| author | Daniel Vogelheim <vogelheim@chromium.org> |
| Tue, 22 Oct 2019 09:30:06 +0000 | |
| changeset 499174 | bd827ed61b7b932e2c31c6e4c03fa186b199594f |
| parent 499173 | 8b3826085a5c8dc58ad3b6e35372aa5f990e07ce |
| child 499175 | 061788bbcc998a9a5b284b8ba89f48cfa1c5c2d6 |
| push id | 36736 |
| push user | malexandru@mozilla.com |
| push date | Sat, 26 Oct 2019 22:18:59 +0000 |
| treeherder | mozilla-central@51a716d89677 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | testonly |
| bugs | 1584942, 19395, 959693, 1626857, 705151 |
| milestone | 72.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/testing/web-platform/tests/trusted-types/Node-multiple-arguments.tentative.html +++ b/testing/web-platform/tests/trusted-types/Node-multiple-arguments.tentative.html @@ -4,17 +4,17 @@ <script src="/resources/testharness.js"></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> </head> <body> <div id="container"></div> <script> const container = document.querySelector("#container"); - const policy = window.TrustedTypes.createPolicy("policy", { + const policy = window.trustedTypes.createPolicy("policy", { createScript: t => t, }); function stringify(arg) { return "textContent" in arg.__proto__ ? arg.textContent : arg.toString() } // This test case mirrors the block-Node-multiple-arguments case except // that, because Trusted Types is not enabled, no exceptions should be
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicy-CSP-no-name.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicy-CSP-no-name.tentative.html @@ -4,13 +4,13 @@ <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types"> <body> <script> // No name given test test(t => { assert_throws(new TypeError(), - () => window.TrustedTypes.createPolicy('SomeName', { createHTML: s => s } ), + () => window.trustedTypes.createPolicy('SomeName', { createHTML: s => s } ), "createPolicy with an empty trusted-types CSP directive"); }, "No name list given - policy creation fails."); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicy-CSP-wildcard.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicy-CSP-wildcard.tentative.html @@ -2,12 +2,12 @@ <script src="/resources/testharness.js" ></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> <body> <script> test(t => { - let policy = window.TrustedTypes.createPolicy('SomeName', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('SomeName', { createHTML: s => s } ); assert_equals(policy.name, 'SomeName'); }, "CSP supports wildcards."); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicy-CSP.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicy-CSP.tentative.html @@ -3,25 +3,25 @@ <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types SomeName JustOneMoreName"> <body> <script> // Whitelisted name test test(t => { - let policy = window.TrustedTypes.createPolicy('SomeName', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('SomeName', { createHTML: s => s } ); assert_equals(policy.name, 'SomeName'); }, "Whitelisted policy creation works."); // Another whitelisted name test test(t => { - let policy = window.TrustedTypes.createPolicy('JustOneMoreName', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('JustOneMoreName', { createHTML: s => s } ); assert_equals(policy.name, 'JustOneMoreName'); }, "Another whitelisted policy creation works."); // Non-whitelisted names test test(t => { assert_throws(new TypeError(), _ => { - window.TrustedTypes.createPolicy('SomeOtherName', { createURL: s => s } ); + window.trustedTypes.createPolicy('SomeOtherName', { createURL: s => s } ); }); }, "Non-whitelisted policy creation throws."); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicy-createXXX.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicy-createXXX.tentative.html @@ -2,55 +2,55 @@ <script src="/resources/testharness.js" ></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> <body> <script> test(t => { - const p1 = TrustedTypes.createPolicy("policyHTMLAndScript", { + const p1 = trustedTypes.createPolicy("policyHTMLAndScript", { createHTML: s => s, createScript: s => s }); assert_throws(new TypeError(), _ => { p1.createScriptURL("foo"); }); assert_throws(new TypeError(), _ => { p1.createURL("foo"); }); - const p2 = TrustedTypes.createPolicy("policyURLAndScriptURL", { + const p2 = trustedTypes.createPolicy("policyURLAndScriptURL", { createURL: s => s, createScriptURL: s => s }); assert_throws(new TypeError(), _ => { p2.createHTML("foo"); }); assert_throws(new TypeError(), _ => { p2.createScript("foo"); }); }, "calling undefined callbacks throws"); test(t => { const noopPolicy = { createHTML: (s) => s, createScriptURL: (s) => s, createURL: (s) => s, createScript: (s) => s, }; - policy = TrustedTypes.createPolicy(Math.random(), noopPolicy, true); + policy = trustedTypes.createPolicy(Math.random(), noopPolicy, true); let el = document.createElement("div"); el.title = policy.createHTML(INPUTS.URL); assert_equals(el.title, INPUTS.URL); el.title = policy.createURL(INPUTS.HTML); assert_equals(el.title, INPUTS.HTML); }, "Attributes without type constraints will work as before."); test(t => { - const policy = TrustedTypes.createPolicy("nullpolicy", null); + const policy = trustedTypes.createPolicy("nullpolicy", null); assert_throws(new TypeError(), _ => { policy.createScriptURL("foo"); }); assert_throws(new TypeError(), _ => { policy.createURL("foo"); }); assert_throws(new TypeError(), _ => { policy.createHTML("foo"); }); assert_throws(new TypeError(), _ => { policy.createScript("foo"); }); - }, "TrustedTypes.createPolicy(.., null) creates empty policy."); + }, "trustedTypes.createPolicy(.., null) creates empty policy."); // testCases contains a list of policy functions and expected results (when // called with a given default argument). They also use various helper // variables (declared just below) to test side effects or interactions of // global vars/functions with policy callbacks. let aGlobalVarForSideEffectTesting = "global"; var aGlobalObject = { "foo": "well," }; @@ -80,17 +80,17 @@ [ s => anotherGlobalFunction(s), INPUTS.SCRIPTURL + "#a global var named foo" ], ]; function policyBuilder(trustedMethodName, trustedType, defaultArg) { return function(name, fn) { let options = {}; options[trustedMethodName] = fn; - let policy = window.TrustedTypes.createPolicy(name, options); + let policy = window.trustedTypes.createPolicy(name, options); let result = policy[trustedMethodName](defaultArg); assert_true(result instanceof trustedType); return result; } } const testCases = [ [TrustedHTML, "createHTML", "whatever", stringTestCases],
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicy-name.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicy-name.tentative.html @@ -3,29 +3,29 @@ <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> <body> <script> // Policy name test test(t => { - let policy = TrustedTypes.createPolicy('hidden', { createHTML: s => s }, false ); + let policy = trustedTypes.createPolicy('hidden', { createHTML: s => s }, false ); assert_true(policy instanceof TrustedTypePolicy); assert_equals(policy.name, 'hidden'); }, "policy.name = name"); // Duplicate names test test(t => { assert_throws(new TypeError(), _ => { - TrustedTypes.createPolicy('hidden', { createURL: s => s } ); + trustedTypes.createPolicy('hidden', { createURL: s => s } ); }); }, "duplicate policy name attempt throws"); // Retrieve policy names tests test(t => { - let policy = TrustedTypes.createPolicy('exposed', { createURL: s => s }, true ); - let names = TrustedTypes.getPolicyNames(); + let policy = trustedTypes.createPolicy('exposed', { createURL: s => s }, true ); + let names = trustedTypes.getPolicyNames(); assert_equals(names.length, 2); assert_true(names.includes('hidden')); assert_true(names.includes('exposed')); }, "getPolicyNames returns all policy names"); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-constants.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-constants.tentative.html @@ -2,25 +2,25 @@ <script src="/resources/testharness.js"></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> <body> <script> test(t => { - const empty = TrustedTypes.emptyHTML; - assert_true(TrustedTypes.isHTML(empty)); + const empty = trustedTypes.emptyHTML; + assert_true(trustedTypes.isHTML(empty)); assert_equals(empty.toString(), ""); - }, 'TrustedTypes.emptyHTML returns the intended value.'); + }, 'trustedTypes.emptyHTML returns the intended value.'); test(t => { - try { TrustedTypes.emptyHTML = 'fake'; } catch { } - assert_true(TrustedTypes.isHTML(TrustedTypes.emptyHTML)); - assert_equals(TrustedTypes.emptyHTML.toString(), ""); - }, 'TrustedTypes.emptyHTML cannot be redefined.'); + try { trustedTypes.emptyHTML = 'fake'; } catch { } + assert_true(trustedTypes.isHTML(trustedTypes.emptyHTML)); + assert_equals(trustedTypes.emptyHTML.toString(), ""); + }, 'trustedTypes.emptyHTML cannot be redefined.'); test(t => { try { Object.defineProperty(TrustedTypes, 'emptyHTML', 'fake'); } catch { } - assert_true(TrustedTypes.isHTML(TrustedTypes.emptyHTML)); - assert_equals(TrustedTypes.emptyHTML.toString(), ""); - }, 'TrustedTypes.emptyHTML cannot be redefined via defineProperty.'); + assert_true(trustedTypes.isHTML(trustedTypes.emptyHTML)); + assert_equals(trustedTypes.emptyHTML.toString(), ""); + }, 'trustedTypes.emptyHTML cannot be redefined via defineProperty.'); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-createXYZTests.