CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL data:text/html,%3Chtml%3E%3Chead%3E%3Cscript%3Efunction%20loaded()%20{if%20(window.layoutTestController)layoutTestController.globalFlag%20=%20true;}%3C/script%3E%3C/head%3E%3Cbody%20onload='loaded();'%3E%3Cp%20id='accessMe'%3EPASS:%20Cross%20frame%20access%20from%20a%20frame%20on%20a%20foreign%20domain%20denied!%3C/p%3E%3Cp%3EInner-inner%20iframe.%20This%20iframe%20(which%20is%20data:%20URL%20and%20whose%20parent%20is%20on%20a%20foreign%20domain)%20is%20the%20frame%20that%20the%20main%20frame%20is%20trying%20to%20access.%20%20It%20should%20not%20have%20access%20to%20it.%3C/p%3E%3C/body%3E%3C/html%3E from frame with URL http://127.0.0.1:8000/security/dataURL/xss-DENIED-to-data-url-in-foreign-domain-subframe.html. Domains, protocols and ports must match.

The scenario for this test is that you have an iframe with content from a foreign domain. In that foreign content is an iframe which loads a data: URL. This tests that this main document does not have access to that data: URL loaded iframe.


PASS: Cross frame access to a data: URL embed in a frame on a foreign domain denied!


--------
Frame: '<!--framePath //<!--frame0-->-->'
--------
Inner iframe on a foreign domain.



--------
Frame: 'aFrame'
--------
PASS: Cross frame access from a frame on a foreign domain denied!

Inner-inner iframe. This iframe (which is data: URL and whose parent is on a foreign domain) is the frame that the main frame is trying to access. It should not have access to it.
