Index: LayoutTests/http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html |
diff --git a/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html b/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..53910f0331a04bbfd8cb64287096baf39e5bc6db |
--- /dev/null |
+++ b/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html |
@@ -0,0 +1,18 @@ |
+<!DOCTYPE html> |
+<html> |
+<head> |
+ <script> |
+ if (window.testRunner) { |
+ testRunner.dumpAsText(); |
+ testRunner.dumpChildFramesAsText(); |
+ testRunner.dumpResourceLoadCallbacks(); |
+ } |
+ </script> |
+</head> |
+<body> |
+ <p>This tests verifies that 'X-Frame-Options: SAMEORIGIN' blocks |
+ sameorigin.com -> crossorigin.com -> sameorigin.com ancestor chains.</p> |
+ <p>There should be content in the iframe below, but not in its child frame.</p> |
+ <iframe style="width:500px; height:500px" src="http://localhost:8000/security/XFrameOptions/resources/x-frame-options-parent-same-origin-ancestor.html"></iframe> |
+</body> |
+</html> |