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-createXYZTests.tentative.html @@ -1,20 +1,20 @@ <!DOCTYPE html> <script src="/resources/testharness.js" ></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <body> <script> //HTML tests function createHTMLTest(policyName, policy, expectedHTML, t) { - let p = window.TrustedTypes.createPolicy(policyName, policy); + let p = window.trustedTypes.createPolicy(policyName, policy); let html = p.createHTML('whatever'); assert_true(html instanceof TrustedHTML); - assert_true(TrustedTypes.isHTML(html)); + assert_true(trustedTypes.isHTML(html)); assert_equals(html + "", expectedHTML); } test(t => { createHTMLTest('TestPolicyHTML1', { createHTML: s => s }, 'whatever', t); }, "html = identity function"); test(t => { @@ -28,17 +28,17 @@ var HTMLx = 'global'; test(t => { createHTMLTest('TestPolicyHTML4', { createHTML: s => { HTMLx = s; return s; } }, 'whatever', t); assert_equals(HTMLx, 'whatever'); }, "html = identity function, global string changed"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyHTML5', { createHTML: s => { throw new Error(); }}); + let p = window.trustedTypes.createPolicy('TestPolicyHTML5', { createHTML: s => { throw new Error(); }}); assert_throws(new Error(), _ => { p.createHTML('whatever'); }); }, "html = callback that throws"); var obj = { "foo": "well," } @@ -52,41 +52,41 @@ }, "html = this bound to an object"); var foo = "well,"; test(t => { createHTMLTest('TestPolicyHTML7', { createHTML: s => getHTML(s) }, 'well, whatever', t); }, "html = this without bind"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyHTML8', null); + let p = window.trustedTypes.createPolicy('TestPolicyHTML8', null); assert_throws(new TypeError(), _ => { p.createHTML('whatever'); }); }, "html - calling undefined callback throws"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyHTML9', { createHTML: createHTMLJS }); + let p = window.trustedTypes.createPolicy('TestPolicyHTML9', { createHTML: createHTMLJS }); assert_throws(new TypeError(), _ => { p.createScript(INPUTS.SCRIPT); }); assert_throws(new TypeError(), _ => { p.createScriptURL(INPUTS.SCRIPTURL); }); assert_throws(new TypeError(), _ => { p.createURL(INPUTS.URL); }); }, "createHTML defined - calling undefined callbacks throws"); //Script tests function createScriptTest(policyName, policy, expectedScript, t) { - let p = window.TrustedTypes.createPolicy(policyName, policy); + let p = window.trustedTypes.createPolicy(policyName, policy); let script = p.createScript('whatever'); assert_true(script instanceof TrustedScript); - assert_true(TrustedTypes.isScript(script)); + assert_true(trustedTypes.isScript(script)); assert_equals(script + "", expectedScript); } test(t => { createScriptTest('TestPolicyScript1', { createScript: s => s }, 'whatever', t); }, "script = identity function"); test(t => { @@ -100,17 +100,17 @@ var Scriptx = 'global'; test(t => { createScriptTest('TestPolicyScript4', { createScript: s => { Scriptx = s; return s; } }, 'whatever', t); assert_equals(Scriptx, 'whatever'); }, "script = identity function, global string changed"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyScript5', { + let p = window.trustedTypes.createPolicy('TestPolicyScript5', { createScript: s => { throw new Error(); } }); assert_throws(new Error(), _ => { p.createScript('whatever'); }); }, "script = callback that throws"); var obj = { @@ -126,42 +126,42 @@ }, "script = this bound to an object"); var foo = "well,"; test(t => { createScriptTest('TestPolicyScript7', { createScript: s => getScript(s) }, 'well, whatever', t); }, "script = this without bind"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyScript8', null); + let p = window.trustedTypes.createPolicy('TestPolicyScript8', null); assert_throws(new TypeError(), _ => { p.createScript('whatever'); }); }, "script - calling undefined callback throws"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyScript9', { createScript: createScriptJS }); + let p = window.trustedTypes.createPolicy('TestPolicyScript9', { createScript: createScriptJS }); assert_throws(new TypeError(), _ => { p.createHTML(INPUTS.HTML); }); assert_throws(new TypeError(), _ => { p.createScriptURL(INPUTS.SCRIPTURL); }); assert_throws(new TypeError(), _ => { p.createURL(INPUTS.URL); }); }, "createScript defined - calling undefined callbacks throws"); //ScriptURL tests function createScriptURLTest(policyName, policy, expectedScriptURL, t) { - let p = window.TrustedTypes.createPolicy(policyName, policy); + let p = window.trustedTypes.createPolicy(policyName, policy); let scriptUrl = p.createScriptURL(INPUTS.SCRIPTURL); assert_true(scriptUrl instanceof TrustedScriptURL); - assert_true(TrustedTypes.isScriptURL(scriptUrl)); + assert_true(trustedTypes.isScriptURL(scriptUrl)); assert_equals(scriptUrl + "", expectedScriptURL); } test(t => { createScriptURLTest('TestPolicyScriptURL1', { createScriptURL: s => s }, INPUTS.SCRIPTURL, t); }, "script_url = identity function"); test(t => { @@ -175,17 +175,17 @@ var scriptURLx = 'global'; test(t => { createScriptURLTest('TestPolicyScriptURL4', { createScriptURL: s => { ScriptURLx = s; return s; } }, INPUTS.SCRIPTURL, t); assert_equals(ScriptURLx, INPUTS.SCRIPTURL); }, "script_url = identity function, global string changed"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyScriptURL5', { + let p = window.trustedTypes.createPolicy('TestPolicyScriptURL5', { createScriptURL: s => { throw new Error(); } }); assert_throws(new Error(), _ => { p.createScriptURL(INPUTS.SCRIPTURL); }); }, "script_url = callback that throws"); function getScriptURL(s) { @@ -201,42 +201,42 @@ }, "script_url = this bound to an object"); var baz = "#duck"; test(t => { createScriptURLTest('TestPolicyScriptURL7', { createScriptURL: s => getScriptURL(s) }, INPUTS.SCRIPTURL + baz, t); }, "script_url = this without bind"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyScriptURL8', null); + let p = window.trustedTypes.createPolicy('TestPolicyScriptURL8', null); assert_throws(new TypeError(), _ => { p.createScriptURL(INPUTS.SCRIPTURL); }); }, "script_url - calling undefined callback throws"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyScriptURL9', { createScriptURL: createScriptURLJS }); + let p = window.trustedTypes.createPolicy('TestPolicyScriptURL9', { createScriptURL: createScriptURLJS }); assert_throws(new TypeError(), _ => { p.createHTML(INPUTS.HTML); }); assert_throws(new TypeError(), _ => { p.createScript(INPUTS.SCRIPT); }); assert_throws(new TypeError(), _ => { p.createURL(INPUTS.URL); }); }, "createScriptURL defined - calling undefined callbacks throws"); //URL tests function createURLTest(policyName, policy, expectedURL, t) { - let p = window.TrustedTypes.createPolicy(policyName, policy); + let p = window.trustedTypes.createPolicy(policyName, policy); let url = p.createURL(INPUTS.URL); assert_true(url instanceof TrustedURL); - assert_true(TrustedTypes.isURL(url)); + assert_true(trustedTypes.isURL(url)); assert_equals(url + "", expectedURL); } test(t => { createURLTest('TestPolicyURL1', { createURL: s => s }, INPUTS.URL, t); }, "url = identity function"); test(t => { @@ -250,17 +250,17 @@ var URLx = 'global'; test(t => { createURLTest('TestPolicyURL4', { createURL: s => { URLx = s; return s; } }, INPUTS.URL, t); assert_equals(URLx, INPUTS.URL); }, "url = identity function, global string changed"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyURL5', { + let p = window.trustedTypes.createPolicy('TestPolicyURL5', { createURL: s => { throw new Error(); } }); assert_throws(new Error(), _ => { p.createURL(INPUTS.URL); }); }, "url = callback that throws"); function getURL(s) { @@ -276,24 +276,24 @@ }, "url = this bound to an object"); var bar = "#x"; test(t => { createURLTest('TestPolicyURL7', { createURL: s => getURL(s) }, INPUTS.URL + bar, t); }, "url = this without bind"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyURL8', null); + let p = window.trustedTypes.createPolicy('TestPolicyURL8', null); assert_throws(new TypeError(), _ => { p.createURL(INPUTS.URL); }); }, "url - calling undefined callback throws"); test(t => { - let p = window.TrustedTypes.createPolicy('TestPolicyURL9', { createURL: createURLJS }); + let p = window.trustedTypes.createPolicy('TestPolicyURL9', { createURL: createURLJS }); assert_throws(new TypeError(), _ => { p.createHTML(INPUTS.HTML); }); assert_throws(new TypeError(), _ => { p.createScript(INPUTS.SCRIPT); }); assert_throws(new TypeError(), _ => { p.createScriptURL(INPUTS.SCRIPTURL);
