Implement trusted types for setAttribute (#38700)

Callers now call `set_attribute` directly, to avoid the trusted types
machinery, as well as skip validation. That's not required by spec as
well.

This implements part of the DOM integration from
https://github.com/whatwg/dom/pull/1268

Part of #36258

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>

components/script/devtools.rs

@@ -11,11 +11,13 @@ use devtools_traits::{
     AttrModification, AutoMargins, ComputedNodeLayout, CssDatabaseProperty, EvaluateJSReply,
     NodeInfo, NodeStyle, RuleModification, TimelineMarker, TimelineMarkerType,
 };
+use html5ever::LocalName;
 use ipc_channel::ipc::IpcSender;
 use js::conversions::jsstr_to_string;
 use js::jsval::UndefinedValue;
 use js::rust::ToString;
 use servo_config::pref;
+use style::attr::AttrValue;
 use uuid::Uuid;
 
 use crate::document_collection::DocumentCollection;
@@ -435,9 +437,9 @@ pub(crate) fn handle_modify_attribute(
     for modification in modifications {
         match modification.new_value {
             Some(string) => {
-                let _ = elem.SetAttribute(
+                elem.set_attribute(
-                    DOMString::from(modification.attribute_name),
+                    &LocalName::from(modification.attribute_name),
-                    DOMString::from(string),
+                    AttrValue::String(string),
                     can_gc,
                 );
             },

components/script/dom/element.rs

@@ -87,7 +87,9 @@ use crate::dom::bindings::codegen::Bindings::WindowBinding::{
 };
 use crate::dom::bindings::codegen::UnionTypes::{
     BooleanOrScrollIntoViewOptions, NodeOrString, TrustedHTMLOrNullIsEmptyString,
-    TrustedHTMLOrString, TrustedScriptURLOrUSVString,
+    TrustedHTMLOrString,
+    TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString as TrustedTypeOrString,
+    TrustedScriptURLOrUSVString,
 };
 use crate::dom::bindings::conversions::DerivedFrom;
 use crate::dom::bindings::domname::{
@@ -161,6 +163,7 @@ use crate::dom::servoparser::ServoParser;
 use crate::dom::shadowroot::{IsUserAgentWidget, ShadowRoot};
 use crate::dom::text::Text;
 use crate::dom::trustedhtml::TrustedHTML;
+use crate::dom::trustedtypepolicyfactory::TrustedTypePolicyFactory;
 use crate::dom::validation::Validatable;
 use crate::dom::validitystate::ValidationFlags;
 use crate::dom::virtualmethods::{VirtualMethods, vtable_for};
@@ -752,7 +755,7 @@ impl Element {
 
     // https://html.spec.whatwg.org/multipage/#translation-mode
     pub(crate) fn is_translate_enabled(&self) -> bool {
-        let name = &html5ever::local_name!("translate");
+        let name = &local_name!("translate");
         if self.has_attribute(name) {
             match_ignore_ascii_case! { &*self.get_string_attribute(name),
                 "yes" | "" => return true,
@@ -3155,17 +3158,39 @@ impl ElementMethods<crate::DomTypeHolder> for Element {
     }
 
     /// <https://dom.spec.whatwg.org/#dom-element-setattribute>
-    fn SetAttribute(&self, name: DOMString, value: DOMString, can_gc: CanGc) -> ErrorResult {
+    fn SetAttribute(
-        // Step 1. If qualifiedName is not a valid attribute local name,
+        &self,
-        //      then throw an "InvalidCharacterError" DOMException.
+        name: DOMString,
+        value: TrustedTypeOrString,
+        can_gc: CanGc,
+    ) -> ErrorResult {
+        // Step 1. If qualifiedName does not match the Name production in XML,
+        // then throw an "InvalidCharacterError" DOMException.
         if !is_valid_attribute_local_name(&name) {
             return Err(Error::InvalidCharacter);
         }
 
-        // Step 2.
+        // Step 2. If this is in the HTML namespace and its node document is an HTML document,
+        // then set qualifiedName to qualifiedName in ASCII lowercase.
         let name = self.parsed_name(name);
 
