mirror of
https://github.com/servo/servo.git
synced 2025-06-06 16:45:39 +00:00
4164f76769
As a follow-up to the recent introduction of `script.src` as trusted sink, this PR refactors machinery to also support `TrustedScript`. In doing so, all trusted sinks in `HTMLScriptElement` are now covered. Instead of calling the callbacks in `policy.createX`, we now have a `TrustedType` enum that specifies which callback to invoke. Unfortunately we still have the `USVString` vs `DOMString` problem, which is why we need to `.map` twice to retrieve the backing `String` and avoid two different types. Additionally, I saw that `script.text` should have called the "String replace all" algorithm rather than setting the child contents. So that's also now fixed. Part of #36258 Requires servo/html5ever#608 Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
83 lines
2.7 KiB
Rust
83 lines
2.7 KiB
Rust
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
|
|
|
use std::fmt;
|
|
|
|
use dom_struct::dom_struct;
|
|
|
|
use crate::dom::bindings::codegen::Bindings::TrustedScriptURLBinding::TrustedScriptURLMethods;
|
|
use crate::dom::bindings::codegen::UnionTypes::TrustedScriptURLOrUSVString;
|
|
use crate::dom::bindings::error::Fallible;
|
|
use crate::dom::bindings::reflector::{Reflector, reflect_dom_object};
|
|
use crate::dom::bindings::root::DomRoot;
|
|
use crate::dom::bindings::str::DOMString;
|
|
use crate::dom::globalscope::GlobalScope;
|
|
use crate::dom::trustedtypepolicy::TrustedType;
|
|
use crate::dom::trustedtypepolicyfactory::TrustedTypePolicyFactory;
|
|
use crate::script_runtime::CanGc;
|
|
|
|
#[dom_struct]
|
|
pub struct TrustedScriptURL {
|
|
reflector_: Reflector,
|
|
|
|
data: String,
|
|
}
|
|
|
|
impl TrustedScriptURL {
|
|
fn new_inherited(data: String) -> Self {
|
|
Self {
|
|
reflector_: Reflector::new(),
|
|
data,
|
|
}
|
|
}
|
|
|
|
#[cfg_attr(crown, allow(crown::unrooted_must_root))]
|
|
pub(crate) fn new(data: String, global: &GlobalScope, can_gc: CanGc) -> DomRoot<Self> {
|
|
reflect_dom_object(Box::new(Self::new_inherited(data)), global, can_gc)
|
|
}
|
|
|
|
pub(crate) fn get_trusted_script_url_compliant_string(
|
|
global: &GlobalScope,
|
|
value: TrustedScriptURLOrUSVString,
|
|
containing_class: &str,
|
|
field: &str,
|
|
can_gc: CanGc,
|
|
) -> Fallible<String> {
|
|
match value {
|
|
TrustedScriptURLOrUSVString::USVString(value) => {
|
|
let sink = format!("{} {}", containing_class, field);
|
|
TrustedTypePolicyFactory::get_trusted_type_compliant_string(
|
|
TrustedType::TrustedScriptURL,
|
|
global,
|
|
value.as_ref().to_owned(),
|
|
&sink,
|
|
"'script'",
|
|
can_gc,
|
|
)
|
|
},
|
|
TrustedScriptURLOrUSVString::TrustedScriptURL(trusted_script_url) => {
|
|
Ok(trusted_script_url.to_string())
|
|
},
|
|
}
|
|
}
|
|
}
|
|
|
|
impl fmt::Display for TrustedScriptURL {
|
|
#[inline]
|
|
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
|
|
f.write_str(&self.data)
|
|
}
|
|
}
|
|
|
|
impl TrustedScriptURLMethods<crate::DomTypeHolder> for TrustedScriptURL {
|
|
/// <https://www.w3.org/TR/trusted-types/#trustedscripturl-stringification-behavior>
|
|
fn Stringifier(&self) -> DOMString {
|
|
DOMString::from(&*self.data)
|
|
}
|
|
|
|
/// <https://www.w3.org/TR/trusted-types/#dom-trustedscripturl-tojson>
|
|
fn ToJSON(&self) -> DOMString {
|
|
DOMString::from(&*self.data)
|
|
}
|
|
}
|