<!DOCTYPE HTML> <html> <head> <meta charset="utf-8"> <title>Test for Bug 886262</title> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> </head> <script> function doStuff() { try { window.parent.parent.parent.ok_wrapper(false, "an object inside a frame or object inside a sandboxed iframe should NOT be same origin with the iframe's parent"); } catch (e) { window.parent.parent.parent.postMessage({ok: true, desc: "an object inside a frame or object inside a sandboxed iframe is not same origin with the iframe's parent"}, "*"); } // Check that sandboxed forms browsing context flag NOT set by attempting to submit a form. document.getElementById('a_form').submit(); } </script> <body onload='doStuff()'> I'm a <object> inside a <frame> or <object> inside an iframe which is sandboxed with 'allow-scripts allow-forms' <form method="get" action="file_iframe_sandbox_form_pass.html" id="a_form"> First name: <input type="text" name="firstname"> Last name: <input type="text" name="lastname"> <input type="submit" id="a_button"> </form> </body> </html>