-        // Step 3-5.
+        // Step 3. Let verifiedValue be the result of calling get
+        // Trusted Types-compliant attribute value with qualifiedName, null,
+        // this, and value. [TRUSTED-TYPES]
+        let value = TrustedTypePolicyFactory::get_trusted_types_compliant_attribute_value(
+            self.namespace(),
+            self.local_name(),
+            &name,
+            None,
+            value,
+            &self.owner_global(),
+            can_gc,
+        )?;
+
+        // Step 4. Let attribute be the first attribute in this’s attribute list whose qualified name is qualifiedName, and null otherwise.
+        // Step 5. If attribute is null, create an attribute whose local name is qualifiedName, value is verifiedValue, and node document
+        // is this’s node document, then append this attribute to this, and then return.
+        // Step 6. Change attribute to verifiedValue.
         let value = self.parse_attribute(&ns!(), &name, value);
         self.set_first_matching_attribute(
             name.clone(),
@@ -3184,20 +3209,29 @@ impl ElementMethods<crate::DomTypeHolder> for Element {
         &self,
         namespace: Option<DOMString>,
         qualified_name: DOMString,
-        value: DOMString,
+        value: TrustedTypeOrString,
         can_gc: CanGc,
     ) -> ErrorResult {
-        // Step 1. Let (namespace, prefix, localName) be the result of validating and
+        // Step 1. Let namespace, prefix, and localName be the result of passing namespace and qualifiedName to validate and extract.
-        //      extracting namespace and qualifiedName given "element".
-        let context = domname::Context::Element;
         let (namespace, prefix, local_name) =
-            domname::validate_and_extract(namespace, &qualified_name, context)?;
+            domname::validate_and_extract(namespace, &qualified_name, domname::Context::Element)?;
-        let qualified_name = LocalName::from(qualified_name);
+        // Step 2. Let verifiedValue be the result of calling get
+        // Trusted Types-compliant attribute value with localName, namespace, element, and value. [TRUSTED-TYPES]
+        let value = TrustedTypePolicyFactory::get_trusted_types_compliant_attribute_value(
+            self.namespace(),
+            self.local_name(),
+            &local_name,
+            Some(&namespace),
+            value,
+            &self.owner_global(),
+            can_gc,
+        )?;
+        // Step 3. Set an attribute value for this using localName, verifiedValue, and also prefix and namespace.
         let value = self.parse_attribute(&namespace, &local_name, value);
         self.set_first_matching_attribute(
             local_name.clone(),
             value,
-            qualified_name,
+            LocalName::from(qualified_name),
             namespace.clone(),
             prefix,
             |attr| *attr.local_name() == local_name && *attr.namespace() == namespace,

components/script/dom/htmlaudioelement.rs

@@ -5,8 +5,8 @@
 use dom_struct::dom_struct;
 use html5ever::{LocalName, Prefix, QualName, local_name, ns};
 use js::rust::HandleObject;
+use style::attr::AttrValue;
 
-use crate::dom::bindings::codegen::Bindings::ElementBinding::Element_Binding::ElementMethods;
 use crate::dom::bindings::codegen::Bindings::HTMLAudioElementBinding::HTMLAudioElementMethods;
 use crate::dom::bindings::codegen::Bindings::WindowBinding::WindowMethods;
 use crate::dom::bindings::error::Fallible;
@@ -75,15 +75,17 @@ impl HTMLAudioElementMethods<crate::DomTypeHolder> for HTMLAudioElement {
 
         let audio = DomRoot::downcast::<HTMLAudioElement>(element).unwrap();
 
-        audio
+        audio.upcast::<Element>().set_attribute(
-            .upcast::<Element>()
+            &local_name!("preload"),
-            .SetAttribute(DOMString::from("preload"), DOMString::from("auto"), can_gc)
+            AttrValue::String("auto".to_owned()),
-            .expect("should be infallible");
+            can_gc,
+        );
         if let Some(s) = src {
-            audio
+            audio.upcast::<Element>().set_attribute(
-                .upcast::<Element>()
+                &local_name!("src"),
-                .SetAttribute(DOMString::from("src"), s, can_gc)
+                AttrValue::String(s.into()),
-                .expect("should be infallible");
+                can_gc,
+            );
         }
 
         Ok(audio)

components/script/dom/trustedhtml.rs

@@ -17,7 +17,7 @@ use crate::dom::bindings::root::DomRoot;
 use crate::dom::bindings::str::DOMString;
 use crate::dom::globalscope::GlobalScope;
 use crate::dom::trustedtypepolicy::TrustedType;
-use crate::dom::trustedtypepolicyfactory::TrustedTypePolicyFactory;
+use crate::dom::trustedtypepolicyfactory::{DEFAULT_SCRIPT_SINK_GROUP, TrustedTypePolicyFactory};
 use crate::script_runtime::CanGc;
 
