Adding upstream version 110.0.1.upstream/110.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 90 insertions, 0 deletions

diff --git a/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html b/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html
new file mode 100644
index 0000000000..4faa156ead
--- /dev/null
+++ b/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html
@@ -0,0 +1,90 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+</head>
+
+<body>
+<script>
+    test(t => {
+      let s = new Sanitizer();
+      assert_true(s instanceof Sanitizer);
+    }, "SanitizerAPI creator without config.");
+
+    test(t => {
+      let s = new Sanitizer({});
+      assert_true(s instanceof Sanitizer);
+    }, "SanitizerAPI creator with empty config.");
+
+    test(t => {
+      let s = new Sanitizer(null);
+      assert_true(s instanceof Sanitizer);
+    }, "SanitizerAPI creator with null as config.");
+
+    test(t => {
+      let s = new Sanitizer(undefined);
+      assert_true(s instanceof Sanitizer);
+    }, "SanitizerAPI creator with undefined as config.");
+
+    test(t => {
+      let s = new Sanitizer({testConfig: [1,2,3], attr: ["test", "i", "am"]});
+      assert_true(s instanceof Sanitizer);
+    }, "SanitizerAPI creator with config ignore unknown values.");
+
+    // In-depth testing of sanitization is handled in other tests. Here we
+    // do presence testing for each of the config options and test 3 things:
+    // - One case where our test string is modified,
+    // - one where it's unaffected,
+    // - that a config can't be changed afterwards.
+    //   (I.e., that the Sanitizer won't hold on to a reference of the options.)
+
+    // The probe determines whether the Sanitizer modifies the probe string.
+    const probe_string = "<div id=\"i\">balabala</div><p>test</p>";
+    const probe = sanitizer => {
+        const div = document.createElement("div");
+        div.setHTML(probe_string, {sanitizer: sanitizer});
+        return probe_string == div.innerHTML;
+    };
+
+    const should_stay_the_same = {
+      allowElements: [ "div", "p" ],
+      blockElements: [ "test" ],
+      dropElements: [ "test" ],
+      allowAttributes: { "id": ["*"]},
+      dropAttributes: { "bla": ["blubb"]},
+    };
+    const should_modify = {
+      allowElements: [ "div", "span" ],
+      blockElements: [ "div" ],
+      dropElements: [ "p" ],
+      allowAttributes: { "id": ["p"]},
+      dropAttributes: { "id": ["div"]},
+    };
+
+    assert_array_equals(Object.keys(should_stay_the_same), Object.keys(should_modify));
+    Object.keys(should_stay_the_same).forEach(option_key => {
+      test(t => {
+        const options = {};
+        options[option_key] = should_stay_the_same[option_key];
+        const s = new Sanitizer(options);
+        assert_true(s instanceof Sanitizer);
+        assert_true(probe(s));
+      }, `SanitizerAPI: ${option_key} stays is okay.`);
+
+      const options = {};
+      options[option_key] = should_modify[option_key];
+      const s = new Sanitizer(options);
+      test(t => {
+        assert_true(s instanceof Sanitizer);
+        assert_false(probe(s));
+      }, `SanitizerAPI: ${option_key} modify is okay.`);
+
+      options[option_key] = should_stay_the_same[option_key];
+      test(t => {
+        assert_false(probe(s));
+      }, `SanitizerAPI: ${option_key} config is not kept as reference.`);
+    });
+</script>
+</body>
+</html>