Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-06-06 16:45:39 +00:00
Code Issues Projects Releases Packages Wiki Activity

Implement attribute and property lookup for Trusted Types (#36422)

Browse source 
These algorithms are used to check whether an attribute/property can
accept a Trusted Type.

Part of #36258

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This commit is contained in:
Tim van der Lippe 2025-04-11 10:38:00 +02:00 committed by GitHub
parent 2c7aeca404
commit 0aa08042d5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 143 additions and 192 deletions
Download patch file Download diff file Expand all files Collapse all files

13
tests/wpt/meta/trusted-types/HTMLElement-generic.html.ini vendored
View file

@ -1,5 +1,4 @@
[HTMLElement-generic.html]
expected: ERROR
[TT enabled: script.src\n = String on a\n connected element\n ]
expected: FAIL
@ -71,3 +70,15 @@
[TT enabled: script.textContent\n = String on a\n non-connected element\n after removing the "require-trusted-types-for 'script' directive]
expected: FAIL
[TT enabled: script.src\n = TrustedScript on a\n connected element\n ]
expected: FAIL
[TT enabled: script.src\n = TrustedScript on a\n non-connected element\n ]
expected: FAIL
[TT enabled: script.src\n = TrustedScript on a\n connected element\n after removing the "require-trusted-types-for 'script' directive]
expected: FAIL
[TT enabled: script.src\n = TrustedScript on a\n non-connected element\n after removing the "require-trusted-types-for 'script' directive]
expected: FAIL

63
tests/wpt/meta/trusted-types/TrustedTypePolicyFactory-getAttributeType-namespace.html.ini vendored
View file

@ -1,63 +0,0 @@
[TrustedTypePolicyFactory-getAttributeType-namespace.html]
[0: getAttributeType with full namespace info.]
expected: FAIL
[0: getAttributeType with element namespace and empty attribute namespace]
expected: FAIL
[0: getAttributeType without namespaces.]
expected: FAIL
[0: getAttributeType with undefined and empty namespace.]
expected: FAIL
[0: getAttributeType with empty and undefined namespace.]
expected: FAIL
[0: getAttributeType with empty namespaces.]
expected: FAIL
[0: getAttributeType with element namespace and empty attribute namespace.]
expected: FAIL
[1: getAttributeType with full namespace info.]
expected: FAIL
[1: getAttributeType with element namespace and empty attribute namespace]
expected: FAIL
[1: getAttributeType without namespaces.]
expected: FAIL
[1: getAttributeType with undefined and empty namespace.]
expected: FAIL
[1: getAttributeType with empty and undefined namespace.]
expected: FAIL
[1: getAttributeType with empty namespaces.]
expected: FAIL
[1: getAttributeType with element namespace and empty attribute namespace.]
expected: FAIL
[2: getAttributeType with full namespace info.]
expected: FAIL
[2: getAttributeType with element namespace and empty attribute namespace]
expected: FAIL
[2: getAttributeType without namespaces.]
expected: FAIL
[2: getAttributeType with undefined and empty namespace.]
expected: FAIL
[2: getAttributeType with empty and undefined namespace.]
expected: FAIL
[2: getAttributeType with empty namespaces.]
expected: FAIL
[2: getAttributeType with element namespace and empty attribute namespace.]
expected: FAIL

12
tests/wpt/meta/trusted-types/TrustedTypePolicyFactory-getAttributeType-svg.html.ini vendored
View file

@ -1,12 +0,0 @@
[TrustedTypePolicyFactory-getAttributeType-svg.html]
[trustedTypes.getAttributeType html script[href\]]
expected: FAIL
[trustedTypes.getAttributeType svg script[href\]]
expected: FAIL
[trustedTypes.getAttributeType svg script[href\] xlink href]
expected: FAIL
[trustedTypes.getAttributeType svg script[href\] other href]
expected: FAIL

60
tests/wpt/meta/trusted-types/TrustedTypePolicyFactory-getAttributeType.html.ini vendored
View file

