What exactly can an IFrame do with the top.Location object (cross-domain)?

There is a very particular edge case in cross-domain policies regarding the window.top.Location object...

Let's say I have IFrame A , in domain www.bbb.com, living inside a page in domain www.aaa.com.

The page inside the IFrame can:

• Compare window.top.location to window.location (to detect whether it's being framed)
• Call window.top.location.replace(window.location) to redirect to self
• Call window.top.location.replace("any arbitrary string") to redirect somewhere else

But it cannot:

• Alert, Document.Write, or do any kind of output of window.top.location.href
• Concatenate it in any other variable, or use it in any useful way
• Call window.top.location.reload()

These are just the ones I could quickly find. I'm sure there are other edge cases.
It seems like the browser is not allowing the use of the top.location object if the top is in another domain, except for a few whitelisted things...

Is this documented anywhere?
Can I find what these whitelisted things are?
Is this in the HTML standard, and implemented equally in all browsers? Or is the implementation of this semi-random?