Implement nonce attribute to pass more CSP checks (#35876)

* Add doc comments to RequestBuilder fields/methods Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> * Implement Request::cryptographic_nonce_metadata Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> * Implement HTMLOrSVGElement::nonce Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> * Set request cryptographic nonce metadata for link elements Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> * Set request's cryptographic nonce when fetching scripts Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> * Forward request nonce to rust-content-security-policy Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> * Update WPT expectations Signed-off-by: Simon Wülker <simon.wuelker@arcor.de> --------- Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
2025-08-10 16:05:43 +01:00 · 2025-03-10 10:25:34 +01:00 · 2025-03-10 10:25:34 +01:00 · 1b6b21cb85
commit 1b6b21cb85
parent ce4ba30992
18 changed files with 111 additions and 289 deletions
--- a/tests/wpt/meta/html/dom/idlharness.https.html.ini
+++ b/tests/wpt/meta/html/dom/idlharness.https.html.ini
@ -6121,9 +6121,6 @@
  [HTMLElement interface: attribute inputMode]
    expected: FAIL

-  [HTMLElement interface: attribute nonce]
-    expected: FAIL
-
  [HTMLElement interface: attribute tabIndex]
    expected: FAIL

@ -6208,9 +6205,6 @@
  [HTMLElement interface: document.createElement("noscript") must inherit property "inputMode" with the proper type]
    expected: FAIL

-  [HTMLElement interface: document.createElement("noscript") must inherit property "nonce" with the proper type]
-    expected: FAIL
-
  [HTMLElement interface: document.createElement("noscript") must inherit property "tabIndex" with the proper type]
    expected: FAIL

--- a/tests/wpt/meta/html/dom/reflection-metadata.html.ini
+++ b/tests/wpt/meta/html/dom/reflection-metadata.html.ini
@ -1523,120 +1523,6 @@
  [link.as: IDL set to "xſlt"]
    expected: FAIL

-  [link.nonce: typeof IDL attribute]
-    expected: FAIL
-
-  [link.nonce: IDL get with DOM attribute unset]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to ""]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to " \\0\\x01\\x02\\x03\\x04\\x05\\x06\\x07 \\b\\t\\n\\v\\f\\r\\x0e\\x0f \\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17 \\x18\\x19\\x1a\\x1b\\x1c\\x1d\\x1e\\x1f  foo "]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to undefined]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to 7]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to 1.5]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to "5%"]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to "+100"]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to ".5"]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to true]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to false]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to object "[object Object\]"]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to NaN]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to Infinity]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to -Infinity]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to "\\0"]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to null]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to object "test-toString"]
-    expected: FAIL
-
-  [link.nonce: setAttribute() to object "test-valueOf"]
-    expected: FAIL
-
-  [link.nonce: IDL set to ""]
-    expected: FAIL
-
-  [link.nonce: IDL set to " \\0\\x01\\x02\\x03\\x04\\x05\\x06\\x07 \\b\\t\\n\\v\\f\\r\\x0e\\x0f \\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17 \\x18\\x19\\x1a\\x1b\\x1c\\x1d\\x1e\\x1f  foo "]
-    expected: FAIL
-
-  [link.nonce: IDL set to undefined]
-    expected: FAIL
-
-  [link.nonce: IDL set to 7]
-    expected: FAIL
-
-  [link.nonce: IDL set to 1.5]
-    expected: FAIL
-
-  [link.nonce: IDL set to "5%"]
-    expected: FAIL
-
-  [link.nonce: IDL set to "+100"]
-    expected: FAIL
-
-  [link.nonce: IDL set to ".5"]
-    expected: FAIL
-
-  [link.nonce: IDL set to true]
-    expected: FAIL
-
-  [link.nonce: IDL set to false]
-    expected: FAIL
-
-  [link.nonce: IDL set to object "[object Object\]"]
-    expected: FAIL
-
-  [link.nonce: IDL set to NaN]
-    expected: FAIL
-
-  [link.nonce: IDL set to Infinity]
-    expected: FAIL
-
-  [link.nonce: IDL set to -Infinity]
-    expected: FAIL
-
-  [link.nonce: IDL set to "\\0"]
-    expected: FAIL
-
-  [link.nonce: IDL set to null]
-    expected: FAIL
-
-  [link.nonce: IDL set to object "test-toString"]
-    expected: FAIL
-
-  [link.nonce: IDL set to object "test-valueOf"]
-    expected: FAIL
-
  [meta.accessKey: typeof IDL attribute]
    expected: FAIL

@ -2135,120 +2021,6 @@
  [style.tabIndex: IDL set to -2147483648]
    expected: FAIL

-  [style.nonce: typeof IDL attribute]
-    expected: FAIL
-
-  [style.nonce: IDL get with DOM attribute unset]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to ""]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to " \\0\\x01\\x02\\x03\\x04\\x05\\x06\\x07 \\b\\t\\n\\v\\f\\r\\x0e\\x0f \\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17 \\x18\\x19\\x1a\\x1b\\x1c\\x1d\\x1e\\x1f  foo "]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to undefined]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to 7]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to 1.5]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to "5%"]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to "+100"]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to ".5"]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to true]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to false]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to object "[object Object\]"]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to NaN]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to Infinity]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to -Infinity]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to "\\0"]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to null]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to object "test-toString"]
-    expected: FAIL
-
-  [style.nonce: setAttribute() to object "test-valueOf"]
-    expected: FAIL
-
-  [style.nonce: IDL set to ""]
-    expected: FAIL
-
-  [style.nonce: IDL set to " \\0\\x01\\x02\\x03\\x04\\x05\\x06\\x07 \\b\\t\\n\\v\\f\\r\\x0e\\x0f \\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17 \\x18\\x19\\x1a\\x1b\\x1c\\x1d\\x1e\\x1f  foo "]
-    expected: FAIL
-
-  [style.nonce: IDL set to undefined]
-    expected: FAIL
-
-  [style.nonce: IDL set to 7]
-    expected: FAIL
-
-  [style.nonce: IDL set to 1.5]
-    expected: FAIL
-
-  [style.nonce: IDL set to "5%"]
-    expected: FAIL
-
-  [style.nonce: IDL set to "+100"]
-    expected: FAIL
-
-  [style.nonce: IDL set to ".5"]
-    expected: FAIL
-
-  [style.nonce: IDL set to true]
-    expected: FAIL
-
-  [style.nonce: IDL set to false]
-    expected: FAIL
-
-  [style.nonce: IDL set to object "[object Object\]"]
-    expected: FAIL
-
-  [style.nonce: IDL set to NaN]
-    expected: FAIL
-
-  [style.nonce: IDL set to Infinity]
-    expected: FAIL
-
-  [style.nonce: IDL set to -Infinity]
-    expected: FAIL
-
-  [style.nonce: IDL set to "\\0"]
-    expected: FAIL
-
-  [style.nonce: IDL set to null]
-    expected: FAIL
-
-  [style.nonce: IDL set to object "test-toString"]
-    expected: FAIL
-
-  [style.nonce: IDL set to object "test-valueOf"]
-    expected: FAIL
-
  [head.tabIndex: setAttribute() to "7\\v"]
    expected: FAIL