Bug 305615

When setting the .src attribute of cross-origin frames/iframes to javascript: urls, WebKit should block the setter from modifying a cross-origin frame but currently doesn't with site isolation enabled. The following 12 tests fail since they don't throw SecurityErrors to block setting of src attribute on cross-origin iframes. LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-getAttribute-value.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-htmldom.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttribute.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNS.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNode.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-frame-src-setAttributeNodeNS.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-getAttribute-value.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-htmldom.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttribute.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNS.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNode.html LayoutTests/http/tests/security/javascriptURL/javascriptURL-execution-context-iframe-src-setAttributeNodeNS.html