Window.isSecureContext tests
Use iframe
Use pop-up
Reuse existing iframe/popup
Sandbox iframe
Make popup disown opener
Remove iframe
about:blank
data:
srcdoc
blob:
javascript:
http:
https:
document.write (click about:blank first)
modify document DOM (click about:blank first)
set location.href in this window
set location.href in popup
alert window.isSecureContext for target