2019-05-24 18:31:11 +02:00
<!DOCTYPE html>
< html >
< head >
< meta http-equiv = "content-type" content = "text/html; charset=UTF-8" >
< title > iFrame Test< / title >
< link href = "testIcon.svg" type = "image/png" rel = "icon" >
< link href = "testIcon.svg" type = "image/png" rel = "shortcut icon" >
< / head >
< body >
< script src = "iframeTest.js" > < / script >
< iframe > < / iframe > < script >
const iframe = window[0];
2019-05-25 12:35:09 +02:00
log("TEST:", "iframe in html:", compare(test(iframe), reference));
2019-05-24 18:31:11 +02:00
iframe.addEventListener("load", function(){
2019-05-25 12:35:09 +02:00
log("TEST:", "iframe after loading:", compare(test(iframe), reference));
2019-05-24 18:31:11 +02:00
});
2019-05-25 12:35:09 +02:00
document.write("< iframe > < / iframe > < script > l o g ( \ " T E S T : \ " , \ " i f r a m e a n d s c r i p t i n d o c u m e n t . w r i t e : \ " , c o m p a r e ( t e s t ( w i n d o w [ 1 ] ) , r e f e r e n c e ) ) ; < \ / s c r i p t > " ) ;
log("TEST:", "iframe in document.write:", compare(test(window[1]), reference));
2019-05-24 18:31:11 +02:00
document.write("< iframe > < / iframe > ");
2019-05-25 12:35:09 +02:00
document.write("< script > l o g ( \ " T E S T : \ " , \ " i f r a m e a n d s c r i p t i n s e p a r a t e d o c u m e n t . w r i t e : \ " , c o m p a r e ( t e s t ( w i n d o w [ 2 ] ) , r e f e r e n c e ) ) ; < \ / s c r i p t > " ) ;
"< iframe > < / iframe > < script > l o g ( \ " T E S T : \ " , \ " i f r a m e a n d s c r i p t i n f r a g m e n t e d d o c u m e n t . w r i t e : \ " , c o m p a r e ( t e s t ( w i n d o w [ 3 ] ) , r e f e r e n c e ) ) ; < \ / s c r i p t > " . s p l i t ( / ( ? = < ) / ) . f o r E a c h ( f u n c t i o n ( p a r t ) {
2019-05-24 18:31:11 +02:00
document.write(part);
});
2019-05-25 12:35:09 +02:00
document.writeln("< iframe > < / iframe > < script > l o g ( \ " T E S T : \ " , \ " i f r a m e a n d s c r i p t i n d o c u m e n t . w r i t e l n : \ " , c o m p a r e ( t e s t ( w i n d o w [ 4 ] ) , r e f e r e n c e ) ) ; < \ / s c r i p t > " ) ;
document.write("< script src = \"iframeTest.js\" > < \ / s c r i p t > < i f r a m e > < / i f r a m e > < s c r i p t > l o g ( \ " T E S T : \ " , \ " s c r i p t w i t h s r c , i f r a m e a n d s c r i p t i n d o c u m e n t . w r i t e : \ " , c o m p a r e ( t e s t ( w i n d o w [ 5 ] ) , r e f e r e n c e ) ) ; < \ / s c r i p t > " ) ;
2019-05-29 14:22:52 +02:00
"< ifr | ame > < /ifr|ame>".split("|").forEach(function(part){
document.write(part);
});
document.write("< script > l o g ( \ " T E S T : \ " , \ " i f r | a m e s p l i t : \ " , c o m p a r e ( t e s t ( w i n d o w [ 6 ] ) , r e f e r e n c e ) ) ; < \ / s c r i p t > " ) ;
2019-05-24 18:31:11 +02:00
window.addEventListener("load", function(){
// document.open();
2019-05-29 14:22:52 +02:00
"< ifr | ame > < /ifr|ame>".split("|").forEach(function(part){
document.write(part);
});
document.write("< script > l o g ( \ " T E S T : \ " , \ " r e o p e n e d d o c u m e n t : i f r | a m e s p l i t : \ " , c o m p a r e ( t e s t ( w i n d o w [ 0 ] ) , r e f e r e n c e ) ) ; < \ / s c r i p t > " ) ;
document.write("< script src = \"iframeTest.js\" > < \ / s c r i p t > < i f r a m e > < / i f r a m e > < s c r i p t > l o g ( \ " T E S T : \ " , \ " r e o p e n e d d o c u m e n t : s c r i p t w i t h s r c , i f r a m e a n d s c r i p t i n d o c u m e n t . w r i t e : \ " , c o m p a r e ( t e s t ( w i n d o w [ 1 ] ) , r e f e r e n c e , t r u e ) ) ; < \ / s c r i p t > " ) ;
2019-05-24 18:31:11 +02:00
// document.close();
});
window.setTimeout(function(){
document.body.innerHTML = "< iframe > < / iframe > ";
2019-05-25 12:35:09 +02:00
console.log("TEST:", "innerHTML after 1000ms:", compare(test(window[0]), reference));
2019-05-25 19:14:45 +02:00
document.body.innerHTML = "< h1 > Iframe protection< / h1 > Open console (Ctrl + Shift + K) to see results. Depending on your Browser version you might have to check the \"Persist Logs\" flag and reload the page.< br > < h2 > Expected behaviour< / h2 > < ul > < li > The displayed hashes should not be your native hash (run test with CB disabled to get it)< / li > < li > All the displayed hashes should be the same (exception if there is a change to a wyciwyg page)< / li > < li > All lines with \"TEST:\" should have a \"match\" at the end< / li > < / ul > ";
2019-05-24 18:31:11 +02:00
}, 1000);
< / script >
< / body >
< / html >
