<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>iFrame Test</title>
<link href="testIcon.svg" type="image/png" rel="icon">
<link href="testIcon.svg" type="image/png" rel="shortcut icon">
</head>
<body>
<script src="iframeTest.js"></script>
<iframe></iframe><script>
const iframe = window[0];
log("TEST:", "iframe in html:", compare(test(iframe), reference));
iframe.addEventListener("load", function(){
"use strict";
log("TEST:", "iframe after loading:", compare(test(iframe), reference));
});
document.write(
"<iframe></iframe>" +
"<script>log(\"TEST:\", \"iframe and script in document.write:\", compare(test(window[1]), reference));<\/script>"
);
log("TEST:", "iframe in document.write:", compare(test(window[1]), reference));
document.write("<iframe></iframe>");
document.write(
"<script>" +
"log(\"TEST:\", \"iframe and script in separate document.write:\", compare(test(window[2]), reference));" +
"<\/script>");
(
"<iframe></iframe>" +
"<script>" +
"log(\"TEST:\", \"iframe and script in fragmented document.write:\", compare(test(window[3]), reference));" +
"<\/script>"
).split(/(?=<)/).forEach(function(part){
"use strict";
document.write(part);
});
document.writeln(
"<iframe></iframe>" +
"<script>log(\"TEST:\", \"iframe and script in document.writeln:\", compare(test(window[4]), reference));<\/script>"
);
document.write(
"<script src=\"iframeTest.js\"><\/script>" +
"<iframe></iframe>" +
"<script>" +
"log(" +
"\"TEST:\", " +
"\"script with src, iframe and script in document.write:\", " +
"compare(test(window[5]), reference)" +
");" +
"<\/script>"
);
"<ifr|ame></ifr|ame>".split("|").forEach(function(part){
"use strict";
document.write(part);
});
document.write("<script>log(\"TEST:\", \"ifr|ame split:\", compare(test(window[6]), reference));<\/script>");
window.addEventListener("load", function(){
"use strict";
// document.open();
"<ifr|ame></ifr|ame>".split("|").forEach(function(part){
document.write(part);
});
document.write(
"<script>" +
"log(\"TEST:\", \"reopened document: ifr|ame split:\", compare(test(window[0]), reference));" +
"<\/script>");
document.write(
"<script src=\"iframeTest.js\"><\/script>" +
"<iframe></iframe>" +
"<script>" +
"log(" +
"\"TEST:\", " +
"\"reopened document: script with src, iframe and script in document.write:\", " +
"compare(test(window[1]), reference, true)" +
");" +
"<\/script>"
);
// document.close();
});
window.setTimeout(function(){
"use strict";
document.body.innerHTML = "<iframe></iframe>";
log("TEST:", "innerHTML after 1000ms:", compare(test(window[0]), reference));
const iFrame = document.createElement("iframe");
document.body.appendChild(iFrame);
log("TEST:", "appendChild after 1000ms:", compare(test(window[1]), reference));
const iFrame2 = document.createElement("iframe");
iFrame.replaceWith(iFrame2);
log("TEST:", "replaceWith after 1000ms:", compare(test(window[1]), reference));
document.body.innerHTML = "<h1>Iframe protection</h1>" +
"Open console (Ctrl + Shift + K) to see results. " +
"Depending on your Browser version you might have to check the \"Persist Logs\" flag and reload the page.<br>" +
"<h2>Expected result</h2>" +
"<ul>" +
"<li>the displayed hashes should not be your native hash (run test with CB disabled to get it)</li>" +
"<li>all the displayed hashes should be the same (exception if there is a change to a wyciwyg page)</li>" +
"<li>all lines with \"TEST:\" should have a \"match\" at the end</li>" +
"</ul>";
const title = document.createElement("title");
title.textContent = "iFrame test";
document.getElementsByTagName("head")[0].appendChild(title);
}, 1000);
</script>
</body>
</html>