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-noNamesGiven.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-noNamesGiven.tentative.html @@ -3,13 +3,13 @@ <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types"> <body> <script> //No name given test test(t => { assert_throws(new TypeError(), _ => { - window.TrustedTypes.createPolicy('SomeName', { createHTML: s => s } ); + window.trustedTypes.createPolicy('SomeName', { createHTML: s => s } ); }); }, "No name list given - policy creation throws"); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-wildcard.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests-wildcard.tentative.html @@ -2,13 +2,13 @@ <script src="/resources/testharness.js" ></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> <body> <script> //No name given test test(t => { - let policy = window.TrustedTypes.createPolicy('SomeName', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('SomeName', { createHTML: s => s } ); assert_equals(policy.name, 'SomeName'); }, "Wildcard given - policy creation works"); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-cspTests.tentative.html @@ -3,25 +3,25 @@ <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types SomeName JustOneMoreName"> <body> <script> // Whitelisted name test test(t => { - let policy = window.TrustedTypes.createPolicy('SomeName', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('SomeName', { createHTML: s => s } ); assert_equals(policy.name, 'SomeName'); }, "Whitelisted policy creation works."); // Another whitelisted name test test(t => { - let policy = window.TrustedTypes.createPolicy('JustOneMoreName', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('JustOneMoreName', { createHTML: s => s } ); assert_equals(policy.name, 'JustOneMoreName'); }, "Another whitelisted policy creation works."); // Non-whitelisted names test test(t => { assert_throws(new TypeError(), _ => { - window.TrustedTypes.createPolicy('SomeOtherName', { createURL: s => s } ); + window.trustedTypes.createPolicy('SomeOtherName', { createURL: s => s } ); }); }, "Non-whitelisted policy creation throws."); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-nameTests.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-createPolicy-nameTests.tentative.html @@ -1,28 +1,28 @@ <!DOCTYPE html> <script src="/resources/testharness.js" ></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <body> <script> //Policy name test test(t => { - let policy = window.TrustedTypes.createPolicy('SomeName', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('SomeName', { createHTML: s => s } ); assert_true(policy instanceof TrustedTypePolicy); assert_equals(policy.name, 'SomeName'); }, "policy.name = name"); //Duplicate names test test(t => { assert_throws(new TypeError(), _ => { - window.TrustedTypes.createPolicy('SomeName', { createURL: s => s } ); + window.trustedTypes.createPolicy('SomeName', { createURL: s => s } ); }); }, "duplicate policy name attempt throws"); //Retrieve policy names tests test(t => { - let policy = window.TrustedTypes.createPolicy('SomeOtherName', { createURL: s => s } ); - let names = window.TrustedTypes.getPolicyNames(); + let policy = window.trustedTypes.createPolicy('SomeOtherName', { createURL: s => s } ); + let names = window.trustedTypes.getPolicyNames(); assert_true(names.includes('SomeName')); assert_true(names.includes('SomeOtherName')); }, "Retrieving policy names"); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-defaultPolicy.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-defaultPolicy.tentative.html @@ -1,24 +1,24 @@ <!DOCTYPE html> <script src="/resources/testharness.js" ></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <body> <script> test(t => { - assert_equals(window.TrustedTypes.defaultPolicy, null); + assert_equals(window.trustedTypes.defaultPolicy, null); }, "defaultPolicy with no default created is not an error"); test(t => { - let policy = window.TrustedTypes.createPolicy('default', { createHTML: s => s } ); + let policy = window.trustedTypes.createPolicy('default', { createHTML: s => s } ); assert_true(policy instanceof TrustedTypePolicy); - assert_equals(policy, window.TrustedTypes.defaultPolicy); + assert_equals(policy, window.trustedTypes.defaultPolicy); }, "defaultPolicy returns the correct default policy"); test(t => { - let foo_policy = window.TrustedTypes.createPolicy('foo', { createHTML: s => s } ); - let default_policy = window.TrustedTypes.defaultPolicy; - window.TrustedTypes.defaultPolicy = foo_policy; - assert_equals(window.TrustedTypes.defaultPolicy, default_policy); - assert_not_equals(window.TrustedTypes.defaultPolicy, foo_policy); + let foo_policy = window.trustedTypes.createPolicy('foo', { createHTML: s => s } ); + let default_policy = window.trustedTypes.defaultPolicy; + window.trustedTypes.defaultPolicy = foo_policy; + assert_equals(window.trustedTypes.defaultPolicy, default_policy); + assert_not_equals(window.trustedTypes.defaultPolicy, foo_policy); }, "defaultPolicy is a read-only property"); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-getPropertyType.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-getPropertyType.tentative.html @@ -3,112 +3,112 @@ <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> <body> <div id="target"></div> <script> test(t => { - assert_equals(TrustedTypes.getPropertyType("a", "href"), "TrustedURL"); - assert_equals(TrustedTypes.getPropertyType("a", "id"), null); - assert_equals(TrustedTypes.getPropertyType("a", "b"), null); - }, "sanity check TrustedTypes.getPropertyType for the HTML a element."); + assert_equals(trustedTypes.getPropertyType("a", "href"), "TrustedURL"); + assert_equals(trustedTypes.getPropertyType("a", "id"), null); + assert_equals(trustedTypes.getPropertyType("a", "b"), null); + }, "sanity check trustedTypes.getPropertyType for the HTML a element."); test(t => { - assert_equals(TrustedTypes.getAttributeType("img", "onerror"), "TrustedScript"); - assert_equals(TrustedTypes.getAttributeType("img", "width"), null); - assert_equals(TrustedTypes.getAttributeType("img", "madeup"), null); - }, "sanity check TrustedTypes.getAttributeType."); + assert_equals(trustedTypes.getAttributeType("img", "onerror"), "TrustedScript"); + assert_equals(trustedTypes.getAttributeType("img", "width"), null); + assert_equals(trustedTypes.getAttributeType("img", "madeup"), null); + }, "sanity check trustedTypes.getAttributeType."); test(t => { - assert_true(!!TrustedTypes.getTypeMapping()); - }, "sanity check TrustedTypes.getTypeMapping"); + assert_true(!!trustedTypes.getTypeMapping()); + }, "sanity check trustedTypes.getTypeMapping"); // getPropertyType tests adapted from WICG/trusted-types polyfill: test(t => { // returns the proper type for attribute-related properties - assert_equals(TrustedTypes.getPropertyType("script", "src"), "TrustedScriptURL"); - assert_equals(TrustedTypes.getPropertyType("img", "src"), "TrustedURL"); + assert_equals(trustedTypes.getPropertyType("script", "src"), "TrustedScriptURL"); + assert_equals(trustedTypes.getPropertyType("img", "src"), "TrustedURL"); // is case insensitive for tag names - assert_equals(TrustedTypes.getPropertyType("SCRIPT", "src"), "TrustedScriptURL"); - assert_equals(TrustedTypes.getPropertyType("ImG", "src"), "TrustedURL"); + assert_equals(trustedTypes.getPropertyType("SCRIPT", "src"), "TrustedScriptURL"); + assert_equals(trustedTypes.getPropertyType("ImG", "src"), "TrustedURL"); // is case sensitive for property names - assert_equals(TrustedTypes.getPropertyType("script", "sRc"), null); - assert_equals(TrustedTypes.getPropertyType("div", "innerhtml"), null); + assert_equals(trustedTypes.getPropertyType("script", "sRc"), null); + assert_equals(trustedTypes.getPropertyType("div", "innerhtml"), null); // returns the proper type for innerHTML - assert_equals(TrustedTypes.getPropertyType("div", "innerHTML"), "TrustedHTML"); + assert_equals(trustedTypes.getPropertyType("div", "innerHTML"), "TrustedHTML"); // returns the proper type for outerHTML - assert_equals(TrustedTypes.getPropertyType("div", "outerHTML"), "TrustedHTML"); + assert_equals(trustedTypes.getPropertyType("div", "outerHTML"), "TrustedHTML"); // returns the proper type for script.prop ["text", "innerText", "textContent"].forEach((prop) => { - assert_equals(TrustedTypes.getPropertyType("script", prop), "TrustedScript"); + assert_equals(trustedTypes.getPropertyType("script", prop), "TrustedScript"); }); }, "getPropertyType tests adapted from WICG/trusted-types polyfill"); test(t => { // returns the proper type - assert_equals(TrustedTypes.getAttributeType('script', 'src'), 'TrustedScriptURL'); - assert_equals(TrustedTypes.getAttributeType('img', 'src'), 'TrustedURL'); + assert_equals(trustedTypes.getAttributeType('script', 'src'), 'TrustedScriptURL'); + assert_equals(trustedTypes.getAttributeType('img', 'src'), 'TrustedURL'); // ignores attributes from unknown namespaces - assert_equals(TrustedTypes.getAttributeType( + assert_equals(trustedTypes.getAttributeType( 'a', 'href', '', 'http://foo.bar'), null); // is case insensitive for element names - assert_equals(TrustedTypes.getAttributeType('SCRIPT', 'src'), 'TrustedScriptURL'); - assert_equals(TrustedTypes.getAttributeType('imG', 'src'), 'TrustedURL'); + assert_equals(trustedTypes.getAttributeType('SCRIPT', 