Source/WebCore/ChangeLog

 12013-02-04 Mike West <mkwst@chromium.org>
 2
 3 Throw SECURITY_ERR when accessing location.* across origins.
 4 https://bugs.webkit.org/show_bug.cgi?id=43891
 5
 6 Reviewed by NOBODY (OOPS!).
 7
 8 Other browsers (IE, Firefox, and Opera) throw an exception when accessing
 9 properties of a Location object across origins, as the spec suggests[1].
 10 WebKit is currently the outlier.
 11
 12 This has a few negative effects: developers are forced to hack around
 13 access violations in two ways rather than having a single code path, and
 14 (more annoyingly) developers are unable to avoid generating the error
 15 message. See every ad on the internet for the effect on the console. :)
 16
 17 This patch adds a SECURITY_ERR exception to these access violations,
 18 which is the first step towards getting rid of the console spam.
 19
 20 A fairly inconclusive thread[2] on webkit-dev popped up in 2010 and
 21 trailed off without reaching conclusion. I'd like to kick it off again
 22 and I don't intend to land this patch until there's a decision one way
 23 or the other (OOPS!).
 24
 25 This is the JSC half of the patch. V8 is coming in http://wkbug.com/43892
 26
 27 [1]: http://www.whatwg.org/specs/web-apps/current-work/multipage/history.html#security-location
 28 [2]: https://lists.webkit.org/pipermail/webkit-dev/2010-August/013880.html
 29
 30 * bindings/js/JSLocationCustom.cpp:
 31 (WebCore::JSLocation::getOwnPropertySlotDelegate):
 32
1332013-02-04 Pavel Feldman <pfeldman@chromium.org>
234
335 Web Inspector: make tabbed pane header a relayout boundary.

Source/WebCore/bindings/js/JSLocationCustom.cpp

@@bool JSLocation::getOwnPropertySlotDelegate(ExecState* exec, PropertyName proper
8181 // but for now we have decided not to, partly because it seems silly to return "[Object Location]" in
8282 // such cases when normally the string form of Location would be the URL.
8383
 84 // FIXME: Move this message into the exception once http://wkbug.com/98050 is fixed.
8485 printErrorMessageForFrame(frame, message);
 86 setDOMException(exec, SECURITY_ERR);
8587 slot.setUndefined();
8688 return true;
8789}

LayoutTests/ChangeLog

 12013-02-04 Mike West <mkwst@chromium.org>
 2
 3 Throw SECURITY_ERR when accessing location.href across origins.
 4 https://bugs.webkit.org/show_bug.cgi?id=43891
 5
 6 Reviewed by NOBODY (OOPS!).
 7
 8 * http/tests/plugins/resources/cross-frame-object-access.html:
 9 * http/tests/security/cross-frame-access-callback-explicit-domain-DENY-expected.txt:
 10 * http/tests/security/cross-frame-access-location-get-expected.txt:
 11 * http/tests/security/cross-frame-access-location-get.html:
 12 * http/tests/security/resources/cross-frame-access.js:
 13 (accessThrowsException):
 14 * http/tests/security/resources/cross-frame-iframe-callback-explicit-domain-DENY.html:
 15 * http/tests/security/resources/cross-frame-iframe-for-location-get-test.html:
 16 Adjusting tests to check for exceptions, and adjusting expectations to match.
 17 * platform/chromium/http/tests/security/cross-frame-access-callback-explicit-domain-DENY-expected.txt: Copied from LayoutTests/http/tests/security/cross-frame-access-callback-explicit-domain-DENY-expected.txt.
 18 * platform/chromium/http/tests/security/cross-frame-access-location-get-expected.txt: Added.
 19 V8 fails at the moment: http://wkbug.com/43892
 20
1212013-02-04 Kent Tamura <tkent@chromium.org>
222
323 [Chromium] Rebaseline for r141741

