1 files changed, 77 insertions, 17 deletions
diff --git a/dom/security/trusted-types/TrustedTypePolicy.cpp b/dom/security/trusted-types/TrustedTypePolicy.cpp
index 3c4e758ed0..62c58ae1f6 100644
--- a/dom/security/trusted-types/TrustedTypePolicy.cpp
+++ b/dom/security/trusted-types/TrustedTypePolicy.cpp
@@ -6,38 +6,98 @@
 
 #include "mozilla/dom/TrustedTypePolicy.h"
 
-#include "mozilla/AlreadyAddRefed.h"
+#include "mozilla/dom/DOMString.h"
 #include "mozilla/dom/TrustedTypePolicyFactory.h"
 #include "mozilla/dom/TrustedTypesBinding.h"
 
+#include <utility>
+
 namespace mozilla::dom {
 
-NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(TrustedTypePolicy, mParentObject)
+NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(TrustedTypePolicy, mParentObject,
+                                      mOptions.mCreateHTMLCallback,
+                                      mOptions.mCreateScriptCallback,
+                                      mOptions.mCreateScriptURLCallback)
+
+TrustedTypePolicy::TrustedTypePolicy(TrustedTypePolicyFactory* aParentObject,
+                                     const nsAString& aName, Options&& aOptions)
+    : mParentObject{aParentObject},
+      mName{aName},
+      mOptions{std::move(aOptions)} {}
 
 JSObject* TrustedTypePolicy::WrapObject(JSContext* aCx,
                                         JS::Handle<JSObject*> aGivenProto) {
   return TrustedTypePolicy_Binding::Wrap(aCx, this, aGivenProto);
 }
 
-UniquePtr<TrustedHTML> TrustedTypePolicy::CreateHTML(
-    JSContext* aJSContext, const nsAString& aInput,
-    const Sequence<JS::Value>& aArguments) const {
-  // TODO: implement the spec.
-  return MakeUnique<TrustedHTML>();
+void TrustedTypePolicy::GetName(DOMString& aResult) const {
+  aResult.SetKnownLiveString(mName);
 }
 
-UniquePtr<TrustedScript> TrustedTypePolicy::CreateScript(
-    JSContext* aJSContext, const nsAString& aInput,
-    const Sequence<JS::Value>& aArguments) const {
-  // TODO: implement the spec.
-  return MakeUnique<TrustedScript>();
+#define IMPL_CREATE_TRUSTED_TYPE(_trustedTypeSuffix)                         \
+  UniquePtr<Trusted##_trustedTypeSuffix>                                     \
+      TrustedTypePolicy::Create##_trustedTypeSuffix(                         \
+          JSContext* aJSContext, const nsAString& aInput,                    \
+          const Sequence<JS::Value>& aArguments, ErrorResult& aErrorResult)  \
+          const {                                                            \
+    /* Invoking the callback could delete the policy and hence the callback. \
+     * Hence keep a strong reference to it on the stack.                     \
+     */                                                                      \
+    RefPtr<Create##_trustedTypeSuffix##Callback> callbackObject =            \
+        mOptions.mCreate##_trustedTypeSuffix##Callback;                      \
+                                                                             \
+    return CreateTrustedType<Trusted##_trustedTypeSuffix>(                   \
+        callbackObject, aInput, aArguments, aErrorResult);                   \
+  }
+
+IMPL_CREATE_TRUSTED_TYPE(HTML)
+IMPL_CREATE_TRUSTED_TYPE(Script)
+IMPL_CREATE_TRUSTED_TYPE(ScriptURL)
+
+template <typename T, typename CallbackObject>
+UniquePtr<T> TrustedTypePolicy::CreateTrustedType(
+    const RefPtr<CallbackObject>& aCallbackObject, const nsAString& aValue,
+    const Sequence<JS::Value>& aArguments, ErrorResult& aErrorResult) const {
+  nsString policyValue;
+  DetermineTrustedPolicyValue(aCallbackObject, aValue, aArguments, true,
+                              aErrorResult, policyValue);
+
+  if (aErrorResult.Failed()) {
+    return nullptr;
+  }
+
+  UniquePtr<T> trustedObject = MakeUnique<T>(std::move(policyValue));
+
+  // TODO: add special handling for `TrustedScript` when default policy support
+  // is added.
+
+  return trustedObject;
 }
 
-UniquePtr<TrustedScriptURL> TrustedTypePolicy::CreateScriptURL(
-    JSContext* aJSContext, const nsAString& aInput,
-    const Sequence<JS::Value>& aArguments) const {
-  // TODO: implement the spec.
-  return MakeUnique<TrustedScriptURL>();
+template <typename CallbackObject>
+void TrustedTypePolicy::DetermineTrustedPolicyValue(
+    const RefPtr<CallbackObject>& aCallbackObject, const nsAString& aValue,
+    const Sequence<JS::Value>& aArguments, bool aThrowIfMissing,
+    ErrorResult& aErrorResult, nsAString& aResult) const {
+  if (!aCallbackObject) {
+    // The spec lacks a definition for stringifying null, see
+    // <https://github.com/w3c/trusted-types/issues/469>.
+    aResult = EmptyString();
+
+    if (aThrowIfMissing) {
+      aErrorResult.ThrowTypeError("Function missing.");
+    }
+
+    return;
+  }
+
+  nsString callbackResult;
+  aCallbackObject->Call(aValue, aArguments, callbackResult, aErrorResult,
+                        nullptr, CallbackObject::eRethrowExceptions);
+
+  if (!aErrorResult.Failed()) {
+    aResult = std::move(callbackResult);
+  }
 }
 
 }  // namespace mozilla::dom