 #[dom_struct]
@@ -53,7 +53,7 @@ impl TrustedHTML {
                     global,
                     value,
                     sink,
-                    "'script'",
+                    DEFAULT_SCRIPT_SINK_GROUP,
                     can_gc,
                 )
             },
@@ -61,6 +61,10 @@ impl TrustedHTML {
             TrustedHTMLOrString::TrustedHTML(trusted_html) => Ok(trusted_html.data.clone()),
         }
     }
+
+    pub(crate) fn data(&self) -> DOMString {
+        self.data.clone()
+    }
 }
 
 impl fmt::Display for TrustedHTML {

components/script/dom/trustedscript.rs

@@ -16,7 +16,7 @@ use crate::dom::bindings::str::DOMString;
 use crate::dom::csp::CspReporting;
 use crate::dom::globalscope::GlobalScope;
 use crate::dom::trustedtypepolicy::TrustedType;
-use crate::dom::trustedtypepolicyfactory::TrustedTypePolicyFactory;
+use crate::dom::trustedtypepolicyfactory::{DEFAULT_SCRIPT_SINK_GROUP, TrustedTypePolicyFactory};
 use crate::script_runtime::{CanGc, JSContext};
 
 #[dom_struct]
@@ -52,7 +52,7 @@ impl TrustedScript {
                     global,
                     value,
                     sink,
-                    "'script'",
+                    DEFAULT_SCRIPT_SINK_GROUP,
                     can_gc,
                 )
             },

components/script/dom/trustedscripturl.rs

@@ -14,7 +14,7 @@ use crate::dom::bindings::root::DomRoot;
 use crate::dom::bindings::str::DOMString;
 use crate::dom::globalscope::GlobalScope;
 use crate::dom::trustedtypepolicy::TrustedType;
-use crate::dom::trustedtypepolicyfactory::TrustedTypePolicyFactory;
+use crate::dom::trustedtypepolicyfactory::{DEFAULT_SCRIPT_SINK_GROUP, TrustedTypePolicyFactory};
 use crate::script_runtime::CanGc;
 
 #[dom_struct]
@@ -52,7 +52,7 @@ impl TrustedScriptURL {
                     global,
                     value.as_ref().into(),
                     &sink,
-                    "'script'",
+                    DEFAULT_SCRIPT_SINK_GROUP,
                     can_gc,
                 )
             },
@@ -61,6 +61,10 @@ impl TrustedScriptURL {
             },
         }
     }
+
+    pub(crate) fn data(&self) -> DOMString {
+        self.data.clone()
+    }
 }
 
 impl fmt::Display for TrustedScriptURL {

components/script/dom/trustedtypepolicy.rs

@@ -6,13 +6,14 @@ use std::rc::Rc;
 
 use dom_struct::dom_struct;
 use js::rust::HandleValue;
-use strum_macros::IntoStaticStr;
+use strum_macros::AsRefStr;
 
 use crate::dom::bindings::callback::ExceptionHandling;
 use crate::dom::bindings::codegen::Bindings::TrustedTypePolicyBinding::TrustedTypePolicyMethods;
 use crate::dom::bindings::codegen::Bindings::TrustedTypePolicyFactoryBinding::{
     CreateHTMLCallback, CreateScriptCallback, CreateScriptURLCallback, TrustedTypePolicyOptions,
 };
+use crate::dom::bindings::codegen::UnionTypes::TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString as TrustedTypeOrString;
 use crate::dom::bindings::error::Error::Type;
 use crate::dom::bindings::error::Fallible;
 use crate::dom::bindings::reflector::{DomGlobal, DomObject, Reflector, reflect_dom_object};
@@ -38,13 +39,29 @@ pub struct TrustedTypePolicy {
     create_script_url: Option<Rc<CreateScriptURLCallback>>,
 }
 
-#[derive(Clone, IntoStaticStr)]
+#[derive(AsRefStr, Clone)]
 pub(crate) enum TrustedType {
     TrustedHTML,
     TrustedScript,
     TrustedScriptURL,
 }
 
