Implement Trusted types document write sinks (#36824)

Implements the Document.write algorithm covering
Trusted HTML.

Part of #36258

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This commit is contained in:
Tim van der Lippe 2025-05-04 13:50:33 +02:00 committed by GitHub
parent 43edab336a
commit c00e0aae61
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 142 additions and 107 deletions

View file

@ -2,13 +2,19 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
use std::fmt;
use dom_struct::dom_struct;
use crate::dom::bindings::codegen::Bindings::TrustedHTMLBinding::TrustedHTMLMethods;
use crate::dom::bindings::codegen::UnionTypes::TrustedHTMLOrString;
use crate::dom::bindings::error::Fallible;
use crate::dom::bindings::reflector::{Reflector, reflect_dom_object};
use crate::dom::bindings::root::DomRoot;
use crate::dom::bindings::str::DOMString;
use crate::dom::globalscope::GlobalScope;
use crate::dom::trustedtypepolicy::TrustedType;
use crate::dom::trustedtypepolicyfactory::TrustedTypePolicyFactory;
use crate::script_runtime::CanGc;
#[dom_struct]
@ -30,6 +36,37 @@ impl TrustedHTML {
pub(crate) fn new(data: String, global: &GlobalScope, can_gc: CanGc) -> DomRoot<Self> {
reflect_dom_object(Box::new(Self::new_inherited(data)), global, can_gc)
}
pub(crate) fn get_trusted_script_compliant_string(
global: &GlobalScope,
value: TrustedHTMLOrString,
containing_class: &str,
field: &str,
can_gc: CanGc,
) -> Fallible<String> {
match value {
TrustedHTMLOrString::String(value) => {
let sink = format!("{} {}", containing_class, field);
TrustedTypePolicyFactory::get_trusted_type_compliant_string(
TrustedType::TrustedHTML,
global,
value.as_ref().to_owned(),
&sink,
"'script'",
can_gc,
)
},
TrustedHTMLOrString::TrustedHTML(trusted_html) => Ok(trusted_html.to_string()),
}
}
}
impl fmt::Display for TrustedHTML {
#[inline]
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
f.write_str(&self.data)
}
}
impl TrustedHTMLMethods<crate::DomTypeHolder> for TrustedHTML {