diff --git a/spec/api-browser-window-spec.js b/spec/api-browser-window-spec.js
index 58c8cecc1165..ee5281e99d9e 100644
--- a/spec/api-browser-window-spec.js
+++ b/spec/api-browser-window-spec.js
@@ -1555,41 +1555,42 @@ describe('BrowserWindow module', () => {
         })
       })
 
-      it('should open windows in another domain with cross-scripting disabled', (done) => {
-        w.destroy()
-        w = new BrowserWindow({
+      it('should open windows in another domain with cross-scripting disabled', async () => {
+        const w = await openTheWindow({
           show: false,
           webPreferences: {
             sandbox: true,
-            preload: preload
+            preload
           }
         })
+
         ipcRenderer.send('set-web-preferences-on-next-new-window', w.webContents.id, 'preload', preload)
-        let popupWindow
         w.loadFile(path.join(fixtures, 'api', 'sandbox.html'), { search: 'window-open-external' })
-        w.webContents.once('new-window', (e, url, frameName, disposition, options) => {
-          assert.strictEqual(url, 'http://www.google.com/#q=electron')
-          assert.strictEqual(options.width, 505)
-          assert.strictEqual(options.height, 605)
-          ipcMain.once('child-loaded', function (event, openerIsNull, html) {
-            assert(openerIsNull)
-            assert.strictEqual(html, '<h1>http://www.google.com/#q=electron</h1>')
-            ipcMain.once('answer', function (event, exceptionMessage) {
-              assert(/Blocked a frame with origin/.test(exceptionMessage))
+        const expectedPopupUrl = 'http://www.google.com/#q=electron' // Set in the "sandbox.html".
 
-              // FIXME this popup window should be closed in sandbox.html
-              closeWindow(popupWindow, { assertSingleWindow: false }).then(() => {
-                popupWindow = null
-                done()
-              })
-            })
-            w.webContents.send('child-loaded')
-          })
-        })
+        // The page is going to open a popup that it won't be able to close.
+        // We have to close it from here later.
+        // XXX(alexeykuzmin): It will leak if the test fails too soon.
+        const [, popupWindow] = await emittedOnce(app, 'browser-window-created')
 
-        app.once('browser-window-created', function (event, window) {
-          popupWindow = window
-        })
+        // Wait for a message from the popup's preload script.
+        const [, openerIsNull, html, locationHref] = await emittedOnce(ipcMain, 'child-loaded')
+        expect(openerIsNull).to.be.true('window.opener is not null')
+        expect(html).to.equal(`<h1>${expectedPopupUrl}</h1>`,
+          'looks like a http: request has not been intercepted locally')
+        expect(locationHref).to.equal(expectedPopupUrl)
+
+        // Ask the page to access the popup.
+        w.webContents.send('touch-the-popup')
+        const [, exceptionMessage] = await emittedOnce(ipcMain, 'answer')
+
+        // We don't need the popup anymore, and its parent page can't close it,
+        // so let's close it from here before we run any checks.
+        await closeWindow(popupWindow, { assertSingleWindow: false })
+
+        expect(exceptionMessage).to.be.a('string',
+          `child's .document is accessible from its parent window`)
+        expect(exceptionMessage).to.match(/^Blocked a frame with origin/)
       })
 
       it('should inherit the sandbox setting in opened windows', (done) => {
diff --git a/spec/fixtures/api/sandbox.html b/spec/fixtures/api/sandbox.html
index e745e7a62d42..10263e0f5785 100644
--- a/spec/fixtures/api/sandbox.html
+++ b/spec/fixtures/api/sandbox.html
@@ -81,12 +81,14 @@
       },
       'window-open-external': () => {
         addEventListener('load', () => {
-          ipcRenderer.once('child-loaded', (e) => {
+          ipcRenderer.once('touch-the-popup', () => {
+            let errorMessage = null
             try {
-              let childDoc = popup.document
-            } catch (e) {
-              ipcRenderer.send('answer', e.message)
+              const childDoc = popup.document
+            } catch (error) {
+              errorMessage = error.message
             }
+            ipcRenderer.send('answer', errorMessage)
           })
           popup = open('http://www.google.com/#q=electron', '', 'top=65,left=55,width=505,height=605')
         })
diff --git a/spec/fixtures/module/preload-sandbox.js b/spec/fixtures/module/preload-sandbox.js
index 203e9414dcf3..750ebdbc0392 100644
--- a/spec/fixtures/module/preload-sandbox.js
+++ b/spec/fixtures/module/preload-sandbox.js
@@ -23,7 +23,7 @@
     }
   } else if (location.href !== 'about:blank') {
     addEventListener('DOMContentLoaded', () => {
-      ipcRenderer.send('child-loaded', window.opener == null, document.body.innerHTML)
+      ipcRenderer.send('child-loaded', window.opener == null, document.body.innerHTML, location.href)
     }, false)
   }
 })()