Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

9 files changed, 352 insertions, 0 deletions

diff --git a/testing/web-platform/meta/sanitizer-api/__dir__.ini b/testing/web-platform/meta/sanitizer-api/__dir__.ini
new file mode 100644
index 0000000000..fb4d1e09bf
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/__dir__.ini
@@ -0,0 +1 @@
+prefs: [dom.security.sanitizer.enabled:true, dom.security.setHTML.enabled:true]
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-config.https.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-config.https.html.ini
new file mode 100644
index 0000000000..1ebd6b2251
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-config.https.html.ini
@@ -0,0 +1,3 @@
+[sanitizer-config.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-insecure-context.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-insecure-context.html.ini
new file mode 100644
index 0000000000..fb3a525b1e
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-insecure-context.html.ini
@@ -0,0 +1,4 @@
+[sanitizer-insecure-context.html]
+  expected:
+    if (os == "android") and debug and not fission: [OK, TIMEOUT]
+    if (os == "android") and debug and fission: [TIMEOUT, OK]
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-names.https.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-names.https.html.ini
new file mode 100644
index 0000000000..d3dbbf64af
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-names.https.html.ini
@@ -0,0 +1,38 @@
+[sanitizer-names.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Element names in config item: allowElements]
+    expected: FAIL
+
+  [Element names in config item: dropElements]
+    expected: FAIL
+
+  [Element names in config item: blockElements]
+    expected: FAIL
+
+  [Attribute names in config item: allowAttributes]
+    expected: FAIL
+
+  [Attribute names in config item: dropAttributes]
+    expected: FAIL
+
+  [Namespaced attributes #2: allowAttributes: [{"name":"xlink:href","elements":"*"}\]]
+    expected: FAIL
+
+  [Lower-case element names #0: "svg:feblend"]
+    expected: FAIL
+
+  [Mixed case element names #0: "feBlend" is preserved in config.]
+    expected: FAIL
+
+  [Lower-case element names #1: "svg:fecolormatrix"]
+    expected: FAIL
+
+  [Mixed case element names #1: "feColorMatrix" is preserved in config.]
+    expected: FAIL
+
+  [Lower-case element names #2: "svg:textpath"]
+    expected: FAIL
+
+  [Mixed case element names #2: "textPath" is preserved in config.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-query-config.https.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-query-config.https.html.ini
new file mode 100644
index 0000000000..f0670dff94
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-query-config.https.html.ini
@@ -0,0 +1,11 @@
+[sanitizer-query-config.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [SanitizerAPI getDefaultConfiguration()]
+    expected: FAIL
+
+  [SanitizerAPI getConfiguration() on default created Sanitizer]
+    expected: FAIL
+
+  [SanitizerAPI getConfiguration() reflects creation config.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-sanitize.https.tentative.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-sanitize.https.tentative.html.ini
new file mode 100644
index 0000000000..ffb0fb0b92
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-sanitize.https.tentative.html.ini
@@ -0,0 +1,15 @@
+[sanitizer-sanitize.https.tentative.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  max-asserts: 120
+  [SanitizerAPI with config: plaintext, sanitize from document function for <body>]
+    expected: FAIL
+
+  [SanitizerAPI with config: allowAttributes unknown attributes and with allowUnknownMarkup, sanitize from document function for <body>]
+    expected: FAIL
+
+  [SanitizerAPI with config: plaintext, sanitize from document fragment function for <template>]
+    expected: FAIL
+
+  [SanitizerAPI with config: allowAttributes unknown attributes and with allowUnknownMarkup, sanitize from document fragment function for <template>]
+    expected: FAIL
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-sanitizeFor.https.tentative.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-sanitizeFor.https.tentative.html.ini
new file mode 100644
index 0000000000..777be86cc2
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-sanitizeFor.https.tentative.html.ini
@@ -0,0 +1,272 @@
+[sanitizer-sanitizeFor.https.tentative.html]
+  expected:
+    if (os == "android") and debug: [OK, TIMEOUT]
+  [Sanitizer.sanitizeFor(element, ..)]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("template", "<em>Hello</em>") obeys parse context.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("template", "<td>data</td>") obeys parse context.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: string]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: html fragment]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: empty object]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: number]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: zeros]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: arithmetic]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: undefined]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: document]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: html without close tag]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: onclick scripts]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: plaintext]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: xmp]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: invalid config_input]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: empty dropElements list]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: test html without close tag with dropElements list ['div'\]]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: default behavior for custom elements]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allow custom elements]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allow custom elements with allow elements]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: disallow custom elements]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allow custom elements with drop list contains ["custom-element"\]]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropElements list ["test-element", "i"\]}]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropElements list ["I", "DL"\]}]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropElements list ["dl", "p"\]}]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowElements list ["p"\]]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowElements list has no influence to dropElements]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes