diff options
Diffstat (limited to 'testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html')
-rw-r--r-- | testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html b/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html new file mode 100644 index 0000000000..4faa156ead --- /dev/null +++ b/testing/web-platform/tests/sanitizer-api/sanitizer-config.https.html @@ -0,0 +1,90 @@ +<!DOCTYPE html> +<html> +<head> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> +</head> + +<body> +<script> + test(t => { + let s = new Sanitizer(); + assert_true(s instanceof Sanitizer); + }, "SanitizerAPI creator without config."); + + test(t => { + let s = new Sanitizer({}); + assert_true(s instanceof Sanitizer); + }, "SanitizerAPI creator with empty config."); + + test(t => { + let s = new Sanitizer(null); + assert_true(s instanceof Sanitizer); + }, "SanitizerAPI creator with null as config."); + + test(t => { + let s = new Sanitizer(undefined); + assert_true(s instanceof Sanitizer); + }, "SanitizerAPI creator with undefined as config."); + + test(t => { + let s = new Sanitizer({testConfig: [1,2,3], attr: ["test", "i", "am"]}); + assert_true(s instanceof Sanitizer); + }, "SanitizerAPI creator with config ignore unknown values."); + + // In-depth testing of sanitization is handled in other tests. Here we + // do presence testing for each of the config options and test 3 things: + // - One case where our test string is modified, + // - one where it's unaffected, + // - that a config can't be changed afterwards. + // (I.e., that the Sanitizer won't hold on to a reference of the options.) + + // The probe determines whether the Sanitizer modifies the probe string. + const probe_string = "<div id=\"i\">balabala</div><p>test</p>"; + const probe = sanitizer => { + const div = document.createElement("div"); + div.setHTML(probe_string, {sanitizer: sanitizer}); + return probe_string == div.innerHTML; + }; + + const should_stay_the_same = { + allowElements: [ "div", "p" ], + blockElements: [ "test" ], + dropElements: [ "test" ], + allowAttributes: { "id": ["*"]}, + dropAttributes: { "bla": ["blubb"]}, + }; + const should_modify = { + allowElements: [ "div", "span" ], + blockElements: [ "div" ], + dropElements: [ "p" ], + allowAttributes: { "id": ["p"]}, + dropAttributes: { "id": ["div"]}, + }; + + assert_array_equals(Object.keys(should_stay_the_same), Object.keys(should_modify)); + Object.keys(should_stay_the_same).forEach(option_key => { + test(t => { + const options = {}; + options[option_key] = should_stay_the_same[option_key]; + const s = new Sanitizer(options); + assert_true(s instanceof Sanitizer); + assert_true(probe(s)); + }, `SanitizerAPI: ${option_key} stays is okay.`); + + const options = {}; + options[option_key] = should_modify[option_key]; + const s = new Sanitizer(options); + test(t => { + assert_true(s instanceof Sanitizer); + assert_false(probe(s)); + }, `SanitizerAPI: ${option_key} modify is okay.`); + + options[option_key] = should_stay_the_same[option_key]; + test(t => { + assert_false(probe(s)); + }, `SanitizerAPI: ${option_key} config is not kept as reference.`); + }); +</script> +</body> +</html> |