Implement inner slot for cryptographic nonce (#36965)

Also update the `html/dom/reflection-metadata.html` test
to handle the case where `nonce` does not reflect back
to the attribute after an IDL change.

Part of https://github.com/servo/servo/issues/4577
Fixes https://github.com/web-platform-tests/wpt/issues/43286

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This commit is contained in:
Tim van der Lippe 2025-05-14 12:21:21 +02:00 committed by GitHub
parent 3aff272e14
commit a24fce3ae7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
14 changed files with 132 additions and 98 deletions

View file

@ -474524,7 +474524,7 @@
[]
],
"reflection.js": [
"b2c3b30aae36b390a60c05b39901826ba71e0b1a",
"eeecd450fca8139e924affb298e7feb1a1fb46fb",
[]
],
"render-blocking": {

View file

@ -1,24 +0,0 @@
[nonces.html]
[Basic nonce tests for meh in HTML namespace]
expected: FAIL
[Basic nonce tests for div in HTML namespace]
expected: FAIL
[Basic nonce tests for script in HTML namespace]
expected: FAIL
[Basic nonce tests for meh in SVG namespace]
expected: FAIL
[Basic nonce tests for svg in SVG namespace]
expected: FAIL
[Basic nonce tests for script in SVG namespace]
expected: FAIL
[Basic nonce tests for style in HTML namespace]
expected: FAIL
[Basic nonce tests for link in HTML namespace]
expected: FAIL

View file

@ -1,6 +1,3 @@
[script-nonces-hidden-meta.sub.html]
[Writing 'nonce' IDL attribute.]
expected: FAIL
[createElement.nonce.]
expected: FAIL

View file

@ -1,30 +1,3 @@
[script-nonces-hidden.html]
[Reading 'nonce' content attribute and IDL attribute.]
expected: FAIL
[Cloned node retains nonce.]
expected: FAIL
[Cloned node retains nonce when inserted.]
expected: FAIL
[Writing 'nonce' IDL attribute.]
expected: FAIL
[Document-written script's nonce value.]
expected: FAIL
[createElement.nonce.]
expected: FAIL
[setAttribute('nonce') overwrites '.nonce' upon insertion.]
expected: FAIL
[createElement.setAttribute.]
expected: FAIL
[Custom elements expose the correct events.]
expected: FAIL
[Nonces don't leak via CSS side-channels.]
expected: FAIL

View file

@ -2,9 +2,3 @@
expected: TIMEOUT
[Document-written script executes.]
expected: NOTRUN
[createElement.nonce.]
expected: FAIL
[Writing 'nonce' IDL attribute.]
expected: FAIL

View file

@ -1,22 +1,4 @@
[svgscript-nonces-hidden.html]
expected: TIMEOUT
[Reading 'nonce' content attribute and IDL attribute.]
expected: FAIL
[Cloned node retains nonce.]
expected: FAIL
[Cloned node retains nonce when inserted.]
expected: FAIL
[Document-written script executes.]
expected: NOTRUN
[createElement.nonce.]
expected: FAIL
[createElement.setAttribute.]
expected: FAIL
[Writing 'nonce' IDL attribute.]
expected: FAIL

View file

@ -967,6 +967,7 @@ ReflectionTests.reflects = function(data, idlName, idlObj, domName, domObj) {
"previous value", "getAttribute()");
ReflectionHarness.assertEquals(idlObj[idlName], previousIdl, "IDL get");
} else {
var previousValue = domObj.getAttribute(domName);
idlObj[idlName] = idlTests[i];
if (data.type == "boolean") {
// Special case yay
@ -976,6 +977,11 @@ ReflectionTests.reflects = function(data, idlName, idlObj, domName, domObj) {
var expected = idlDomExpected[i] + "";
if (data.isNullable && idlDomExpected[i] === null) {
expected = null;
} else if (idlName == "nonce") {
// nonce doesn't reflect the value, as per /content-security-policy/nonce-hiding/
// tests that confirm that retrieving the nonce value post IDL change does not
// reflect back to the attribute (for security reasons)
expected = previousValue;
}
ReflectionHarness.assertEquals(domObj.getAttribute(domName), expected,
"getAttribute()");