'src'), 'TrustedScriptURL'); + assert_equals(trustedTypes.getAttributeType('imG', 'src'), 'TrustedURL'); // is case insensitive for the attribute names - assert_equals(TrustedTypes.getAttributeType('script', 'SRC'), 'TrustedScriptURL'); - assert_equals(TrustedTypes.getAttributeType('imG', 'srC'), 'TrustedURL'); + assert_equals(trustedTypes.getAttributeType('script', 'SRC'), 'TrustedScriptURL'); + assert_equals(trustedTypes.getAttributeType('imG', 'srC'), 'TrustedURL'); // supports the inline event handlers - assert_equals(TrustedTypes.getAttributeType('img', 'onerror'), 'TrustedScript'); - assert_equals(TrustedTypes.getAttributeType('unknown', 'onerror'), 'TrustedScript'); + assert_equals(trustedTypes.getAttributeType('img', 'onerror'), 'TrustedScript'); + assert_equals(trustedTypes.getAttributeType('unknown', 'onerror'), 'TrustedScript'); // defaults to undefined - assert_equals(TrustedTypes.getAttributeType('unknown', 'src'), null); - assert_equals(TrustedTypes.getAttributeType('img', 'bar'), null); + assert_equals(trustedTypes.getAttributeType('unknown', 'src'), null); + assert_equals(trustedTypes.getAttributeType('img', 'bar'), null); }, "getAttributeType tests adapted from WICG/trusted-types polyfill"); test(t=> { - const map = TrustedTypes.getTypeMapping(); + const map = trustedTypes.getTypeMapping(); // Spot testing some values. assert_equals(map["script"].attributes.src, "TrustedScriptURL"); assert_equals(map["img"].attributes.src, "TrustedURL"); assert_equals(map["*"].properties.innerHTML, "TrustedHTML"); assert_equals(map["foo"], undefined); // getTypeMapping returns a 'clean' object, in case the return value has // been modified. map["*"].attributes["foo"] = "bar"; - assert_equals(TrustedTypes.getTypeMapping()["*"].attributes["foo"], undefined); + assert_equals(trustedTypes.getTypeMapping()["*"].attributes["foo"], undefined); ; // Unknown namespaces: - assert_equals(TrustedTypes.getTypeMapping("http://foo/bar"), undefined); + assert_equals(trustedTypes.getTypeMapping("http://foo/bar"), undefined); }, "getTypeMapping tests adapted from WICG/trusted-types polyfill"); // Test case handling for both attributes and properties. for (let attr of ["codeBase", "CODEBASE", "codebase"]) { for (let elem of ["object", "OBJECT", "oBjEcT"]) { test(t => { // attributes are case-insensitive, so all variants should be defined. - assert_true(TrustedTypes.getAttributeType(elem, attr) != undefined); + assert_true(trustedTypes.getAttributeType(elem, attr) != undefined); }, `${elem}[${attr}] is defined`); test(t => { // properties are case-sensitive, so only the "correct" spelling // should be defined. - assert_equals(TrustedTypes.getPropertyType(elem, attr) != undefined, + assert_equals(trustedTypes.getPropertyType(elem, attr) != undefined, attr == "codeBase"); }, `${elem}.${attr} is maybe defined`); } } </script> </body>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-isXXX.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-isXXX.tentative.html @@ -11,145 +11,145 @@ 'createHTML': (s) => s, 'createScriptURL': (s) => s, 'createURL': (s) => s, 'createScript': (s) => s, }; // isHTML tests test(t => { - const p = TrustedTypes.createPolicy('html', noopPolicy); + const p = trustedTypes.createPolicy('html', noopPolicy); let html = p.createHTML(INPUTS.HTML); - assert_true(TrustedTypes.isHTML(html)); + assert_true(trustedTypes.isHTML(html)); let html2 = Object.create(html); // instanceof can pass, but we rely on isHTML assert_true(html2 instanceof TrustedHTML); - assert_false(TrustedTypes.isHTML(html2)); + assert_false(trustedTypes.isHTML(html2)); let html3 = Object.assign({}, html, {toString: () => 'fake'}); - assert_false(TrustedTypes.isHTML(html3)); + assert_false(trustedTypes.isHTML(html3)); }, 'TrustedTypePolicyFactory.isHTML requires the object to be created via policy.'); // isScript tests test(t => { - const p = TrustedTypes.createPolicy('script', noopPolicy); + const p = trustedTypes.createPolicy('script', noopPolicy); let script = p.createScript(INPUTS.SCRIPT); - assert_true(TrustedTypes.isScript(script)); + assert_true(trustedTypes.isScript(script)); let script2 = Object.create(script); // instanceof can pass, but we rely on isScript assert_true(script2 instanceof TrustedScript); - assert_false(TrustedTypes.isScript(script2)); + assert_false(trustedTypes.isScript(script2)); let script3 = Object.assign({}, script, {toString: () => 'fake'}); - assert_false(TrustedTypes.isScript(script3)); + assert_false(trustedTypes.isScript(script3)); }, 'TrustedTypePolicyFactory.isScript requires the object to be created via policy.'); // isScriptURL tests test(t => { - const p = TrustedTypes.createPolicy('script_url', noopPolicy); + const p = trustedTypes.createPolicy('script_url', noopPolicy); let script = p.createScriptURL(INPUTS.SCRIPTURL); - assert_true(TrustedTypes.isScriptURL(script)); + assert_true(trustedTypes.isScriptURL(script)); let script2 = Object.create(script); // instanceof can pass, but we rely on isScript assert_true(script2 instanceof TrustedScriptURL); - assert_false(TrustedTypes.isScriptURL(script2)); + assert_false(trustedTypes.isScriptURL(script2)); let script3 = Object.assign({}, script, {toString: () => 'fake'}); - assert_false(TrustedTypes.isScriptURL(script3)); + assert_false(trustedTypes.isScriptURL(script3)); }, 'TrustedTypePolicyFactory.isScriptURL requires the object to be created via policy.'); // isURL tests test(t => { - const p = TrustedTypes.createPolicy('url', noopPolicy); + const p = trustedTypes.createPolicy('url', noopPolicy); let url = p.createURL(INPUTS.URL); - assert_true(TrustedTypes.isURL(url)); + assert_true(trustedTypes.isURL(url)); let url2 = Object.create(url); // instanceof can pass, but we rely on isScript assert_true(url2 instanceof TrustedURL); - assert_false(TrustedTypes.isURL(url2)); + assert_false(trustedTypes.isURL(url2)); let url3 = Object.assign({}, url, {toString: () => 'fake'}); - assert_false(TrustedTypes.isURL(url3)); + assert_false(trustedTypes.isURL(url3)); }, 'TrustedTypePolicyFactory.isURL requires the object to be created via policy.'); // Test non-object parameters. test(t => { - assert_false(TrustedTypes.isHTML(null)); - assert_false(TrustedTypes.isHTML(123)); - assert_false(TrustedTypes.isHTML(0.5)); - assert_false(TrustedTypes.isHTML('test')); - assert_false(TrustedTypes.isHTML({})); - assert_false(TrustedTypes.isScript(null)); - assert_false(TrustedTypes.isScript(123)); - assert_false(TrustedTypes.isScript(0.5)); - assert_false(TrustedTypes.isScript('test')); - assert_false(TrustedTypes.isScript({})); - assert_false(TrustedTypes.isURL(null)); - assert_false(TrustedTypes.isURL(123)); - assert_false(TrustedTypes.isURL(0.5)); - assert_false(TrustedTypes.isURL('test')); - assert_false(TrustedTypes.isURL({})); - assert_false(TrustedTypes.isScriptURL(null)); - assert_false(TrustedTypes.isScriptURL(123)); - assert_false(TrustedTypes.isScriptURL(0.5)); - assert_false(TrustedTypes.isScriptURL('test')); - assert_false(TrustedTypes.isScriptURL({})); + assert_false(trustedTypes.isHTML(null)); + assert_false(trustedTypes.isHTML(123)); + assert_false(trustedTypes.isHTML(0.5)); + assert_false(trustedTypes.isHTML('test')); + assert_false(trustedTypes.isHTML({})); + assert_false(trustedTypes.isScript(null)); + assert_false(trustedTypes.isScript(123)); + assert_false(trustedTypes.isScript(0.5)); + assert_false(trustedTypes.isScript('test')); + assert_false(trustedTypes.isScript({})); + assert_false(trustedTypes.isURL(null)); + assert_false(trustedTypes.isURL(123)); + assert_false(trustedTypes.isURL(0.5)); + assert_false(trustedTypes.isURL('test')); + assert_false(trustedTypes.isURL({})); + assert_false(trustedTypes.isScriptURL(null)); + assert_false(trustedTypes.isScriptURL(123)); + assert_false(trustedTypes.isScriptURL(0.5)); + assert_false(trustedTypes.isScriptURL('test')); + assert_false(trustedTypes.isScriptURL({})); }, 'TrustedTypePolicyFactory.isXXX should accept anything without throwing.'); // Redefinition tests, assign to property. // (Assignments will through in the polyfill (because the objects are frozen) // but will be silently dropped in the native implementation (because that's // what [Unforgeable] does. Hence, the tests use try {..