+impl TrustedType {
+    pub(crate) fn matches_idl_trusted_type(&self, idl_trusted_type: &TrustedTypeOrString) -> bool {
+        match self {
+            TrustedType::TrustedHTML => {
+                matches!(idl_trusted_type, TrustedTypeOrString::TrustedHTML(_))
+            },
+            TrustedType::TrustedScript => {
+                matches!(idl_trusted_type, TrustedTypeOrString::TrustedScript(_))
+            },
+            TrustedType::TrustedScriptURL => {
+                matches!(idl_trusted_type, TrustedTypeOrString::TrustedScriptURL(_))
+            },
+        }
+    }
+}
+
 impl TrustedTypePolicy {
     fn new_inherited(name: String, options: &TrustedTypePolicyOptions) -> Self {
         Self {

components/script/dom/trustedtypepolicyfactory.rs

@@ -9,9 +9,11 @@ use js::jsval::NullValue;
 use js::rust::HandleValue;
 use script_bindings::conversions::SafeToJSValConvertible;
 
+use crate::conversions::Convert;
 use crate::dom::bindings::codegen::Bindings::TrustedTypePolicyFactoryBinding::{
     TrustedTypePolicyFactoryMethods, TrustedTypePolicyOptions,
 };
+use crate::dom::bindings::codegen::UnionTypes::TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString as TrustedTypeOrString;
 use crate::dom::bindings::conversions::root_from_handlevalue;
 use crate::dom::bindings::error::{Error, Fallible};
 use crate::dom::bindings::reflector::{DomGlobal, Reflector, reflect_dom_object};
@@ -33,6 +35,19 @@ pub struct TrustedTypePolicyFactory {
     policy_names: RefCell<Vec<String>>,
 }
 