LayoutTests/http/tests/plugins/resources/cross-frame-object-access.html

@@function checkLocationObject(l)
1414 return false;
1515 }
1616
17  if (l.href) {
18  debug('could access top.location.href');
19  return false;
 17 try {
 18 if (l.href) {
 19 debug('could access top.location.href');
 20 return false;
 21 }
 22 } catch (e) {
 23 return true;
2024 }
21 
2225 return true;
2326}
2427

LayoutTests/http/tests/security/cross-frame-access-callback-explicit-domain-DENY-expected.txt

11CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/cross-frame-access-callback-explicit-domain-DENY.html from frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe-callback-explicit-domain-DENY.html. The frame requesting access set 'document.domain' to '127.0.0.1', but the frame being accessed did not. Both must set 'document.domain' to the same value to allow access.
22
 3CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/cross-frame-access-callback-explicit-domain-DENY.html from frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe-callback-explicit-domain-DENY.html. The frame requesting access set 'document.domain' to '127.0.0.1', but the frame being accessed did not. Both must set 'document.domain' to the same value to allow access.
 4
35Test that a child frame can't define a function and the use it to access parent properties after document.domain write blocks the access.
46
57

@@Test that a child frame can't define a function and the use it to access parent
810Frame: '<!--framePath //<!--frame0-->-->'
911--------
1012PASS: canGet('parentWindow.location.href') should be 'false' and is.
 13PASS: accessThrowsException('parentWindow.location.href') should be 'true' and is.
 14

LayoutTests/http/tests/security/cross-frame-access-location-get-expected.txt

@@CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://local
2222
2323CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
2424
 25CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 26
 27CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 28
 29CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 30
 31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 32
 33CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 34
 35CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 36
 37CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 38
 39CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 40
 41CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 42
 43CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 44
 45CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 46
2547
2648
2749----- tests for getting window.location's properties -----

@@PASS: canGet('targetWindow.location') should be 'true' and is.
3052PASS: toString('targetWindow.location', '') should be '' and is.
3153Firefox allows access to 'location.toString' but throws an exception when you call it.
3254PASS: canGet('targetWindow.location.toString') should be 'false' and is.
 55PASS: accessThrowsException('targetWindow.location.toString') should be 'true' and is.
3356PASS: canGet('targetWindow.location.href') should be 'false' and is.
3457PASS: canGet('targetWindow.location.hash') should be 'false' and is.
3558PASS: canGet('targetWindow.location.host') should be 'false' and is.

@@PASS: canGet('targetWindow.location.pathname') should be 'false' and is.
3861PASS: canGet('targetWindow.location.port') should be 'false' and is.
3962PASS: canGet('targetWindow.location.protocol') should be 'false' and is.
4063PASS: canGet('targetWindow.location.search') should be 'false' and is.
 64PASS: canGet('targetWindow.location.existingCustomProperty') should be 'false' and is.
 65PASS: canGet('targetWindow.location[1]') should be 'false' and is.
 66PASS: accessThrowsException('targetWindow.location.href') should be 'true' and is.
 67PASS: accessThrowsException('targetWindow.location.hash') should be 'true' and is.
 68PASS: accessThrowsException('targetWindow.location.host') should be 'true' and is.
 69PASS: accessThrowsException('targetWindow.location.hostname') should be 'true' and is.
 70PASS: accessThrowsException('targetWindow.location.pathname') should be 'true' and is.
 71PASS: accessThrowsException('targetWindow.location.port') should be 'true' and is.
 72PASS: accessThrowsException('targetWindow.location.protocol') should be 'true' and is.
 73PASS: accessThrowsException('targetWindow.location.search') should be 'true' and is.
 74PASS: accessThrowsException('targetWindow.location.existingCustomProperty') should be 'true' and is.
 75PASS: accessThrowsException('targetWindow.location[1]') should be 'true' and is.
4176PASS: canGet('targetWindow.location.assign') should be 'true' and is.
4277PASS: canGet('targetWindow.location.reload') should be 'true' and is.
4378PASS: canGet('targetWindow.location.replace') should be 'true' and is.
44 PASS: canGet('targetWindow.location.existingCustomProperty') should be 'false' and is.
4579