} catch {} to cover // both situationsm rather than expect_throws(...).) test(t => { - try { TrustedTypes.isHTML = () => 'fake'; } catch { } - assert_false(TrustedTypes.isHTML({})); + try { trustedTypes.isHTML = () => 'fake'; } catch { } + assert_false(trustedTypes.isHTML({})); }, 'TrustedTypePolicyFactory.IsHTML cannot be redefined.'); test(t => { - try { TrustedTypes.isScript = () => 'fake'; } catch { } - assert_false(TrustedTypes.isScript({})); + try { trustedTypes.isScript = () => 'fake'; } catch { } + assert_false(trustedTypes.isScript({})); }, 'TrustedTypePolicyFactory.isScript cannot be redefined.'); test(t => { - try { TrustedTypes.isScriptURL = () => 'fake'; } catch { } - assert_false(TrustedTypes.isScriptURL({})); + try { trustedTypes.isScriptURL = () => 'fake'; } catch { } + assert_false(trustedTypes.isScriptURL({})); }, 'TrustedTypePolicyFactory.isScriptURL cannot be redefined.'); test(t => { - try { TrustedTypes.isURL = () => 'fake'; } catch { } - assert_false(TrustedTypes.isURL({})); + try { trustedTypes.isURL = () => 'fake'; } catch { } + assert_false(trustedTypes.isURL({})); }, 'TrustedTypePolicyFactory.isURL cannot be redefined.'); // Redefinition tests, via Object.defineProperty. test(t => { try { Object.defineProperty(TrustedTypes, 'isHTML', () => 'fake'); } catch { } - assert_false(TrustedTypes.isHTML({})); + assert_false(trustedTypes.isHTML({})); }, 'TrustedTypePolicyFactory.IsHTML cannot be redefined via defineProperty.'); test(t => { try { Object.defineProperty(TrustedTypes, 'isScript', () => 'fake'); } catch { } - assert_false(TrustedTypes.isScript({})); + assert_false(trustedTypes.isScript({})); }, 'TrustedTypePolicyFactory.isScript cannot be redefined via definePropert.'); test(t => { try { Object.defineProperty(TrustedTypes, 'isScriptURL', () => 'fake'); } catch { } - assert_false(TrustedTypes.isScriptURL({})); + assert_false(trustedTypes.isScriptURL({})); }, 'TrustedTypePolicyFactory.isScriptURL cannot be redefined via definePropert.'); test(t => { try { Object.defineProperty(TrustedTypes, 'isURL', () => 'fake'); } catch { } - assert_false(TrustedTypes.isURL({})); + assert_false(trustedTypes.isURL({})); }, 'TrustedTypePolicyFactory.isURL cannot be redefined via definePropert.'); </script>
--- a/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-metadata.tentative.html +++ b/testing/web-platform/tests/trusted-types/TrustedTypePolicyFactory-metadata.tentative.html @@ -4,17 +4,17 @@ <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> <body> <div id="target"></div> <script> - const policy = TrustedTypes.createPolicy("anythinggoes", { + const policy = trustedTypes.createPolicy("anythinggoes", { "createHTML": x => x, "createScript": x => x, "createURL": x => x, "createScriptURL": x => x, }); const create_value = { "TrustedHTML": policy.createHTML("hello"), @@ -36,17 +36,17 @@ let properties = ['madeup', 'id', "onerror", "onclick"]; const types = [null, "TrustedHTML", "TrustedScript", "TrustedScriptURL", "TrustedURL"]; // We'll wrap construction of the elements/properties list in a test, mainly // so we'll get decent error messages when it might fail. test(t => { // Collect all element and property names from getTypeMapping(). - const map = TrustedTypes.getTypeMapping(); + const map = trustedTypes.getTypeMapping(); for (let elem in map) { elements.push(elem); properties = properties.concat(Object.keys(map[elem].properties)); } // Remove "*" entries and de-duplicate properties. elements = elements.filter(s => !s.includes("*")); properties = properties.filter(s => !s.includes("*")); @@ -86,17 +86,17 @@ // - Some properties cause actions as side-effects (e.g. loading a // script), which will cause errors in the test (despite the actual // code-under-test meeting our expectations). This is handled with // a cleanup script which removes the element (and thus cancels // the loading actions). test(t => { const element = target.appendChild(document.createElement(elem)); t.add_cleanup(_ => element.remove()); - const expected_type = TrustedTypes.getPropertyType(elem, property); + const expected_type = trustedTypes.getPropertyType(elem, property); const value = create_value[type]; const test_fn = _ => { element[property] = value; }; if (type == expected_type || !expected_type) { test_fn(); let result_value = element[property]; switch (property) { // Node.innerText returns the rendered text of an Element, which // in this test case is usually empty. For this specific case, @@ -124,17 +124,17 @@ assert_throws(new TypeError(), test_fn, "throws"); } }, `Test assignment of ${type ? type : "string"} on ${elem}.${property}`); // And once more, for attributes. test(t => { const element = target.appendChild(document.createElement(elem)); t.add_cleanup(_ => element.remove()); - const expected_type = TrustedTypes.getAttributeType(elem, property); + const expected_type = trustedTypes.getAttributeType(elem, property); const value = create_value[type]; const test_fn = _ => { element.setAttribute(property, value); }; if (type == expected_type || !expected_type) { test_fn(); assert_equals("" + element.getAttribute(property), "" + value); } else { assert_throws(new TypeError(), test_fn, "throws"); }
--- a/testing/web-platform/tests/trusted-types/Window-TrustedTypes.tentative.html +++ b/testing/web-platform/tests/trusted-types/Window-TrustedTypes.tentative.html @@ -1,17 +1,17 @@ <!DOCTYPE html> <script src="/resources/testharness.js"></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <body> <script> test(t => { - let factory = window.TrustedTypes; + let factory = window.trustedTypes; assert_true(factory instanceof TrustedTypePolicyFactory); - }, "factory = window.TrustedTypes"); + }, "factory = window.trustedTypes"); test(t => { assert_throws(new TypeError(), _ => { let factory = new TrustedTypePolicyFactory(); }); }, "factory construction fails"); </script>
--- a/testing/web-platform/tests/trusted-types/WorkerGlobalScope-importScripts.https.html +++ b/testing/web-platform/tests/trusted-types/WorkerGlobalScope-importScripts.https.html @@ -13,17 +13,17 @@ // To test workers, we need to importScripts source files in the workers. // Since the point of this test is to test blocking of importScripts, we need // to set up one policy that will blindly pass through URLs for use in the test // setup, and then have additional policies for the actual test cases. // // For the same reason we cannot use the otherwise preferred 'META: workers' // tag, since that test setup would be blocked as soon as trusted types // enforcement is enabled. -const test_setup_policy = TrustedTypes.createPolicy("hurrayanythinggoes", { +const test_setup_policy = trustedTypes.createPolicy("hurrayanythinggoes", { createScriptURL: x => x}); const test_url = test_setup_policy.createScriptURL("support/WorkerGlobalScope-importScripts.https.js"); fetch_tests_from_worker(new Worker(test_url)); fetch_tests_from_worker(new SharedWorker(test_url));
--- a/testing/web-platform/tests/trusted-types/block-Node-multiple-arguments.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-Node-multiple-arguments.tentative.html @@ -5,17 +5,17 @@ <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> </head> <body> <div id="container"></div> <script> const container = document.querySelector("#container"); - const policy = window.TrustedTypes.createPolicy("policy", { + const policy = window.trustedTypes.createPolicy("policy", { createScript: t => t, }); function stringify(arg) { return "textContent" in arg.__proto__ ? arg.textContent : arg.toString() } // Test all combinations of: // - DOM methods: append, prepend, replaceWith, after, before
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-DOMParser-parseFromString.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-DOMParser-parseFromString.tentative.html @@ -28,17 +28,17 @@ var parser = new DOMParser(); assert_throws(new TypeError(), _ => { var doc = parser.parseFromString(null, "text/html"); }); }, "'document.innerText = null' throws"); // After default policy creation string assignment implicitly calls createHTML. test(t => { - let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); + let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); let parser = new DOMParser(); let doc = parser.parseFromString(INPUTS.HTML, "text/html"); assert_equals(doc.body.innerText, RESULTS.HTML); }, "'document.innerText = string' assigned via default policy (successful HTML transformation)."); // After default policy creation null assignment implicitly calls createHTML. test(t => { var parser = new DOMParser();
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.tentative.html @@ -51,17 +51,17 @@ test(t => { assert_throws(new TypeError(), _ => { setInterval(null); }); }, "`window.setInterval(null)` throws."); // After default policy creation string assignment implicitly calls createScript. test(t => { - let policy = window.TrustedTypes.createPolicy("default", { createScript: createScriptJS }, true); + let policy = window.trustedTypes.createPolicy("default", { createScript: createScriptJS }, true); setTimeout(INPUTS.SCRIPT); setInterval(INPUTS.SCRIPT); }, "`setTimeout(string)`, `setInterval(string)` via default policy (successful Script transformation)."); // After default policy creation null assignment implicitly calls createScript. test(t => { setTimeout(null); setInterval(null);
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Document-write.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Document-write.tentative.html @@ -57,17 +57,17 @@ test(t => { const old = document.body.innerText; assert_throws(new TypeError(), _ => { document.writeln(null); }); assert_equals(document.body.innerText, old); }, "`document.writeln(null)` throws"); - let default_policy = TrustedTypes.createPolicy('default', + let default_policy = trustedTypes.createPolicy('default', { createHTML: createHTMLJS }, true ); // Default policy works. test(t => { document.body.innerText = ''; document.write(INPUTS.HTML); assert_equals(document.body.innerText, RESULTS.HTML); }, "`document.write(string)` observes default policy");