+pub(crate) static DEFAULT_SCRIPT_SINK_GROUP: &str = "'script'";
+
+impl Convert<DOMString> for TrustedTypeOrString {
+    fn convert(self) -> DOMString {
+        match self {
+            TrustedTypeOrString::TrustedHTML(trusted_html) => trusted_html.data(),
+            TrustedTypeOrString::TrustedScript(trusted_script) => trusted_script.data(),
+            TrustedTypeOrString::TrustedScriptURL(trusted_script_url) => trusted_script_url.data(),
+            TrustedTypeOrString::String(str_) => str_,
+        }
+    }
+}
+
 impl TrustedTypePolicyFactory {
     fn new_inherited() -> Self {
         Self {
@@ -97,45 +112,115 @@ impl TrustedTypePolicyFactory {
     /// <https://w3c.github.io/trusted-types/dist/spec/#abstract-opdef-get-trusted-type-data-for-attribute>
     #[allow(clippy::if_same_then_else)]
     fn get_trusted_type_data_for_attribute(
-        element: QualName,
+        element_namespace: &Namespace,
-        attribute: String,
+        element_name: &LocalName,
-        attribute_namespace: Option<Namespace>,
+        attribute: &str,
-    ) -> Option<DOMString> {
+        attribute_namespace: Option<&Namespace>,
+    ) -> Option<(TrustedType, String)> {
         // Step 1: Let data be null.
-        let mut data = None;
+        //
+        // We return the if directly
         // Step 2: If attributeNs is null, and attribute is the name of an event handler content attribute, then:
         // TODO(36258): look up event handlers
         // Step 3: Find the row in the following table, where element is in the first column,
         // attributeNs is in the second column, and attribute is in the third column.
         // If a matching row is found, set data to that row.
-        if element.ns == ns!(html) &&
+        // Step 4: Return data.
-            element.local == local_name!("iframe") &&
+        if *element_namespace == ns!(html) &&
+            *element_name == local_name!("iframe") &&
             attribute_namespace.is_none() &&
             attribute == "srcdoc"
         {
-            data = Some(DOMString::from("TrustedHTML"))
+            Some((
-        } else if element.ns == ns!(html) &&
+                TrustedType::TrustedHTML,
-            element.local == local_name!("script") &&
+                "HTMLIFrameElement srcdoc".to_owned(),
+            ))
+        } else if *element_namespace == ns!(html) &&
+            *element_name == local_name!("script") &&
             attribute_namespace.is_none() &&
             attribute == "src"
         {
-            data = Some(DOMString::from("TrustedScriptURL"))
+            Some((
-        } else if element.ns == ns!(svg) &&
+                TrustedType::TrustedScriptURL,
-            element.local == local_name!("script") &&
+                "HTMLScriptElement src".to_owned(),
+            ))
+        } else if *element_namespace == ns!(svg) &&
+            *element_name == local_name!("script") &&
             attribute_namespace.is_none() &&
             attribute == "href"
         {
-            data = Some(DOMString::from("TrustedScriptURL"))
+            Some((
-        } else if element.ns == ns!(svg) &&
+                TrustedType::TrustedScriptURL,
-            element.local == local_name!("script") &&
+                "SVGScriptElement href".to_owned(),
-            attribute_namespace == Some(ns!(xlink)) &&
+            ))
+        } else if *element_namespace == ns!(svg) &&
+            *element_name == local_name!("script") &&
+            attribute_namespace == Some(&ns!(xlink)) &&
             attribute == "href"
         {
-            data = Some(DOMString::from("TrustedScriptURL"))
+            Some((
+                TrustedType::TrustedScriptURL,
+                "SVGScriptElement href".to_owned(),
+            ))
+        } else {
+            None
         }
-        // Step 4: Return data.
-        data
     }
+
+    /// <https://w3c.github.io/trusted-types/dist/spec/#validate-attribute-mutation>
+    pub(crate) fn get_trusted_types_compliant_attribute_value(
+        element_namespace: &Namespace,
+        element_name: &LocalName,
+        attribute: &str,
+        attribute_namespace: Option<&Namespace>,
+        new_value: TrustedTypeOrString,
+        global: &GlobalScope,
+        can_gc: CanGc,
+    ) -> Fallible<DOMString> {
+        // Step 1. If attributeNs is the empty string, set attributeNs to null.
+        let attribute_namespace =
+            attribute_namespace.and_then(|a| if *a == ns!() { None } else { Some(a) });
+        // Step 2. Set attributeData to the result of Get Trusted Type data for attribute algorithm,
+        // with the following arguments:
+        let Some(attribute_data) = Self::get_trusted_type_data_for_attribute(
+            element_namespace,
+            element_name,
+            attribute,
+            attribute_namespace,
+        ) else {
+            // Step 3. If attributeData is null, then:
+            // Step 3.1. If newValue is a string, return newValue.
+            // Step 3.2. Assert: newValue is TrustedHTML or TrustedScript or TrustedScriptURL.
+            // Step 3.3. Return value’s associated data.
+            return Ok(new_value.convert());
+        };
+        // Step 4. Let expectedType be the value of the fourth member of attributeData.
+        // Step 5. Let sink be the value of the fifth member of attributeData.
+        let (expected_type, sink) = attribute_data;
+        let new_value = if let TrustedTypeOrString::String(str_) = new_value {
+            str_
+        } else {
+            // If the type was already trusted, we should return immediately as
+            // all callers of `get_trusted_type_compliant_string` implement this
+            // check themselves. However, we should only do this if it matches
+            // the expected type.
+            if expected_type.matches_idl_trusted_type(&new_value) {
+                return Ok(new_value.convert());
+            }
+            new_value.convert()
+        };
+        // Step 6. Return the result of executing Get Trusted Type compliant string with the following arguments:
+        // If the algorithm threw an error, rethrow the error.
+        Self::get_trusted_type_compliant_string(
+            expected_type,
+            global,
+            new_value,
+            &sink,
+            DEFAULT_SCRIPT_SINK_GROUP,
+            can_gc,
+        )
+    }
+
     /// <https://w3c.github.io/trusted-types/dist/spec/#process-value-with-a-default-policy-algorithm>
     pub(crate) fn process_value_with_default_policy(
         expected_type: TrustedType,
@@ -154,8 +239,10 @@ impl TrustedTypePolicyFactory {
         // Step 2: Let policyValue be the result of executing Get Trusted Type policy value,
         // with the following arguments:
         rooted!(in(*cx) let mut trusted_type_name_value = NullValue());
-        let trusted_type_name: &'static str = expected_type.clone().into();
+        expected_type
-        trusted_type_name.safe_to_jsval(cx, trusted_type_name_value.handle_mut());
+            .clone()
+            .as_ref()
+            .safe_to_jsval(cx, trusted_type_name_value.handle_mut());
 
