UNPKG

dojox

Version:

Dojo eXtensions, a rollup of many useful sub-projects and varying states of maturity – from very stable and robust, to alpha and experimental. See individual projects contain README files for details.

dojotoolkit.org

dojo/dojox

35 lines (33 loc) 918 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Attacker Frame Test</title> <script type="text/javascript"> var switchedLocation; var intervalId = setInterval(function(){ try{ if(!switchedLocation){ parent.frames[1].name='malicious data'; alert("changing to "+ (parent.frames[1][0][0].location = "http://127.0.0.1/dojox/io/tests/")); switchedLocation = true; } alert("snooping for "+ parent.frames[1].name); clearInterval(intervalId); } catch(e){} },10); function check(){ if(switchedLocation){ alert("other " + parent.frames[1][0][0].name); } alert("trying to delete"+parent['protectedFrame']); (parent.frames[1].location = "http://127.0.0.1/dojox/io/tests/"); switchedLocation = true; alert("changed "); } </script> </head> <body class="tundra"> <div onclick="check()">fire</div> </body> </html>