Implement trusted types url setter (#36596)

We now check the sink of script.src for trusted types. This is the first attribute that we check, other sinks will be implemented in follow-up changes. The algorithms currently hardcode various parts. That's because I need to refactor a couple of algorithms already present in TrustedTypePolicy. They use callbacks at the moment, which made sense for their initial use. However, for these new algorithms they don't work. Therefore, I will align them with the specification by taking in an enum. However, since that's a bigger refactoring, I left that out of this PR (which is already quite big). The other trusted types support (createScript and createHTML) will also be implemented separately. Part of #36258 --------- Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com> Co-authored-by: Josh Matthews <josh@joshmatthews.net>
2025-06-06 16:45:39 +00:00 · 2025-04-21 08:56:40 +02:00 · 2025-04-21 08:56:40 +02:00 · 6bb087e381
commit 6bb087e381
parent fee2ea34af
27 changed files with 233 additions and 74 deletions
--- a/components/script/dom/element.rs
+++ b/components/script/dom/element.rs
@ -78,7 +78,7 @@ use crate::dom::bindings::codegen::Bindings::ShadowRootBinding::{
 use crate::dom::bindings::codegen::Bindings::WindowBinding::{
    ScrollBehavior, ScrollToOptions, WindowMethods,
 };
-use crate::dom::bindings::codegen::UnionTypes::NodeOrString;
+use crate::dom::bindings::codegen::UnionTypes::{NodeOrString, TrustedScriptURLOrUSVString};
 use crate::dom::bindings::conversions::DerivedFrom;
 use crate::dom::bindings::error::{Error, ErrorResult, Fallible};
 use crate::dom::bindings::inheritance::{Castable, ElementTypeId, HTMLElementTypeId, NodeTypeId};
@ -149,6 +149,7 @@ use crate::dom::raredata::ElementRareData;
 use crate::dom::servoparser::ServoParser;
 use crate::dom::shadowroot::{IsUserAgentWidget, ShadowRoot};
 use crate::dom::text::Text;
+use crate::dom::types::TrustedTypePolicyFactory;
 use crate::dom::validation::Validatable;
 use crate::dom::validitystate::ValidationFlags;
 use crate::dom::virtualmethods::{VirtualMethods, vtable_for};
@ -1928,6 +1929,53 @@ impl Element {
        self.set_attribute(local_name, AttrValue::String(value.to_string()), can_gc);
    }

+    pub(crate) fn get_trusted_type_url_attribute(
+        &self,
+        local_name: &LocalName,
+    ) -> TrustedScriptURLOrUSVString {
+        assert_eq!(*local_name, local_name.to_ascii_lowercase());
+        let attr = match self.get_attribute(&ns!(), local_name) {
+            Some(attr) => attr,
+            None => return TrustedScriptURLOrUSVString::USVString(USVString::default()),
+        };
+        let value = &**attr.value();
+        // XXXManishearth this doesn't handle `javascript:` urls properly
+        self.owner_document()
+            .base_url()
+            .join(value)
+            .map(|parsed| TrustedScriptURLOrUSVString::USVString(USVString(parsed.into_string())))
+            .unwrap_or_else(|_| TrustedScriptURLOrUSVString::USVString(USVString(value.to_owned())))
+    }
+
+    pub(crate) fn set_trusted_type_url_attribute(
+        &self,
+        local_name: &LocalName,
+        value: TrustedScriptURLOrUSVString,
+        can_gc: CanGc,
+    ) -> Fallible<()> {
+        assert_eq!(*local_name, local_name.to_ascii_lowercase());
+        let value = match value {
+            TrustedScriptURLOrUSVString::USVString(url) => {
+                let global = self.owner_global();
+                // TODO(36258): Reflectively get the name of the class
+                let sink = format!("{} {}", "HTMLScriptElement", &local_name);
+                let result = TrustedTypePolicyFactory::get_trusted_type_compliant_string(
+                    &global,
+                    url.to_string(),
+                    &sink,
+                    "'script'",
+                    can_gc,
+                );
+                result?
+            },
+            // This partially implements <https://w3c.github.io/trusted-types/dist/spec/#get-trusted-type-compliant-string-algorithm>
+            // Step 1: If input is an instance of expectedType, return stringified input and abort these steps.
+            TrustedScriptURLOrUSVString::TrustedScriptURL(script_url) => script_url.to_string(),
+        };
+        self.set_attribute(local_name, AttrValue::String(value), can_gc);
+        Ok(())
+    }
+
    pub(crate) fn get_string_attribute(&self, local_name: &LocalName) -> DOMString {
        match self.get_attribute(&ns!(), local_name) {
            Some(x) => x.Value(),