diff options
Diffstat (limited to 'testing/web-platform/tests/trusted-types/TrustedTypePolicy-createXXX.tentative.html')
-rw-r--r-- | testing/web-platform/tests/trusted-types/TrustedTypePolicy-createXXX.tentative.html | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/testing/web-platform/tests/trusted-types/TrustedTypePolicy-createXXX.tentative.html b/testing/web-platform/tests/trusted-types/TrustedTypePolicy-createXXX.tentative.html new file mode 100644 index 0000000000..112d1ae636 --- /dev/null +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicy-createXXX.tentative.html @@ -0,0 +1,110 @@ +<!DOCTYPE html> +<script src="/resources/testharness.js" ></script> +<script src="/resources/testharnessreport.js"></script> +<script src="support/helper.sub.js"></script> + +<body> +<script> + test(t => { + const p1 = trustedTypes.createPolicy("policyHTMLAndScript", { + createHTML: s => s, + createScript: s => s + }); + assert_throws_js(TypeError, _ => { p1.createScriptURL("foo"); }); + + const p2 = trustedTypes.createPolicy("policyURLAndScriptURL", { + createScriptURL: s => s + }); + assert_throws_js(TypeError, _ => { p2.createHTML("foo"); }); + assert_throws_js(TypeError, _ => { p2.createScript("foo"); }); + }, "calling undefined callbacks throws"); + + test(t => { + const noopPolicy = { + createHTML: (s) => s, + createScriptURL: (s) => s, + createScript: (s) => s, + }; + policy = trustedTypes.createPolicy(Math.random(), noopPolicy, true); + let el = document.createElement("div"); + + el.title = policy.createHTML(INPUTS.SCRIPTURL); + assert_equals(el.title, INPUTS.SCRIPTURL); + }, "Attributes without type constraints will work as before."); + + test(t => { + const policy = trustedTypes.createPolicy("nullpolicy", null); + assert_throws_js(TypeError, _ => { policy.createScriptURL("foo"); }); + assert_throws_js(TypeError, _ => { policy.createHTML("foo"); }); + assert_throws_js(TypeError, _ => { policy.createScript("foo"); }); + }, "trustedTypes.createPolicy(.., null) creates empty policy."); + + + // testCases contains a list of policy functions and expected results (when + // called with a given default argument). They also use various helper + // variables (declared just below) to test side effects or interactions of + // global vars/functions with policy callbacks. + let aGlobalVarForSideEffectTesting = "global"; + var aGlobalObject = { "foo": "well," }; + function aGlobalFunction(s) { return this.foo + " " + s; } + function anotherGlobalFunction(s) { return s + "#" + this.foo; } + var foo = "a global var named foo"; + + const stringTestCases = [ + [ s => s, "whatever" ], + [ s => null, "" ], + [ s => "well, " + s, "well, whatever" ], + [ s => { throw new Error() }, Error ], + [ s => { aGlobalVarForSideEffectTesting = s; return s }, "whatever" ], + [ s => aGlobalVarForSideEffectTesting + s, "whateverwhatever" ], + [ aGlobalFunction.bind(aGlobalObject), "well, whatever" ], + [ s => aGlobalFunction(s), "a global var named foo whatever" ], + ]; + + const urlTestCases = [ + [ s => s, INPUTS.SCRIPTURL ], + [ s => null, "" ], + [ s => s + "#duck", INPUTS.SCRIPTURL + "#duck" ], + [ s => { throw new Error() }, Error ], + [ s => s + "#" + aGlobalVarForSideEffectTesting, + INPUTS.SCRIPTURL + "#global" ], + [ anotherGlobalFunction.bind(aGlobalObject), INPUTS.SCRIPTURL + "#well," ], + [ s => anotherGlobalFunction(s), + INPUTS.SCRIPTURL + "#a global var named foo" ], + ]; + + function policyBuilder(trustedMethodName, trustedType, defaultArg) { + return function(name, fn) { + let options = {}; + options[trustedMethodName] = fn; + let policy = window.trustedTypes.createPolicy(name, options); + let result = policy[trustedMethodName](defaultArg); + assert_true(result instanceof trustedType); + return result; + } + } + + const testCases = [ + [TrustedHTML, "createHTML", "whatever", stringTestCases], + [TrustedScript, "createScript", "whatever", stringTestCases], + [TrustedScriptURL, "createScriptURL", INPUTS.SCRIPTURL, urlTestCases], + ]; + + // Iterate over all trusted types, iterate over all test cases. + // For each, build the suitable policy and check the result. + for (let [trusted_class, trusted_method, default_arg, test_cases] of testCases) { + aGlobalVarForSideEffectTesting = "global"; + let builder = policyBuilder(trusted_method, trusted_class, default_arg); + for (let [index, [policy_fn, value]] of test_cases.entries()) { + let subtest_name = "TestPolicy" + trusted_class.name + index; + test(t => { + if (typeof value == "object" || typeof value == "function") { + assert_throws_js(value, () => builder(subtest_name, policy_fn)); + } else { + assert_equals("" + builder(subtest_name, policy_fn), value); + } + }, subtest_name + " (" + trusted_class.name + ": " + + policy_fn.toString() + ")"); + } + } +</script> |