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.tentative.html @@ -88,17 +88,17 @@ assert_equals(d.previousSibling, null); assert_equals(d.firstChild, null); assert_equals(d.lastChild, null); assert_equals(d.nextSibling, null); }, "`insertAdjacentHTML(null)` throws."); // After default policy creation string assignment implicitly calls createHTML. test(t => { - let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); + let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); var d = document.createElement('div'); container.appendChild(d); d.insertAdjacentHTML('beforebegin', INPUTS.HTML); assert_equals(d.previousSibling.nodeType, Node.TEXT_NODE); assert_equals(d.previousSibling.data, RESULTS.HTML);
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-outerHTML.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-outerHTML.tentative.html @@ -47,17 +47,17 @@ }); assert_equals(container.innerText, ""); while (container.firstChild) container.firstChild.remove(); }, "`outerHTML = null` throws."); // After default policy creation string assignment implicitly calls createHTML. test(t => { - let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); + let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); var d = document.createElement('div'); document.querySelector('#container').appendChild(d); d.outerHTML = INPUTS.HTML; assert_equals(container.innerText, RESULTS.HTML); while (container.firstChild) container.firstChild.remove();
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setAttribute.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Element-setAttribute.tentative.html @@ -4,17 +4,17 @@ <script src="/resources/testharness.js"></script> <script src="/resources/testharnessreport.js"></script> <script src="support/helper.sub.js"></script> <meta http-equiv="Content-Security-Policy" content="trusted-types *"> </head> <body> <script> - const nullPolicy = TrustedTypes.createPolicy('NullPolicy', {createScript: s => s}); + const nullPolicy = trustedTypes.createPolicy('NullPolicy', {createScript: s => s}); // TrustedURL Assignments const URLTestCases = [ [ 'a', 'href' ], [ 'area', 'href' ], [ 'base', 'href' ], [ 'button', 'formAction' ], [ 'form', 'action' ], @@ -88,17 +88,17 @@ assert_throws(new TypeError(), _ => { el.setAttribute('SrC', INPUTS.URL); }); assert_equals(el.src, ''); }, "`Element.prototype.setAttribute.SrC = string` throws."); // After default policy creation string and null assignments implicitly call createXYZ - let p = window.TrustedTypes.createPolicy("default", { createURL: createURLJS, createScriptURL: createScriptURLJS, createHTML: createHTMLJS, createScript: createScriptJS }, true); + let p = window.trustedTypes.createPolicy("default", { createURL: createURLJS, createScriptURL: createScriptURLJS, createHTML: createHTMLJS, createScript: createScriptJS }, true); URLTestCases.forEach(c => { test(t => { assert_element_accepts_trusted_type(c[0], c[1], INPUTS.URL, RESULTS.URL); assert_element_accepts_trusted_type(c[0], c[1], null, window.location.toString().replace(/[^\/]*$/, "null")); }, c[0] + "." + c[1] + " accepts string and null after default policy was created."); }); scriptURLTestCases.forEach(c => {
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-HTMLElement-generic.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-HTMLElement-generic.tentative.html @@ -64,17 +64,17 @@ test(t => { assert_element_accepts_trusted_html(window, ++testnb, t, c[0], c[1], RESULTS.HTML); assert_throws_no_trusted_type(c[0], c[1], 'A string'); assert_throws_no_trusted_type(c[0], c[1], null); }, c[0] + "." + c[1] + " accepts only TrustedHTML"); }); // After default policy creation string and null assignments implicitly call createHTML - let p = window.TrustedTypes.createPolicy("default", { createURL: createURLJS, createScriptURL: createScriptURLJS, createHTML: createHTMLJS }, true); + let p = window.trustedTypes.createPolicy("default", { createURL: createURLJS, createScriptURL: createScriptURLJS, createHTML: createHTMLJS }, true); URLTestCases.forEach(c => { test(t => { assert_element_accepts_trusted_type(c[0], c[1], INPUTS.URL, RESULTS.URL); assert_element_accepts_trusted_type(c[0], c[1], null, window.location.toString().replace(/[^\/]*$/, "null")); }, c[0] + "." + c[1] + " accepts string and null after default policy was created"); });
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Location-assign.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Location-assign.tentative.html @@ -31,17 +31,17 @@ let href = location.href; assert_throws(new TypeError(), _ => { location.assign(null); }); assert_equals(location.href, href); }, "`location.assign = null` throws"); // Create default policy. Applies to all subsequent tests. - let p = window.TrustedTypes.createPolicy("default", + let p = window.trustedTypes.createPolicy("default", { createURL: createLocationURLJS }, true); // After default policy creation string assignment implicitly calls createURL. test(t => { location.assign("abcdefg"); assert_true(location.href.endsWith("#abcdefg")); }, "`location.assign = string` via default policy (successful URL transformation).");
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Location-href.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Location-href.tentative.html @@ -31,17 +31,17 @@ let href = location.href; assert_throws(new TypeError(), _ => { location.href = null; }); assert_equals(location.href, href); }, "`location.href = null` throws"); // Create default policy. Applies to all subsequent tests. - let p = window.TrustedTypes.createPolicy("default", + let p = window.trustedTypes.createPolicy("default", { createURL: createLocationURLJS }, true); // After default policy creation string assignment implicitly calls createURL. test(t => { location.href = "xxxx"; assert_true(location.href.endsWith("#xxxx")); }, "`location.href = string` via default policy (successful URL transformation).");
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Location-replace.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Location-replace.tentative.html @@ -31,17 +31,17 @@ let href = location.href; assert_throws(new TypeError(), _ => { location.replace(null); }); assert_equals(location.href, href); }, "`location.replace = null` throws"); // Create default policy. Applies to all subsequent tests. - let p = window.TrustedTypes.createPolicy("default", + let p = window.trustedTypes.createPolicy("default", { createURL: createLocationURLJS }, true); // After default policy creation string assignment implicitly calls createURL. test(t => { location.replace("potato"); assert_true(location.href.endsWith("#potato")); }, "`location.replace = string` via default policy (successful URL transformation).");
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Range-createContextualFragment.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Range-createContextualFragment.tentative.html @@ -31,17 +31,17 @@ range.selectNodeContents(document.documentElement); assert_throws(new TypeError(), _ => { var result = range.createContextualFragment(null); }); }, "`range.createContextualFragment(null)` throws."); // After default policy creation string assignment implicitly calls createHTML test(t => { - let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); + let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true); var range = document.createRange(); range.selectNodeContents(document.documentElement); var result = range.createContextualFragment(INPUTS.HTML); assert_equals(result.textContent, RESULTS.HTML); }, "`range.createContextualFragment(string)` assigned via default policy (successful HTML transformation)."); // After default policy creation null assignment implicitly calls createHTML test(t => {
--- a/testing/web-platform/tests/trusted-types/block-string-assignment-to-Window-open.tentative.html +++ b/testing/web-platform/tests/trusted-types/block-string-assignment-to-Window-open.tentative.html @@ -59,17 +59,17 @@ testWindowThrows(t, null, window, ++testnb); }, "`window.open(null)` throws."); test(t => { testWindowThrows(t, null, document, ++testnb); }, "`document.open(null)` throws."); // After default policy creation string assignment implicitly calls createURL. - let p = window.TrustedTypes.createPolicy("default", { createURL: createURLJS }, true); + let p = window.trustedTypes.createPolicy("default", { createURL: createURLJS }, true); test(t => { testWindowDoesntThrow(t, INPUTS.URL, RESULTS.URL, window); }, "'window.open(string)' assigned via default policy (successful URL transformation)."); test(t => { testWindowDoesntThrow(t, INPUTS.URL, RESULTS.URL, document); }, "'document.open(string)' assigned via default policy (successful URL transformation).");