         rooted!(in(*cx) let mut sink_value = NullValue());
         sink.safe_to_jsval(cx, sink_value.handle_mut());
@@ -303,23 +390,19 @@ impl TrustedTypePolicyFactoryMethods<crate::DomTypeHolder> for TrustedTypePolicy
             Some(_) | None => None,
         };
         // Step 5: Let interface be the element interface for localName and elementNs.
-        let interface = QualName::new(None, element_namespace, LocalName::from(local_name));
         // Step 6: Let expectedType be null.
-        let mut expected_type = None;
         // Step 7: Set attributeData to the result of Get Trusted Type data for attribute algorithm,
         // with the following arguments: interface as element, attribute, attrNs
-        let attribute_data = TrustedTypePolicyFactory::get_trusted_type_data_for_attribute(
-            interface,
-            attribute,
-            attribute_namespace,
-        );
         // Step 8: If attributeData is not null, then set expectedType to the interface’s name of
         // the value of the fourth member of attributeData.
-        if let Some(trusted_type) = attribute_data {
-            expected_type = Some(trusted_type)
-        }
         // Step 9: Return expectedType.
-        expected_type
+        TrustedTypePolicyFactory::get_trusted_type_data_for_attribute(
+            &element_namespace,
+            &LocalName::from(local_name),
+            &attribute,
+            attribute_namespace.as_ref(),
+        )
+        .map(|tuple| DOMString::from(tuple.0.as_ref()))
     }
     /// <https://www.w3.org/TR/trusted-types/#dom-trustedtypepolicyfactory-getpropertytype>
     #[allow(clippy::if_same_then_else)]

components/script_bindings/webidls/Element.webidl

@@ -45,9 +45,9 @@ interface Element : Node {
   [CEReactions, Throws]
   boolean toggleAttribute(DOMString name, optional boolean force);
   [CEReactions, Throws]
-  undefined setAttribute(DOMString name, DOMString value);
+  undefined setAttribute(DOMString name, (TrustedType or DOMString) value);
   [CEReactions, Throws]
-  undefined setAttributeNS(DOMString? namespace, DOMString name, DOMString value);
+  undefined setAttributeNS(DOMString? namespace, DOMString name, (TrustedType or DOMString) value);
   [CEReactions]
   undefined removeAttribute(DOMString name);
   [CEReactions]

components/script_bindings/webidls/TrustedTypePolicyFactory.webidl

@@ -36,3 +36,5 @@ dictionary TrustedTypePolicyOptions {
 callback CreateHTMLCallback = DOMString? (DOMString input, any... arguments);
 callback CreateScriptCallback = DOMString? (DOMString input, any... arguments);
 callback CreateScriptURLCallback = USVString? (DOMString input, any... arguments);
+
+typedef (TrustedHTML or TrustedScript or TrustedScriptURL) TrustedType;

tests/wpt/meta/trusted-types/Element-setAttribute-setAttributeNS-sinks.tentative.html.ini

@@ -1,21 +0,0 @@
-[Element-setAttribute-setAttributeNS-sinks.tentative.html]
-  [HTMLIFrameElement.setAttribute('srcdoc', plain_string)]
-    expected: FAIL
-
-  [HTMLIFrameElement.setAttributeNS(null, 'srcdoc', plain_string)]
-    expected: FAIL
-
-  [HTMLScriptElement.setAttribute('src', plain_string)]
-    expected: FAIL
-
-  [HTMLScriptElement.setAttributeNS(null, 'src', plain_string)]
-    expected: FAIL
-
-  [SVGScriptElement.setAttribute('href', plain_string)]
-    expected: FAIL
-
-  [SVGScriptElement.setAttributeNS(null, 'href', plain_string)]
-    expected: FAIL
-
-  [SVGScriptElement.setAttributeNS(NSURI_XLINK, 'href', plain_string)]
-    expected: FAIL

tests/wpt/meta/trusted-types/block-string-assignment-to-Element-setAttribute.html.ini

@@ -1,22 +1,7 @@
 [block-string-assignment-to-Element-setAttribute.html]
-  [script.src accepts only TrustedScriptURL]
-    expected: FAIL
-
-  [iframe.srcdoc accepts only TrustedHTML]
-    expected: FAIL
-
   [div.onclick accepts only TrustedScript]
     expected: FAIL
 
-  [`Script.prototype.setAttribute.SrC = string` throws.]
-    expected: FAIL
-
-  [script.src's mutationobservers receive the default policy's value.]
-    expected: FAIL
-
-  [iframe.srcdoc's mutationobservers receive the default policy's value.]
-    expected: FAIL
-
   [div.onclick's mutationobservers receive the default policy's value.]
     expected: FAIL
 

tests/wpt/meta/trusted-types/block-string-assignment-to-Element-setAttributeNS.html.ini

