summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/sanitizer-api/sanitizer-sanitize.https.tentative.html
blob: 82eaeb48329f235a833aa8b8120bd6f08e64f90d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<!DOCTYPE html>
<html>
<head>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <script src="support/testcases.sub.js"></script>
</head>

<body>
<script>
    function getString(fragment) {
      d = document.createElement("div");
      d.replaceChildren(...fragment.cloneNode(true).childNodes);
      return d.innerHTML;
    }

    function getFragment(markup) {
      const d = document.createElement("div");
      d.innerHTML = markup;
      let f = document.createDocumentFragment();
      f.replaceChildren(...d.childNodes);
      return f;
    }
    function getDoc(markup) {
      return new DOMParser().parseFromString(markup, "text/html");
    }
    function assert_node_equals(node1, node2) {
      assert_true(node1 instanceof Node && node1.isEqualNode(node2),
                  `Node[${getString(node1)}] == Node[${getString(node2)}]`);
    }

    test(t => {
      let s = new Sanitizer();
      assert_throws_js(TypeError, _ => s.sanitize());
    }, "Sanitizer.sanitize() should throw an error.");

    test(t => {
      let s = new Sanitizer();
      assert_throws_js(TypeError, _ => s.sanitize(null));
    }, "Sanitizer.sanitize(null).");

    const probe_string = `<a href="about:blank">hello</a><script>cons` +
        `ole.log("world!");<` + `/script>`;
    test(t => {
      const sanitized = new Sanitizer().sanitize(getFragment(probe_string));
      const expected = getFragment(probe_string.substr(0, 31));
      assert_node_equals(expected, sanitized);
    }, "Sanitizer.sanitze(DocumentFragment)");

    test(t => {
      const sanitized = new Sanitizer().sanitize(getDoc(probe_string));
      const expected = getFragment(probe_string.substr(0, 31));
      assert_node_equals(expected, sanitized);
    }, "Sanitizer.sanitze(Document)");

    testcases.forEach(c => test(t => {
        let s = new Sanitizer(c.config_input);
        var dom = new DOMParser().parseFromString("<!DOCTYPE html><body>" + c.value, "text/html");
        fragment = s.sanitize(dom);
        assert_true(fragment instanceof DocumentFragment);

        let result = getString(fragment);
        assert_equals(result, c.result);
    }, "SanitizerAPI with config: " + c.message + ", sanitize from document function for <body>"));

    testcases.forEach(c => test(t => {
        let s = new Sanitizer(c.config_input);
        let tpl = document.createElement("template");
        tpl.innerHTML = c.value;
        fragment = s.sanitize(tpl.content);
        assert_true(fragment instanceof DocumentFragment);
        assert_equals(getString(fragment), c.result);
    }, "SanitizerAPI with config: " + c.message + ", sanitize from document fragment function for <template>"));
</script>
</body>
</html>