diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html')
-rw-r--r-- | testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html new file mode 100644 index 0000000000..34975f9d68 --- /dev/null +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html @@ -0,0 +1,79 @@ +<!DOCTYPE html> +<html> +<head> + <meta name="author" title="Luke Warlow" href="mailto:lwarlow@igalia.com"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="support/helper.sub.js"></script> + + <meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script';"> +</head> +<body> +<div id="container"></div> +<script> + var container = document.querySelector('#container') + + // TrustedHTML assignments do not throw. + test(t => { + let p = createHTML_policy(window, 1); + let html = p.createHTML(INPUTS.HTML); + + var d = document.createElement('div'); + document.querySelector('#container').appendChild(d); + d.setHTMLUnsafe(html); + assert_equals(container.innerText, RESULTS.HTML); + + while (container.firstChild) + container.firstChild.remove(); + }, "element.setHTMLUnsafe(html) assigned via policy (successful HTML transformation)."); + + // String assignments throw. + test(t => { + var d = document.createElement('div'); + container.appendChild(d); + assert_throws_js(TypeError, _ => { + d.setHTMLUnsafe("Fail"); + }); + assert_equals(container.innerText, ""); + while (container.firstChild) + container.firstChild.remove(); + }, "`element.setHTMLUnsafe(string)` throws."); + + // Null assignment throws. + test(t => { + var d = document.createElement('div'); + container.appendChild(d); + assert_throws_js(TypeError, _ => { + d.outerHTML = null; + }); + assert_equals(container.innerText, ""); + while (container.firstChild) + container.firstChild.remove(); + }, "`element.setHTMLUnsafe(null)` throws."); + + // After default policy creation string assignment implicitly calls createHTML. + test(t => { + let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); + + var d = document.createElement('div'); + document.querySelector('#container').appendChild(d); + d.setHTMLUnsafe(INPUTS.HTML); + assert_equals(container.innerText, RESULTS.HTML); + + while (container.firstChild) + container.firstChild.remove(); + }, "`element.setHTMLUnsafe(string)` assigned via default policy (successful HTML transformation)."); + + // After default policy creation null assignment implicitly calls createHTML. + test(t => { + var d = document.createElement('div'); + container.appendChild(d); + d.setHTMLUnsafe(null); + assert_equals(container.innerText, "null"); + + while (container.firstChild) + container.firstChild.remove(); + }, "`element.setHTMLUnsafe(string)` assigned via default policy does not throw"); +</script> +</body> +</html> |