@@ -1,3 +0,0 @@
-[block-string-assignment-to-Element-setAttributeNS.html]
-  [Blocking non-TrustedScriptURL assignment to <svg:script xlink:href=...> works]
-    expected: FAIL

tests/wpt/meta/trusted-types/set-attributes-mutations-in-callback.tentative.html.ini

@@ -8,15 +8,6 @@
   [Element.setAttribute works for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown (delete other attribute before)]
     expected: FAIL
 
-  [Element.setAttribute works for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc (delete other attribute before)]
-    expected: FAIL
-
-  [Element.setAttribute works for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src (delete other attribute before)]
-    expected: FAIL
-
-  [Element.setAttribute works for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href (delete other attribute before)]
-    expected: FAIL
-
   [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick (delete other attribute before)]
     expected: FAIL
 
@@ -26,18 +17,6 @@
   [Element.setAttributeNS works for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown (delete other attribute before)]
     expected: FAIL
 
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc (delete other attribute before)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src (delete other attribute before)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href (delete other attribute before)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/2000/svg, element=script, attrNS=http://www.w3.org/1999/xlink, attrName=href (delete other attribute before)]
-    expected: FAIL
-
   [Element.setAttributeNode works for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick (delete other attribute before)]
     expected: FAIL
 
@@ -194,15 +173,6 @@
   [Element.setAttribute works for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown (delete attribute)]
     expected: FAIL
 
-  [Element.setAttribute works for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc (delete attribute)]
-    expected: FAIL
-
-  [Element.setAttribute works for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src (delete attribute)]
-    expected: FAIL
-
-  [Element.setAttribute works for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href (delete attribute)]
-    expected: FAIL
-
   [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick (delete attribute)]
     expected: FAIL
 
@@ -212,18 +182,6 @@
   [Element.setAttributeNS works for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown (delete attribute)]
     expected: FAIL
 
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc (delete attribute)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src (delete attribute)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href (delete attribute)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/2000/svg, element=script, attrNS=http://www.w3.org/1999/xlink, attrName=href (delete attribute)]
-    expected: FAIL
-
   [Element.setAttributeNode works for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick (delete attribute)]
     expected: FAIL
 
@@ -380,15 +338,6 @@
   [Element.setAttribute works for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown (modify attribute)]
     expected: FAIL
 
-  [Element.setAttribute works for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc (modify attribute)]
-    expected: FAIL
-
-  [Element.setAttribute works for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src (modify attribute)]
-    expected: FAIL
-
-  [Element.setAttribute works for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href (modify attribute)]
-    expected: FAIL
-
   [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick (modify attribute)]
     expected: FAIL
 
@@ -398,18 +347,6 @@
   [Element.setAttributeNS works for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown (modify attribute)]
     expected: FAIL
 
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc (modify attribute)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src (modify attribute)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href (modify attribute)]
-    expected: FAIL
-
-  [Element.setAttributeNS works for elementNS=http://www.w3.org/2000/svg, element=script, attrNS=http://www.w3.org/1999/xlink, attrName=href (modify attribute)]
-    expected: FAIL
-
   [Element.setAttributeNode works for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick (modify attribute)]
     expected: FAIL
 

tests/wpt/meta/trusted-types/set-attributes-require-trusted-types-default-policy.html.ini

@@ -8,15 +8,6 @@
   [Element.setAttribute applies default policy for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown]
     expected: FAIL
 
-  [Element.setAttribute applies default policy for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc]
-    expected: FAIL
-
-  [Element.setAttribute applies default policy for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src]
-    expected: FAIL
-
-  [Element.setAttribute applies default policy for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href]
-    expected: FAIL
-
   [Element.setAttributeNS applies default policy for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick]
     expected: FAIL
 
@@ -26,18 +17,6 @@
   [Element.setAttributeNS applies default policy for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow, attrName=onmousedown]
     expected: FAIL
 
