Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-30 16:49:16 +01:00
Code Issues Projects Releases Packages Wiki Activity

Implement CSP check for Trusted Types (#36363)

Browse source 
The algorithm [1] is implemented in the content-security-policy
package.

Requires
https://github.com/rust-ammonia/rust-content-security-policy/pull/56
This is part of #36258

[1]:
https://w3c.github.io/trusted-types/dist/spec/#abstract-opdef-should-trusted-type-policy-creation-be-blocked-by-content-security-policy

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This commit is contained in:
Tim van der Lippe 2025-04-14 18:44:50 +02:00 committed by GitHub
parent d46a17a487
commit 4e1ea81992
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 14 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tests/wpt/meta/trusted-types/TrustedTypePolicy-CSP-no-name.html.ini vendored
View file

@ -1,3 +0,0 @@
[TrustedTypePolicy-CSP-no-name.html]
[No name list given - policy creation fails.]
expected: FAIL

3
tests/wpt/meta/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-noNamesGiven.html.ini vendored
View file

@ -1,3 +0,0 @@
[TrustedTypePolicyFactory-createPolicy-cspTests-noNamesGiven.html]
[No name list given - policy creation throws]
expected: FAIL

3
tests/wpt/meta/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-none-none-name.html.ini vendored
View file

@ -1,3 +0,0 @@
[TrustedTypePolicyFactory-createPolicy-cspTests-none-none-name.html]
[Cannot create policy with name 'default' - policy creation throws]
expected: FAIL

6
tests/wpt/meta/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-none-none.html.ini vendored
View file

@ -1,6 +0,0 @@
[TrustedTypePolicyFactory-createPolicy-cspTests-none-none.html]
[Cannot create policy with name 'SomeName' - policy creation throws]
expected: FAIL
[Cannot create policy with name 'default' - policy creation throws]
expected: FAIL

36
tests/wpt/meta/trusted-types/should-trusted-type-policy-creation-be-blocked-by-csp-001.html.ini vendored
View file

@ -1,66 +1,30 @@
[should-trusted-type-policy-creation-be-blocked-by-csp-001.html]
[single enforce policy with directive "trusted-type tt-policy-name"]
expected: FAIL
[single report-only policy with directive "trusted-type tt-policy-name"]
expected: FAIL
[single enforce policy with directive "trusted-type *"]
expected: FAIL
[single report-only policy with directive "trusted-type *"]
expected: FAIL
[single enforce policy with directive "trusted-type 'none'"]
expected: FAIL
[single report-only policy with directive "trusted-type 'none'"]
expected: FAIL
[single enforce policy with directive "trusted-type 'allow-duplicates'"]
expected: FAIL
[single report-only policy with directive "trusted-type 'allow-duplicates'"]
expected: FAIL
[single enforce policy with directive "trusted-type tt-policy-name 'allow-duplicates'"]
expected: FAIL
[single report-only policy with directive "trusted-type tt-policy-name 'allow-duplicates'"]
expected: FAIL
[single enforce policy with directive "trusted-type 'none' 'allow-duplicates'"]
expected: FAIL
[single report-only policy with directive "trusted-type 'none' 'allow-duplicates'"]
expected: FAIL
[single enforce policy with directive "trusted-type 'none' tt-policy-name"]
expected: FAIL
[single report-only policy with directive "trusted-type 'none' tt-policy-name"]
expected: FAIL
[single enforce policy with directive "trusted-type 'none' *"]
expected: FAIL
[single report-only policy with directive "trusted-type 'none' *"]
expected: FAIL
[single enforce policy with directive "trusted-type tt-policy-name *"]
expected: FAIL
[single report-only policy with directive "trusted-type tt-policy-name *"]
expected: FAIL
[single enforce policy with directive "trusted-type tt-policy-name1 tt-policy-name2 tt-policy-name3"]
expected: FAIL
[single report-only policy with directive "trusted-type tt-policy-name1 tt-policy-name2 tt-policy-name3"]
expected: FAIL
[Single enforce policy with directive "trusted-type none"]
expected: FAIL
[Single enforce policy with directive "trusted-type allow-duplicates"]
expected: FAIL

3
tests/wpt/meta/trusted-types/trusted-types-duplicate-names-list.html.ini vendored
View file

@ -1,3 +0,0 @@
[trusted-types-duplicate-names-list.html]
[TrustedTypePolicyFactory and policy list in CSP.]
expected: FAIL

1
tests/wpt/meta/trusted-types/trusted-types-reporting-clipping-of-sample.html.ini vendored
View file

@ -1,4 +1,5 @@
[trusted-types-reporting-clipping-of-sample.html]
expected: CRASH
[Clipping of violation sample for createPolicy(AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA)]
expected: FAIL

1
tests/wpt/meta/trusted-types/trusted-types-reporting-clipping-of-sample.tentative.html.ini vendored
View file

@ -1,4 +1,5 @@
[trusted-types-reporting-clipping-of-sample.tentative.html]
expected: CRASH
[Clipping of violation sample for createPolicy(𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆𝐆)]
expected: FAIL

3
tests/wpt/meta/trusted-types/trusted-types-sandbox-allow-scripts.html.ini vendored
View file

@ -1,6 +1,3 @@
[trusted-types-sandbox-allow-scripts.html]
[window.trustedTypes.createPolicy() in a sandboxed page with allow-scripts.]
expected: FAIL
[Default Trusted Types policy in a sandboxed page with allow-scripts.]
expected: FAIL