LayoutTests/http/tests/security/cross-frame-access-location-get.html

4141
4242 log("Firefox allows access to 'location.toString' but throws an exception when you call it.");
4343 shouldBeFalse("canGet('targetWindow.location.toString')");
 44 shouldBeTrue("accessThrowsException('targetWindow.location.toString')");
4445
4546 shouldBeFalse("canGet('targetWindow.location.href')");
4647 shouldBeFalse("canGet('targetWindow.location.hash')");

5051 shouldBeFalse("canGet('targetWindow.location.port')");
5152 shouldBeFalse("canGet('targetWindow.location.protocol')");
5253 shouldBeFalse("canGet('targetWindow.location.search')");
 54 shouldBeFalse("canGet('targetWindow.location.existingCustomProperty')");
 55 shouldBeFalse("canGet('targetWindow.location[1]')");
 56
 57 shouldBeTrue("accessThrowsException('targetWindow.location.href')");
 58 shouldBeTrue("accessThrowsException('targetWindow.location.hash')");
 59 shouldBeTrue("accessThrowsException('targetWindow.location.host')");
 60 shouldBeTrue("accessThrowsException('targetWindow.location.hostname')");
 61 shouldBeTrue("accessThrowsException('targetWindow.location.pathname')");
 62 shouldBeTrue("accessThrowsException('targetWindow.location.port')");
 63 shouldBeTrue("accessThrowsException('targetWindow.location.protocol')");
 64 shouldBeTrue("accessThrowsException('targetWindow.location.search')");
 65 shouldBeTrue("accessThrowsException('targetWindow.location.existingCustomProperty')");
 66 shouldBeTrue("accessThrowsException('targetWindow.location[1]')");
5367
5468 shouldBeTrue("canGet('targetWindow.location.assign')");
5569 shouldBeTrue("canGet('targetWindow.location.reload')");
5670 shouldBeTrue("canGet('targetWindow.location.replace')");
5771
58  shouldBeFalse("canGet('targetWindow.location.existingCustomProperty')");
5972 }
6073 </script>
6174</head>

LayoutTests/http/tests/security/resources/cross-frame-access.js

@@function canGet(keyPath)
5858 }
5959}
6060
 61function accessThrowsException(keyPath) {
 62 try {
 63 eval("window." + keyPath);
 64 return false;
 65 } catch (e) {
 66 return true;
 67 }
 68}
 69
6170function canGetDescriptor(target, property)
6271{
6372 try {

LayoutTests/http/tests/security/resources/cross-frame-iframe-callback-explicit-domain-DENY.html

11<script src="cross-frame-access.js"></script>
22<body>
3 <div id=console></div>
 3<pre id=console></pre>
44<script>
55var parentWindow = window.parent;
66parentWindow.testFunction = function()
77{
88 shouldBeFalse("canGet('parentWindow.location.href')");
 9 shouldBeTrue("accessThrowsException('parentWindow.location.href')");
910 if (window.testRunner)
1011 testRunner.notifyDone();
1112}

LayoutTests/http/tests/security/resources/cross-frame-iframe-for-location-get-test.html

11<html>
22<head>
33 <script>
4  window.location.existingCustomProperty = 1;
 4 window.location.existingCustomProperty = 1;
 5 window.location[1] = 1;
56
67 window.onload = function()
78 {

LayoutTests/platform/chromium/http/tests/security/cross-frame-access-callback-explicit-domain-DENY-expected.txt

