46 lines
1.4 KiB
HTML
46 lines
1.4 KiB
HTML
<!doctype html>
|
|
<html>
|
|
<head>
|
|
<script src="../../http/tests/inspector/resources/protocol-test.js"></script>
|
|
<script src="../../http/tests/inspector/resources/console-test.js"></script>
|
|
<script>
|
|
function test()
|
|
{
|
|
let suite = ProtocolTest.createAsyncSuite("Console.XFrameOptionsMessages");
|
|
|
|
ProtocolTest.Console.addTestCase(suite, {
|
|
name: "XFrameOptionsDeny",
|
|
description: "Ensure that a console message is logged when enforcing an X-Frame-Options policy. In this case, setting X-Frame-Options: 'deny' means the iframe does not want to be embedded in the test page.",
|
|
expression: "triggerXFrameOptionDeny();",
|
|
expected: {source: 'security', level: 'error'}
|
|
});
|
|
|
|
InspectorProtocol.awaitCommand({
|
|
method: "Console.enable",
|
|
params: {}
|
|
})
|
|
.then(function() {
|
|
suite.runTestCasesAndFinish();
|
|
})
|
|
.catch(fatalError);
|
|
|
|
function fatalError(e) {
|
|
ProtocolTest.log("Test failed with fatal error: " + JSON.stringify(e));
|
|
ProtocolTest.completeTest();
|
|
}
|
|
}
|
|
</script>
|
|
</head>
|
|
<body onload="runTest()">
|
|
<iframe id="denied"></iframe>
|
|
<script>
|
|
function triggerXFrameOptionDeny()
|
|
{
|
|
let deniedFrame = document.getElementById('denied');
|
|
let deniedDocument = deniedFrame.contentWindow.document;
|
|
deniedDocument.write('<meta http-equiv="X-Frame-Options" content="deny"/>');
|
|
}
|
|
</script>
|
|
</body>
|
|
</html>
|