summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html')
-rw-r--r--testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html90
1 files changed, 90 insertions, 0 deletions
diff --git a/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html b/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html
new file mode 100644
index 0000000000..4faa156ead
--- /dev/null
+++ b/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html
@@ -0,0 +1,90 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+</head>
+
+<body>
+<script>
+ test(t => {
+ let s = new Sanitizer();
+ assert_true(s instanceof Sanitizer);
+ }, "SanitizerAPI creator without config.");
+
+ test(t => {
+ let s = new Sanitizer({});
+ assert_true(s instanceof Sanitizer);
+ }, "SanitizerAPI creator with empty config.");
+
+ test(t => {
+ let s = new Sanitizer(null);
+ assert_true(s instanceof Sanitizer);
+ }, "SanitizerAPI creator with null as config.");
+
+ test(t => {
+ let s = new Sanitizer(undefined);
+ assert_true(s instanceof Sanitizer);
+ }, "SanitizerAPI creator with undefined as config.");
+
+ test(t => {
+ let s = new Sanitizer({testConfig: [1,2,3], attr: ["test", "i", "am"]});
+ assert_true(s instanceof Sanitizer);
+ }, "SanitizerAPI creator with config ignore unknown values.");
+
+ // In-depth testing of sanitization is handled in other tests. Here we
+ // do presence testing for each of the config options and test 3 things:
+ // - One case where our test string is modified,
+ // - one where it's unaffected,
+ // - that a config can't be changed afterwards.
+ // (I.e., that the Sanitizer won't hold on to a reference of the options.)
+
+ // The probe determines whether the Sanitizer modifies the probe string.
+ const probe_string = "<div id=\"i\">balabala</div><p>test</p>";
+ const probe = sanitizer => {
+ const div = document.createElement("div");
+ div.setHTML(probe_string, {sanitizer: sanitizer});
+ return probe_string == div.innerHTML;
+ };
+
+ const should_stay_the_same = {
+ allowElements: [ "div", "p" ],
+ blockElements: [ "test" ],
+ dropElements: [ "test" ],
+ allowAttributes: { "id": ["*"]},
+ dropAttributes: { "bla": ["blubb"]},
+ };
+ const should_modify = {
+ allowElements: [ "div", "span" ],
+ blockElements: [ "div" ],
+ dropElements: [ "p" ],
+ allowAttributes: { "id": ["p"]},
+ dropAttributes: { "id": ["div"]},
+ };
+
+ assert_array_equals(Object.keys(should_stay_the_same), Object.keys(should_modify));
+ Object.keys(should_stay_the_same).forEach(option_key => {
+ test(t => {
+ const options = {};
+ options[option_key] = should_stay_the_same[option_key];
+ const s = new Sanitizer(options);
+ assert_true(s instanceof Sanitizer);
+ assert_true(probe(s));
+ }, `SanitizerAPI: ${option_key} stays is okay.`);
+
+ const options = {};
+ options[option_key] = should_modify[option_key];
+ const s = new Sanitizer(options);
+ test(t => {
+ assert_true(s instanceof Sanitizer);
+ assert_false(probe(s));
+ }, `SanitizerAPI: ${option_key} modify is okay.`);
+
+ options[option_key] = should_stay_the_same[option_key];
+ test(t => {
+ assert_false(probe(s));
+ }, `SanitizerAPI: ${option_key} config is not kept as reference.`);
+ });
+</script>
+</body>
+</html>