--- a/testing/web-platform/tests/trusted-types/default-policy-report-only.tentative.html +++ b/testing/web-platform/tests/trusted-types/default-policy-report-only.tentative.html @@ -65,17 +65,17 @@ function policy(str) { else if (str == "typeerror") return document.bla(); else if (str == "done") return null; else return "sanitized: " + str; } -TrustedTypes.createPolicy("default", { +trustedTypes.createPolicy("default", { createURL: policy, createScriptURL: policy, createHTML: policy, createScript: policy }); testCases.forEach(c => { const name = `${c[0]}.${c[1]} `;
--- a/testing/web-platform/tests/trusted-types/default-policy.tentative.html +++ b/testing/web-platform/tests/trusted-types/default-policy.tentative.html @@ -65,17 +65,17 @@ function policy(str) { else if (str == "typeerror") return document.bla(); else if (str == "done") return null; else return "sanitized: " + str; } -TrustedTypes.createPolicy("default", { +trustedTypes.createPolicy("default", { createURL: policy, createScriptURL: policy, createHTML: policy, createScript: policy }); testCases.forEach(c => { const name = `${c[0]}.${c[1]} `;
--- a/testing/web-platform/tests/trusted-types/eval-with-permissive-csp.tentative.html +++ b/testing/web-platform/tests/trusted-types/eval-with-permissive-csp.tentative.html @@ -20,15 +20,15 @@ assert_equals(a, 0); }, "eval with plain string with Trusted Types and permissive CSP throws (no type)."); test(t => { let s = eval(p.createScript('"Hello transformed string"')); assert_equals("" + s, "Hello a cat string"); }, "eval with TrustedScript and permissive CSP works."); - TrustedTypes.createPolicy("default", { createScript: createScriptJS }, true); + trustedTypes.createPolicy("default", { createScript: createScriptJS }, true); test(t => { let s = eval('"Hello transformed untrusted string"'); assert_equals(s, "Hello a cat untrusted string"); }, "eval with default policy and permissive CSP still obeys default policy."); </script>
--- a/testing/web-platform/tests/trusted-types/idlharness.window.js +++ b/testing/web-platform/tests/trusted-types/idlharness.window.js @@ -1,18 +1,18 @@ // META: script=/resources/WebIDLParser.js // META: script=/resources/idlharness.js idl_test( ['trusted-types.tentative'], ['dom', 'html'], idl_array => { idl_array.add_objects({ - TrustedTypePolicyFactory: ['window.TrustedTypes'], - TrustedTypePolicy: ['window.TrustedTypes.createPolicy("SomeName", { createHTML: s => s })'], - TrustedHTML: ['window.TrustedTypes.createPolicy("SomeName1", { createHTML: s => s }).createHTML("A string")'], - TrustedScript: ['window.TrustedTypes.createPolicy("SomeName2", { createScript: s => s }).createScript("A string")'], - TrustedScriptURL: ['window.TrustedTypes.createPolicy("SomeName3", { createScriptURL: s => s }).createScriptURL("A string")'], - TrustedURL: ['window.TrustedTypes.createPolicy("SomeName4", { createURL: s => s }).createURL("A string")'] + TrustedTypePolicyFactory: ['window.trustedTypes'], + TrustedTypePolicy: ['window.trustedTypes.createPolicy("SomeName", { createHTML: s => s })'], + TrustedHTML: ['window.trustedTypes.createPolicy("SomeName1", { createHTML: s => s }).createHTML("A string")'], + TrustedScript: ['window.trustedTypes.createPolicy("SomeName2", { createScript: s => s }).createScript("A string")'], + TrustedScriptURL: ['window.trustedTypes.createPolicy("SomeName3", { createScriptURL: s => s }).createScriptURL("A string")'], + TrustedURL: ['window.trustedTypes.createPolicy("SomeName4", { createURL: s => s }).createURL("A string")'] }); }, 'Trusted Types' );
--- a/testing/web-platform/tests/trusted-types/support/WorkerGlobalScope-importScripts.https.js +++ b/testing/web-platform/tests/trusted-types/support/WorkerGlobalScope-importScripts.https.js @@ -1,31 +1,31 @@ -let test_setup_policy = TrustedTypes.createPolicy("hurrayanythinggoes", { +let test_setup_policy = trustedTypes.createPolicy("hurrayanythinggoes", { createScriptURL: x => x }); importScripts(test_setup_policy.createScriptURL("/resources/testharness.js")); // Determine worker type (for better logging) let worker_type = "unknown"; if (this.DedicatedWorkerGlobalScope !== undefined) { worker_type = "dedicated worker"; } else if (this.SharedWorkerGlobalScope !== undefined) { worker_type = "shared worker"; } else if (this.ServiceWorkerGlobalScope !== undefined) { worker_type = "service worker"; } -let test_policy = TrustedTypes.createPolicy("xxx", { +let test_policy = trustedTypes.createPolicy("xxx", { createScriptURL: url => url.replace("play", "work") }); test(t => { self.result = "Fail"; let trusted_url = test_policy.createScriptURL("player.js"); - assert_true(this.TrustedTypes.isScriptURL(trusted_url)); + assert_true(this.trustedTypes.isScriptURL(trusted_url)); importScripts(trusted_url); // worker.js modifies self.result. assert_equals(self.result, "Pass"); }, "importScripts with TrustedScriptURL works in " + worker_type); test(t => { let untrusted_url = "player.js"; assert_throws(new TypeError(), function() { importScripts(untrusted_url) }, @@ -58,17 +58,17 @@ test(t => { let untrusted_url = "player.js"; let trusted_url = test_policy.createScriptURL(untrusted_url); assert_throws(new TypeError(), function() { importScripts(untrusted_url, trusted_url) }, "importScripts(untrusted_url, trusted_url)"); }, "importScripts with two URLs, one trusted, in " + worker_type); // Test default policy application: -TrustedTypes.createPolicy("default", { +trustedTypes.createPolicy("default", { createScriptURL: url => url.replace("play", "work") }, true); test(t => { self.result = "Fail"; let untrusted_url = "player.js"; importScripts(untrusted_url); assert_equals(self.result, "Pass"); }, "importScripts with untrusted URLs and default policy works in " + worker_type);
--- a/testing/web-platform/tests/trusted-types/support/helper.sub.js +++ b/testing/web-platform/tests/trusted-types/support/helper.sub.js @@ -35,29 +35,29 @@ function createURLJS(url) { // to the new location will navigate away from the test. To fix this, we'll // have a policy that will just stick the argument into the fragment identifier // of the current location.href. function createLocationURLJS(value) { return location.href.replace(/#.*/g, "") + "#" + value; } function createHTML_policy(win, c) { - return win.TrustedTypes.createPolicy('SomeHTMLPolicyName' + c, { createHTML: createHTMLJS }); + return win.trustedTypes.createPolicy('SomeHTMLPolicyName' + c, { createHTML: createHTMLJS }); } function createScript_policy(win, c) { - return win.TrustedTypes.createPolicy('SomeScriptPolicyName' + c, { createScript: createScriptJS }); + return win.trustedTypes.createPolicy('SomeScriptPolicyName' + c, { createScript: createScriptJS }); } function createScriptURL_policy(win, c) { - return win.TrustedTypes.createPolicy('SomeScriptURLPolicyName' + c, { createScriptURL: createScriptURLJS }); + return win.trustedTypes.createPolicy('SomeScriptURLPolicyName' + c, { createScriptURL: createScriptURLJS }); } function createURL_policy(win, c) { - return win.TrustedTypes.createPolicy('SomeURLPolicyName' + c, { createURL: createURLJS }); + return win.trustedTypes.createPolicy('SomeURLPolicyName' + c, { createURL: createURLJS }); } function assert_element_accepts_trusted_html(win, c, t, tag, attribute, expected) { let p = createHTML_policy(win, c); let html = p.createHTML(INPUTS.HTML); assert_element_accepts_trusted_type(tag, attribute, html, expected); }
--- a/testing/web-platform/tests/trusted-types/trusted-types-eval-reporting-no-unsafe-eval.tentative.https.html +++ b/testing/web-platform/tests/trusted-types/trusted-types-eval-reporting-no-unsafe-eval.tentative.https.html @@ -43,26 +43,26 @@ } // Like assert_throws, but we don't care about the exact error. We just want // to run the code and continue. function expect_throws(fn) { try { fn(); assert_unreached(); } catch (err) { /* ignore */ } } - // A sample policy we use to test TrustedTypes.createPolicy behaviour. + // A sample policy we use to test trustedTypes.createPolicy behaviour. const id = x => x; const a_policy = { createHTML: id, createScriptURL: id, createURL: id, createScript: id, }; - const scriptyPolicy = TrustedTypes.createPolicy('allowEval', a_policy); + const scriptyPolicy = trustedTypes.createPolicy('allowEval', a_policy); // Provoke/wait for a CSP violation, in order to be sure that all previous // CSP violations have been delivered. function promise_flush() { return promise_violation("plugin-types bla/blubb"); } function flush() { expect_throws(_ => { @@ -91,17 +91,17 @@ expect_throws(_ => eval('script_run_beacon="should not run"')); eval(scriptyPolicy.createScript('script_run_beacon="i ran"')); flush(); assert_not_equals(script_run_beacon, 'i ran'); // Code did not run. return p; }, "Trusted Type violation report: evaluating a Trusted Script violates script-src."); promise_test(t => { - TrustedTypes.createPolicy('default', { + trustedTypes.createPolicy('default', { createScript: s => s.replace('payload', 'default policy'), }, true); let p = Promise.resolve() .then(promise_violation((e) => e.effectiveDirective.includes('script-src') && e.sample.includes("default policy"))) .then(promise_flush()); expect_throws(_ => eval('script_run_beacon="payload"')); // script-src will block.
