summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/sanitizer-api/element-set-sanitized-html.https.html
blob: 8fabf1ce293ada94b7777ca42f974454c123efa0 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

<!DOCTYPE html>
<html>
<head>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <script src="support/testcases.sub.js"></script>
</head>
<body>
<script>
  function buildNode(element_name, markup) {
    const e = document.createElement(element_name);
    e.innerHTML = markup;
    return e;
  }

  function assert_node_equals(node1, node2) {
    assert_equals(node2.innerHTML, node1.innerHTML);
    assert_true(node1.isEqualNode(node2),
        `Node[${node1.innerHTML}] == Node[${node2.innerHTML}]`);
    // TODO(https://github.com/WICG/sanitizer-api/issues/202)
    /*
    if (node1 instanceof HTMLTemplateElement) {
      assert_true(node1.content.isEqualNode(node2.content), "<template> content is equal");
    }
    */
  }

  for (const context of ["script", "iframe", "object", "div"]) {
    const should_fail = context != "div";
    test(t => {
      let elem = document.createElement(context);
      let probe_fn = _ => elem.setHTML("<div>Hello!</div>");
      if (should_fail) {
        assert_throws_js(TypeError, probe_fn);
      } else {
        probe_fn();
      }
      assert_equals(should_fail, !elem.firstChild);
    }, `${context}.setHTML should ${should_fail ? "fail" : "pass"}.`);
  }

  for (const context of ["div", "template", "table"]) {
    const elem1 = document.createElement(context);
    const elem2 = document.createElement(context);
    for (const probe of ["<em>Hello</em>", "<td>data</td>"]) {
      elem1.setHTML(probe, {});
      elem2.innerHTML = probe;
      test(t => {
        assert_node_equals(elem2, elem1);
      }, `Sanitizer: <${context}>.setHTML("${probe}", ...) obeys parse context.`);
    }
  }

  for (const testcase of testcases) {
    const element = document.createElement("template");
    test(t => {
      element.setHTML(testcase.value, {sanitizer: testcase.config_input });
      assert_node_equals(buildNode(element.localName, testcase.result), element);
    }, "Sanitizer: Element.setHTML with config: " + testcase.message);
  }

  [
    undefined,
    {},
    { sanitizer: {} },
    { sanitizer: undefined },
    { avocado: {} },
  ].forEach((options, index) => {
    test(t => {
      const e = document.createElement("div");
      e.setHTML("<em>bla</em><script>bla<" + "/script>", options);
      assert_equals(e.innerHTML, "<em>bla</em>");
    }, `Sanitizer: Element.setHTML options dictionary #${index} uses default.`);
  });

  [
    "tomato",
    { sanitizer: false },
    { sanitizer: "avocado" },
  ].forEach((options, index) => {
    test(t => {
      assert_throws_js(TypeError, _ => {
        document.createElement("div").setHTML("bla", options);
      });
    }, `Sanitizer: Element.setHTML invalid options dictionary #${index}`);
  });
</script>
</body>
</html>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 21:58:15 +0000