Source code
Revision control
Copy as Markdown
Other Tools
Test Info:
- This WPT test may be referenced by the following Test IDs:
- /html/browsers/origin/inheritance/about-srcdoc.html - WPT Dashboard Interop Dashboard
<!doctype html>
<html>
<head>
<title>about:srcdoc aliases security origin</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
</head>
<body>
<script>
test(() => {
let iframe = document.createElement('iframe');
iframe.srcdoc = '<body></body>';
document.body.appendChild(iframe);
// Should not throw: srcdoc should always be same-origin.
iframe.contentWindow.document.body.innerHTML = '<p>Hello world!</p>';
// Explicitly set `domain` component of origin: any other same-origin
// browsing contexts are now cross-origin unless they also explicitly
// set document.domain to the same value.
document.domain = document.domain;
// Should not throw: the origin should be aliased, so setting
// document.domain in one Document should affect both Documents.
assert_equals(
iframe.contentWindow.document.body.textContent,
'Hello world!');
});
</script>
</body>
</html>