 1CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/cross-frame-access-callback-explicit-domain-DENY.html from frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe-callback-explicit-domain-DENY.html. The frame requesting access set 'document.domain' to '127.0.0.1', but the frame being accessed did not. Both must set 'document.domain' to the same value to allow access.
 2
 3CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:8000/security/cross-frame-access-callback-explicit-domain-DENY.html from frame with URL http://127.0.0.1:8000/security/resources/cross-frame-iframe-callback-explicit-domain-DENY.html. The frame requesting access set 'document.domain' to '127.0.0.1', but the frame being accessed did not. Both must set 'document.domain' to the same value to allow access.
 4
 5Test that a child frame can't define a function and the use it to access parent properties after document.domain write blocks the access.
 6
 7
 8
 9--------
 10Frame: '<!--framePath //<!--frame0-->-->'
 11--------
 12PASS: canGet('parentWindow.location.href') should be 'false' and is.
 13*** FAIL: accessThrowsException('parentWindow.location.href') should be 'true' but instead is false. ***
 14

LayoutTests/platform/chromium/http/tests/security/cross-frame-access-location-get-expected.txt

 1CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 2
 3CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 4
 5CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 6
 7CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 8
 9CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 10
 11CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 12
 13CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 14
 15CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 16
 17CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 18
 19CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 20
 21CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 22
 23CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 24
 25CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 26
 27CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 28
 29CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 30
 31CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 32
 33CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 34
 35CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 36
 37CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 38
 39CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 40
 41CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 42
 43CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 44
 45CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 46
 47CONSOLE MESSAGE: Unsafe JavaScript attempt to access frame with URL http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html from frame with URL http://127.0.0.1:8000/security/cross-frame-access-location-get.html. Domains, protocols and ports must match.
 48
 49
 50
 51----- tests for getting window.location's properties -----
 52
 53PASS: canGet('targetWindow.location') should be 'true' and is.
 54PASS: toString('targetWindow.location', '') should be '' and is.
 55Firefox allows access to 'location.toString' but throws an exception when you call it.
 56PASS: canGet('targetWindow.location.toString') should be 'false' and is.
 57*** FAIL: accessThrowsException('targetWindow.location.toString') should be 'true' but instead is false. ***
 58PASS: canGet('targetWindow.location.href') should be 'false' and is.
 59PASS: canGet('targetWindow.location.hash') should be 'false' and is.
 60PASS: canGet('targetWindow.location.host') should be 'false' and is.
 61PASS: canGet('targetWindow.location.hostname') should be 'false' and is.
 62PASS: canGet('targetWindow.location.pathname') should be 'false' and is.
 63PASS: canGet('targetWindow.location.port') should be 'false' and is.
 64PASS: canGet('targetWindow.location.protocol') should be 'false' and is.
 65PASS: canGet('targetWindow.location.search') should be 'false' and is.
 66PASS: canGet('targetWindow.location.existingCustomProperty') should be 'false' and is.
 67PASS: canGet('targetWindow.location[1]') should be 'false' and is.
 68*** FAIL: accessThrowsException('targetWindow.location.href') should be 'true' but instead is false. ***
 69*** FAIL: accessThrowsException('targetWindow.location.hash') should be 'true' but instead is false. ***
 70*** FAIL: accessThrowsException('targetWindow.location.host') should be 'true' but instead is false. ***
 71*** FAIL: accessThrowsException('targetWindow.location.hostname') should be 'true' but instead is false. ***
 72*** FAIL: accessThrowsException('targetWindow.location.pathname') should be 'true' but instead is false. ***
 73*** FAIL: accessThrowsException('targetWindow.location.port') should be 'true' but instead is false. ***
 74*** FAIL: accessThrowsException('targetWindow.location.protocol') should be 'true' but instead is false. ***
 75*** FAIL: accessThrowsException('targetWindow.location.search') should be 'true' but instead is false. ***
 76*** FAIL: accessThrowsException('targetWindow.location.existingCustomProperty') should be 'true' but instead is false. ***
 77*** FAIL: accessThrowsException('targetWindow.location[1]') should be 'true' but instead is false. ***
 78PASS: canGet('targetWindow.location.assign') should be 'true' and is.
 79PASS: canGet('targetWindow.location.reload') should be 'true' and is.
 80PASS: canGet('targetWindow.location.replace') should be 'true' and is.
 81