1jsURL = "javascript:" + escape('window.parent.postMessage("JS uri ran", "*");\ 2return \'\ 3<script>\ 4window.parent.postMessage("Able to access private: " +\ 5 window.parent.private, "*");\ 6</script>\''); 7dataURL = "data:text/html," + escape('<!DOCTYPE HTML>\ 8<script>\ 9try {\ 10 window.parent.postMessage("Able to access private: " +\ 11 window.parent.private, "*");\ 12}\ 13catch (e) {\ 14 window.parent.postMessage("pass", "*");\ 15}\ 16</script>'); 17 18tests = [ 19// Plain document should work as normal 20'<!DOCTYPE HTML>\ 21<script>\ 22try {\ 23 window.parent.private;\ 24 window.parent.postMessage("pass", "*");\ 25}\ 26catch (e) {\ 27 window.parent.postMessage("Unble to access private", "*");\ 28}\ 29</script>', 30 31// refresh to plain doc 32{ refresh: "file_bug475636.sjs?1", 33 doc: '<!DOCTYPE HTML>' }, 34 35// meta-refresh to plain doc 36'<!DOCTYPE HTML>\ 37<head>\ 38 <meta http-equiv="refresh" content="0; url=file_bug475636.sjs?1">\ 39</head>', 40 41// refresh to data url 42{ refresh: dataURL, 43 doc: '<!DOCTYPE HTML>' }, 44 45// meta-refresh to data url 46'<!DOCTYPE HTML>\ 47<head>\ 48 <meta http-equiv="refresh" content="0; url=' + dataURL + '">\ 49</head>', 50 51// refresh to js url should not be followed 52{ refresh: jsURL, 53 doc: 54'<!DOCTYPE HTML>\ 55<script>\ 56setTimeout(function() {\ 57 window.parent.postMessage("pass", "*");\ 58}, 2000);\ 59</script>' }, 60 61// meta refresh to js url should not be followed 62'<!DOCTYPE HTML>\ 63<head>\ 64 <meta http-equiv="refresh" content="0; url=' + jsURL + '">\ 65</head>\ 66<script>\ 67setTimeout(function() {\ 68 window.parent.postMessage("pass", "*");\ 69}, 2000);\ 70</script>' 71]; 72 73 74function handleRequest(request, response) 75{ 76 dump("@@@@@@@@@hi there: " + request.queryString + "\n"); 77 test = tests[parseInt(request.queryString, 10) - 1]; 78 response.setHeader("Content-Type", "text/html"); 79 80 if (!test) { 81 response.write('<script>parent.postMessage("done", "*");</script>'); 82 } 83 else if (typeof test == "string") { 84 response.write(test); 85 } 86 else if (test.refresh) { 87 response.setHeader("Refresh", "0; url=" + test.refresh); 88 response.write(test.doc); 89 } 90} 91