@ -7,63 +7,3 @@
[getAttributeType(\n "mrow",\n "onmousedown",\n "http://www.w3.org/1998/Math/MathML",\n "null") == "TrustedScript"]
expected: FAIL
[getAttributeType(\n "IFRAME",\n "srcdoc",\n "http://www.w3.org/1999/xhtml",\n "null") == "TrustedHTML"]
expected: FAIL
[getAttributeType(\n "SCRIPT",\n "src",\n "http://www.w3.org/1999/xhtml",\n "null") == "TrustedScriptURL"]
expected: FAIL
[getAttributeType(\n "script",\n "href",\n "http://www.w3.org/2000/svg",\n "null") == "TrustedScriptURL"]
expected: FAIL
[getAttributeType(\n "script",\n "href",\n "http://www.w3.org/2000/svg",\n "http://www.w3.org/1999/xlink") == "TrustedScriptURL"]
expected: FAIL
[getAttributeType(\n "foo",\n "onmouseup",\n "https://example.com/namespace",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "DIV",\n "onclick",\n "http://www.w3.org/1999/xhtml",\n "https://example.com/namespace") == "null"]
expected: FAIL
[getAttributeType(\n "DIV",\n "ondoesnotexist",\n "http://www.w3.org/1999/xhtml",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "DIV",\n "data-onclick",\n "http://www.w3.org/1999/xhtml",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "DIV",\n "srcdoc",\n "http://www.w3.org/1999/xhtml",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "iframe",\n "srcdoc",\n "https://example.com/namespace",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "IFRAME",\n "srcdoc",\n "http://www.w3.org/1999/xhtml",\n "https://example.com/namespace") == "null"]
expected: FAIL
[getAttributeType(\n "IFRAME",\n "data-srcdoc",\n "http://www.w3.org/1999/xhtml",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "DIV",\n "src",\n "http://www.w3.org/1999/xhtml",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "script",\n "src",\n "https://example.com/namespace",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "SCRIPT",\n "src",\n "http://www.w3.org/1999/xhtml",\n "https://example.com/namespace") == "null"]
expected: FAIL
[getAttributeType(\n "SCRIPT",\n "data-src",\n "http://www.w3.org/1999/xhtml",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "g",\n "href",\n "http://www.w3.org/2000/svg",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "SCRIPT",\n "href",\n "http://www.w3.org/1999/xhtml",\n "null") == "null"]
expected: FAIL
[getAttributeType(\n "script",\n "href",\n "http://www.w3.org/2000/svg",\n "https://example.com/namespace") == "null"]
expected: FAIL
[getAttributeType(\n "script",\n "src",\n "http://www.w3.org/2000/svg",\n "null") == "null"]
expected: FAIL

39
tests/wpt/meta/trusted-types/TrustedTypePolicyFactory-getPropertyType.tentative.html.ini vendored
View file

@ -1,48 +1,9 @@
[TrustedTypePolicyFactory-getPropertyType.tentative.html]
[sanity check trustedTypes.getPropertyType for the HTML script element.]
expected: FAIL
[sanity check trustedTypes.getAttributeType.]
expected: FAIL
[getPropertyType tests adapted from w3c/trusted-types polyfill]
expected: FAIL
[getAttributeType tests adapted from w3c/trusted-types polyfill]
expected: FAIL
[iframe.srcDoc is maybe defined]
expected: FAIL
[IFRAME.srcDoc is maybe defined]
expected: FAIL
[iFrAmE.srcDoc is maybe defined]
expected: FAIL
[iframe.SRCDOC is maybe defined]
expected: FAIL
[IFRAME.SRCDOC is maybe defined]
expected: FAIL
[iFrAmE.SRCDOC is maybe defined]
expected: FAIL
[getPropertyType vs getAttributeType for event handler.]
expected: FAIL
[ASCII case-insensitivity of tag name and attribute parameters]
expected: FAIL
[getPropertyType with an explicit elementNs parameter]
expected: FAIL
[getAttributeType with explicit elementNs and attrNs parameters]
expected: FAIL
[getAttributeType with qualified attribute name]
expected: FAIL
[getPropertyType/getAttributeType with explicit null elementNs/attrNs]
expected: FAIL

6
tests/wpt/meta/trusted-types/legacy-trusted-script-urls.html.ini vendored
View file

@ -1,6 +0,0 @@
[legacy-trusted-script-urls.html]
[getPropertyType() with legacy TrustedScriptURLs properties return null.]
expected: FAIL
[getAttributeType() with legacy TrustedScriptURLs attributes return null.]
expected: FAIL