list {"style": ["p"\]} with style attribute]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: empty dropAttributes list with id attribute]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes list {"id": ["*"\]} with id attribute]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes list {"ID": ["*"\]} with id attribute]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes list {"data-attribute-with-dashes": ["*"\]} with dom dataset js access]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowAttributes list {"id": ["div"\]} with id attribute]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowAttributes list {"id": ["*"\]} with id attribute and onclick scripts]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowAttributes list has no influence to dropAttributes]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: Template element]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLAnchorElement with javascript protocal]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLAnchorElement with javascript protocal start with space]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLAnchorElement]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLAreaElement with javascript protocal]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLAreaElement with javascript protocal start with space]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLAreaElement]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLFormElement with javascript action]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLFormElement with javascript action start with space]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLFormElement]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLInputElement with javascript formaction]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLInputElement with javascript formaction start with space]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLInputElement]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLButtonElement with javascript formaction]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLButtonElement with javascript formaction start with space]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTMLButtonElement]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: malformed HTML]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTML with comments; comments not allowed]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTML with comments; allowComments]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTML with comments; !allowComments]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTML with comments deeper in the tree]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTML with comments deeper in the tree, allowComments]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: HTML with comments deeper in the tree, !allowComments]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("script", ...) should fail.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("object", ...) should fail.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("iframe", ...) should fail.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: script not as root]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: script deeper in the tree]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: Unknown HTML names (HTMLUnknownElement instances) should not match elements parsed as non-HTML namespaces.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: Unknown HTML names (HTMLUnknownElement instances) should not match elements parsed as non-HTML namespaces when nested.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("div", ...) should pass.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor function shouldn't load the image.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("div", "<em>Hello</em>") obeys parse context.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("div", "<td>data</td>") obeys parse context.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("table", "<em>Hello</em>") obeys parse context.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor("table", "<td>data</td>") obeys parse context.]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: broken html]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: empty string]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: scripts for default configs]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: test script with ["script"\] as dropElements list]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropElements list ["i", "dl"\]}]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropElements list ["i", "dl"\]} with uppercase HTML]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes list {"ID": ["*"\]} with ID attribute]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes list {"id": ["*"\]} with ID attribute]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropElements with unknown elements and without allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: blockElements with unknown elements and without allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowElements with unknown elements and without allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropElements with unknown elements and with allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: blockElements with unknown elements and with allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowElements with unknown elements and with allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowAttributes unknown attributes and without allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: allowAttributes unknown attributes and with allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes unknown attributes and without allowUnknownMarkup]
+    expected: FAIL
+
+  [Sanitizer.sanitizeFor with config: dropAttributes unknown attributes and with allowUnknownMarkup]
+    expected: FAIL
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-secure-context.https.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-secure-context.https.html.ini
new file mode 100644
index 0000000000..4f9618f8a7
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-secure-context.https.html.ini
@@ -0,0 +1,3 @@
+[sanitizer-secure-context.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/sanitizer-api/sanitizer-unknown.https.html.ini b/testing/web-platform/meta/sanitizer-api/sanitizer-unknown.https.html.ini
new file mode 100644
index 0000000000..34f6797131
--- /dev/null
+++ b/testing/web-platform/meta/sanitizer-api/sanitizer-unknown.https.html.ini
@@ -0,0 +1,5 @@
+[sanitizer-unknown.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Unknown attribute names pass with allowUnknownMarkup.]
+    expected: FAIL