-  [Element.setAttributeNS applies default policy for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME, attrName=srcdoc]
-    expected: FAIL
-
-  [Element.setAttributeNS applies default policy for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT, attrName=src]
-    expected: FAIL
-
-  [Element.setAttributeNS applies default policy for elementNS=http://www.w3.org/2000/svg, element=script, attrName=href]
-    expected: FAIL
-
-  [Element.setAttributeNS applies default policy for elementNS=http://www.w3.org/2000/svg, element=script, attrNS=http://www.w3.org/1999/xlink, attrName=href]
-    expected: FAIL
-
   [Element.setAttributeNode applies default policy for elementNS=http://www.w3.org/1999/xhtml, element=DIV, attrName=onclick]
     expected: FAIL
 

tests/wpt/meta/trusted-types/set-attributes-require-trusted-types-no-default-policy.html.ini

@@ -8,15 +8,6 @@
   [Element.setAttribute throws for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow,  attrName=onmousedown with a plain string]
     expected: FAIL
 
-  [Element.setAttribute throws for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME,  attrName=srcdoc with a plain string]
-    expected: FAIL
-
-  [Element.setAttribute throws for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT,  attrName=src with a plain string]
-    expected: FAIL
-
-  [Element.setAttribute throws for elementNS=http://www.w3.org/2000/svg, element=script,  attrName=href with a plain string]
-    expected: FAIL
-
   [Element.setAttributeNS throws for elementNS=http://www.w3.org/1999/xhtml, element=DIV,  attrName=onclick with a plain string]
     expected: FAIL
 
@@ -26,18 +17,6 @@
   [Element.setAttributeNS throws for elementNS=http://www.w3.org/1998/Math/MathML, element=mrow,  attrName=onmousedown with a plain string]
     expected: FAIL
 
-  [Element.setAttributeNS throws for elementNS=http://www.w3.org/1999/xhtml, element=IFRAME,  attrName=srcdoc with a plain string]
-    expected: FAIL
-
-  [Element.setAttributeNS throws for elementNS=http://www.w3.org/1999/xhtml, element=SCRIPT,  attrName=src with a plain string]
-    expected: FAIL
-
-  [Element.setAttributeNS throws for elementNS=http://www.w3.org/2000/svg, element=script,  attrName=href with a plain string]
-    expected: FAIL
-
-  [Element.setAttributeNS throws for elementNS=http://www.w3.org/2000/svg, element=script, attrNS=http://www.w3.org/1999/xlink,  attrName=href with a plain string]
-    expected: FAIL
-
   [Element.setAttributeNode throws for elementNS=http://www.w3.org/1999/xhtml, element=DIV,  attrName=onclick with a plain string]
     expected: FAIL
 

tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-setAttribute.html.ini

@@ -1,27 +1,6 @@
 [trusted-types-reporting-for-Element-setAttribute.html]
-  [Violation report for HTMLIFrameElement.setAttribute('srcdoc', plain_string)]
-    expected: FAIL
-
-  [Violation report for HTMLIFrameElement.setAttributeNS(null, 'srcdoc', plain_string)]
-    expected: FAIL
-
   [Violation report for Element.setAttribute('onclick', plain_string)]
     expected: FAIL
 
   [Violation report for Element.setAttributeNS(null, 'onclick', plain_string)]
     expected: FAIL
-
-  [Violation report for HTMLScriptElement.setAttribute('src', plain_string)]
-    expected: FAIL
-
-  [Violation report for HTMLScriptElement.setAttributeNS(null, 'src', plain_string)]
-    expected: FAIL
-
-  [Violation report for SVGScriptElement.setAttribute('href', plain_string)]
-    expected: FAIL
-
-  [Violation report for SVGScriptElement.setAttributeNS(null, 'href', plain_string)]
-    expected: FAIL
-
-  [Violation report for SVGScriptElement.setAttributeNS(http://www.w3.org/1999/xlink, 'href', plain_string)]
-    expected: FAIL

tests/wpt/meta/trusted-types/trusted-types-svg-script-set-href.html.ini

@@ -5,15 +5,9 @@
   [Assign TrustedScriptURL to SVGScriptElement.href.baseVal.]
     expected: FAIL
 
-  [Assign string to non-attached SVGScriptElement.href via setAttribute.]
-    expected: FAIL
-
   [Assign TrustedScriptURL to non-attached SVGScriptElement.href via setAttribute.]
     expected: FAIL
 
-  [Assign string to attached SVGScriptElement.href via setAttribute.]
-    expected: FAIL
-
   [Assign TrustedScriptURL to attached SVGScriptElement.href via setAttribute.]
     expected: FAIL