="cx"> }
</span><span class="cx"> ]]>
</span><span class="cx"> </script>
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssevalexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-eval-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-eval-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-eval-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,4 +1,3 @@
</span><del>-CONSOLE MESSAGE: line 44: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a frame with origin "http://localhost:8000". Protocols, domains, and ports must match.
</del><span class="cx"> This page verifies that you can't use eval to subvert cross-domain checks.
</span><span class="cx">
</span><span class="cx"> If the test passes, you'll see a pass message below.
</span><span class="lines">@@ -5,6 +4,6 @@
</span><span class="cx">
</span><span class="cx"> PASS: eval.call(frames[0], 'document').testExpando should be It's me! and is.
</span><span class="cx"> PASS: childEval.call(frames[0], 'document').testExpando should be It's me too! and is.
</span><del>-PASS: childEvalCaller('document').testExpando should be TypeError and is.
</del><ins>+PASS: childEvalCaller('document').testExpando should be SecurityError and is.
</ins><span class="cx"> PASS: childLocalEvalCaller('document').testExpando should be It's me too! and is.
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityxssevalhtml"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/http/tests/security/xss-eval.html (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/xss-eval.html 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/http/tests/security/xss-eval.html 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -42,7 +42,7 @@
</span><span class="cx"> shouldBe("childEvalCaller('document').testExpando",
</span><span class="cx"> (function() { try {
</span><span class="cx"> return childEvalCaller('document').testExpando;
</span><del>- } catch(e) { return e.name; } })(), "TypeError");
</del><ins>+ } catch(e) { return e.name; } })(), "SecurityError");
</ins><span class="cx">
</span><span class="cx"> shouldBe("childLocalEvalCaller('document').testExpando",
</span><span class="cx"> (function() { try { return childLocalEvalCaller('document').testExpando; } catch(e) { return e.name; } })(), "It's me too!");
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/ChangeLog (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/ChangeLog 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,15 @@
</span><ins>+2016-08-29 Chris Dumez <cdumez@apple.com>
+
+ We should throw a SecurityError when denying access to cross-origin Window properties
+ https://bugs.webkit.org/show_bug.cgi?id=161316
+
+ Reviewed by Darin Adler.
+
+ Rebaseline existing tests to reflect behavior change.
+
+ * web-platform-tests/domparsing/innerhtml-05-expected.txt:
+ * web-platform-tests/html/semantics/forms/form-submission-0/getactionurl-expected.txt:
+
</ins><span class="cx"> 2016-08-29 Youenn Fablet <youenn@apple.com>
</span><span class="cx">
</span><span class="cx"> [Fetch API] Response cloning should structureClone when teeing Response stream
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestsdomparsinginnerhtml05expectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/domparsing/innerhtml-05-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/domparsing/innerhtml-05-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/domparsing/innerhtml-05-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,5 +1,4 @@
</span><del>-CONSOLE MESSAGE: line 1380: Blocked a frame with origin "http://localhost:8800" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><span class="cx">
</span><ins>+FAIL innerHTML in XHTML Blocked a frame with origin "http://localhost:8800" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><del>-FAIL innerHTML in XHTML undefined is not an object (evaluating 'window[0].document.documentElement')
</del><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestshtmlsemanticsformsformsubmission0getactionurlexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/forms/form-submission-0/getactionurl-expected.txt (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/forms/form-submission-0/getactionurl-expected.txt 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/forms/form-submission-0/getactionurl-expected.txt 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,6 +1,5 @@
</span><del>-CONSOLE MESSAGE: line 1380: Blocked a frame with origin "http://localhost:8800" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</del><span class="cx">
</span><span class="cx">
</span><ins>+FAIL Navigating to URL with a data scheme Blocked a frame with origin "http://localhost:8800" from accessing a frame with origin "null". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "data". Protocols must match.
</ins><span class="cx">
</span><del>-FAIL Navigating to URL with a data scheme undefined is not an object (evaluating 'testframe.contentWindow.document.textContent')
</del><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/Source/WebCore/ChangeLog 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -1,3 +1,21 @@
</span><ins>+2016-08-29 Chris Dumez <cdumez@apple.com>
+
+ We should throw a SecurityError when denying access to cross-origin Window properties
+ https://bugs.webkit.org/show_bug.cgi?id=161316
+
+ Reviewed by Darin Adler.
+
+ We should throw a SecurityError when denying access to cross-origin Window properties:
+ - https://html.spec.whatwg.org/#crossorigingetownpropertyhelper-(-o,-p-)
+ - https://html.spec.whatwg.org/#crossoriginproperties-(-o-)
+
+ Firefox and Chrome already throw.
+
+ No new tests, updated existing tests.
+
+ * bindings/js/JSDOMWindowCustom.cpp:
+ (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
+
</ins><span class="cx"> 2016-08-29 Youenn Fablet <youenn@apple.com>
</span><span class="cx">
</span><span class="cx"> Image Loader should use FetchOptions::mode according its crossOrigin attribute
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsJSDOMWindowCustomcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp (205135 => 205136)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp 2016-08-29 19:36:36 UTC (rev 205135)
+++ trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp 2016-08-29 19:37:01 UTC (rev 205136)
</span><span class="lines">@@ -135,7 +135,7 @@
</span><span class="cx"> // For any other entries in the static property table, deny access. (Early return also prevents
</span><span class="cx"> // named getter from returning frames with matching names - this seems a little questionable, see
</span><span class="cx"> // FIXME comment on prototype search below.)
</span><del>- thisObject->printErrorMessage(errorMessage);
</del><ins>+ throwSecurityError(*exec, errorMessage);
</ins><span class="cx"> slot.setUndefined();
</span><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="lines">@@ -149,7 +149,7 @@
</span><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- thisObject->printErrorMessage(errorMessage);
</del><ins>+ throwSecurityError(*exec, errorMessage);
</ins><span class="cx"> slot.setUndefined();
</span><span class="cx"> return true;
</span><span class="cx"> }
</span></span></pre>
</div>
</div>
</body>
</html>