--- a/testing/web-platform/tests/trusted-types/trusted-types-eval-reporting-report-only.tentative.https.html +++ b/testing/web-platform/tests/trusted-types/trusted-types-eval-reporting-report-only.tentative.https.html @@ -43,26 +43,26 @@ } // Like assert_throws, but we don't care about the exact error. We just want // to run the code and continue. function expect_throws(fn) { try { fn(); assert_unreached(); } catch (err) { /* ignore */ } } - // A sample policy we use to test TrustedTypes.createPolicy behaviour. + // A sample policy we use to test trustedTypes.createPolicy behaviour. const id = x => x; const a_policy = { createHTML: id, createScriptURL: id, createURL: id, createScript: id, }; - const scriptyPolicy = TrustedTypes.createPolicy('allowEval', a_policy); + const scriptyPolicy = trustedTypes.createPolicy('allowEval', a_policy); // Provoke/wait for a CSP violation, in order to be sure that all previous // CSP violations have been delivered. function promise_flush() { return promise_violation("plugin-types bla/blubb"); } function flush() { expect_throws(_ => { @@ -88,17 +88,17 @@ let p = promise_flush()(); eval(scriptyPolicy.createScript('script_run_beacon="trusted-script-ok"')); flush(); assert_equals(script_run_beacon, 'trusted-script-ok'); return p; }, "Trusted Type violation report: evaluating a Trusted Script."); promise_test(t => { - TrustedTypes.createPolicy('default', { + trustedTypes.createPolicy('default', { createScript: s => s.replace('payload', 'default policy'), }, true); let p = promise_flush()(); eval('script_run_beacon="payload"'); assert_equals(script_run_beacon, 'default policy'); flush(); return p; }, "Trusted Type violation report: default policy runs in report-only mode.");
--- a/testing/web-platform/tests/trusted-types/trusted-types-eval-reporting.tentative.https.html +++ b/testing/web-platform/tests/trusted-types/trusted-types-eval-reporting.tentative.https.html @@ -37,25 +37,25 @@ } // Like assert_throws, but we don't care about the exact error. We just want // to run the code and continue. function expect_throws(fn) { try { fn(); assert_unreached(); } catch (err) { /* ignore */ } } - // A sample policy we use to test TrustedTypes.createPolicy behaviour. + // A sample policy we use to test trustedTypes.createPolicy behaviour. const id = x => x; const a_policy = { createHTML: id, createScriptURL: id, createURL: id, createScript: id, }; - const scriptyPolicy = TrustedTypes.createPolicy('allowEval', a_policy); + const scriptyPolicy = trustedTypes.createPolicy('allowEval', a_policy); // Provoke/wait for a CSP violation, in order to be sure that all previous // CSP violations have been delivered. function promise_flush() { return promise_violation("plugin-types bla/blubb"); } function flush() { expect_throws(_ => { @@ -83,17 +83,17 @@ eval(scriptyPolicy.createScript('beacon="i ran"')); assert_equals(beacon, 'i ran'); flush(); return p; }, "Trusted Type violation report: evaluating a Trusted Script."); promise_test(t => { let beacon = 'never_overwritten'; - TrustedTypes.createPolicy('default', { + trustedTypes.createPolicy('default', { createScript: s => s.replace('payload', 'default policy'), }, true); let p = promise_flush()(); eval('beacon="payload"'); assert_equals(beacon, 'default policy'); flush(); return p; }, "Trusted Type violation report: default policy transforms the script before CSP checks runs.");
--- a/testing/web-platform/tests/trusted-types/trusted-types-report-only.tentative.https.html +++ b/testing/web-platform/tests/trusted-types/trusted-types-report-only.tentative.https.html @@ -29,19 +29,19 @@ e.stopPropagation(); resolve(e); } } document.addEventListener("securitypolicyviolation", handler); }); } - // A sample policy we use to test TrustedTypes.createPolicy behaviour. + // A sample policy we use to test trustedTypes.createPolicy behaviour. const id = x => x; - const policy = TrustedTypes.createPolicy("two", { + const policy = trustedTypes.createPolicy("two", { createHTML: id, createScriptURL: id, createURL: id, createScript: id, }); promise_test(t => {
--- a/testing/web-platform/tests/trusted-types/trusted-types-reporting-check-report.https.html +++ b/testing/web-platform/tests/trusted-types/trusted-types-reporting-check-report.https.html @@ -10,13 +10,13 @@ Set-Cookie: trusted-types-reporting-check-report={{$id:uuid()}}; Path=/trusted-types/ Content-Security-Policy-Report-Only: \ trusted-types one two; \ report-uri ../content-security-policy/support/report.py?op=put&reportID={{$id}} --> </head> <body> <script> - TrustedTypes.createPolicy("three", {}); + trustedTypes.createPolicy("three", {}); </script> <script async defer src='../content-security-policy/support/checkReport.sub.js?reportField=violated-directive&reportValue=trusted-types'></script> </body> </html>
--- a/testing/web-platform/tests/trusted-types/trusted-types-reporting.tentative.https.html +++ b/testing/web-platform/tests/trusted-types/trusted-types-reporting.tentative.https.html @@ -67,17 +67,17 @@ } } function expect_blocked_uri(s) { return e => { assert_true(e.blockedURI === s, `expected "${e.blockedURI}" to be "${s}".`); return e; } } - // A sample policy we use to test TrustedTypes.createPolicy behaviour. + // A sample policy we use to test trustedTypes.createPolicy behaviour. const id = x => x; const a_policy = { createHTML: id, createScriptURL: id, createURL: id, createScript: id, }; @@ -96,36 +96,36 @@ promise_test(t => { let p = Promise.resolve() .then(promise_violation("trusted-types one")) .then(promise_violation("trusted-types two")) .then(expect_sample("three")) .then(expect_blocked_uri("trusted-types-policy")) .then(promise_flush()); - expect_throws(_ => TrustedTypes.createPolicy("three", a_policy)); + expect_throws(_ => trustedTypes.createPolicy("three", a_policy)); flush(); return p; }, "Trusted Type violation report: creating a forbidden policy."); promise_test(t => { let p = promise_flush()(); - expect_throws(_ => TrustedTypes.createPolicy("two", a_policy)); + expect_throws(_ => trustedTypes.createPolicy("two", a_policy)); flush(); return p; }, "Trusted Type violation report: creating a report-only-forbidden policy."); // policy_one is set below, and used in several tests further down. let policy_one = null; promise_test(t => { let p = Promise.resolve() .then(promise_violation("trusted-types two")) .then(promise_flush()); - policy_one = TrustedTypes.createPolicy("one", a_policy); + policy_one = trustedTypes.createPolicy("one", a_policy); flush(); return p; }, "Trusted Type violation report: creating a forbidden-but-not-reported policy."); promise_test(t => { let p = promise_violation("trusted-types two")(); expect_throws(_ => document.getElementById("anchor").href = url); return p;