diff options
| author | Tim van der Lippe <TimvdLippe@users.noreply.github.com> | 2025-05-12 12:53:03 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-05-12 10:53:03 +0000 |
| commit | d780fb7695b6f97aa20de91f1807a19f29d7d0d7 (patch) | |
| tree | 5223030e71b371b768bf18c12e2499501d70f4ee | |
| parent | a0dd2c1bebbc238d2fe36b1134acfbc842c1f084 (diff) | |
| download | servo-d780fb7695b6f97aa20de91f1807a19f29d7d0d7.tar.gz servo-d780fb7695b6f97aa20de91f1807a19f29d7d0d7.zip | |
Implement trusted HTML sinks for Element (#36941)
Also implements a conversion for `TrustedHTMLOrNullIsEmptyString`
to `TrustedHTMLOrString` to avoid introducing a separate
`get_trusted_script_compliant_string` for the new type.
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
27 files changed, 118 insertions, 212 deletions
diff --git a/components/script/dom/element.rs b/components/script/dom/element.rs index 5c79dbc0a5b..f094d3b728a 100644 --- a/components/script/dom/element.rs +++ b/components/script/dom/element.rs @@ -63,6 +63,7 @@ use xml5ever::serialize::TraversalScope::{ ChildrenOnly as XmlChildrenOnly, IncludeNode as XmlIncludeNode, }; +use crate::conversions::Convert; use crate::dom::activation::Activatable; use crate::dom::attr::{Attr, AttrHelpersForLayout}; use crate::dom::bindings::cell::{DomRefCell, Ref, RefMut, ref_filter_map}; @@ -80,7 +81,9 @@ use crate::dom::bindings::codegen::Bindings::ShadowRootBinding::{ use crate::dom::bindings::codegen::Bindings::WindowBinding::{ ScrollBehavior, ScrollToOptions, WindowMethods, }; -use crate::dom::bindings::codegen::UnionTypes::{NodeOrString, TrustedScriptURLOrUSVString}; +use crate::dom::bindings::codegen::UnionTypes::{ + NodeOrString, TrustedHTMLOrNullIsEmptyString, TrustedHTMLOrString, TrustedScriptURLOrUSVString, +}; use crate::dom::bindings::conversions::DerivedFrom; use crate::dom::bindings::error::{Error, ErrorResult, Fallible}; use crate::dom::bindings::inheritance::{Castable, ElementTypeId, HTMLElementTypeId, NodeTypeId}; @@ -152,6 +155,7 @@ use crate::dom::raredata::ElementRareData; use crate::dom::servoparser::ServoParser; use crate::dom::shadowroot::{IsUserAgentWidget, ShadowRoot}; use crate::dom::text::Text; +use crate::dom::trustedhtml::TrustedHTML; use crate::dom::validation::Validatable; use crate::dom::validitystate::ValidationFlags; use crate::dom::virtualmethods::{VirtualMethods, vtable_for}; @@ -2322,18 +2326,25 @@ impl Element { Ok(fragment) } + /// Step 4 of <https://html.spec.whatwg.org/multipage/#dom-element-insertadjacenthtml> pub(crate) fn fragment_parsing_context( owner_doc: &Document, element: Option<&Self>, can_gc: CanGc, ) -> DomRoot<Self> { + // If context is not an Element or all of the following are true: match element { Some(elem) + // context's node document is an HTML document; + // context's local name is "html"; and + // context's namespace is the HTML namespace, if elem.local_name() != &local_name!("html") || !elem.html_element_in_html_document() => { DomRoot::from_ref(elem) }, + // set context to the result of creating an element + // given this's node document, "body", and the HTML namespace. _ => DomRoot::upcast(HTMLBodyElement::new( local_name!("body"), None, @@ -2446,6 +2457,13 @@ impl Element { Dom::from_ref(&*ElementInternals::new(elem, can_gc)) })) } + + pub(crate) fn outer_html(&self, can_gc: CanGc) -> Fallible<DOMString> { + match self.GetOuterHTML(can_gc)? { + TrustedHTMLOrNullIsEmptyString::NullIsEmptyString(str) => Ok(str), + TrustedHTMLOrNullIsEmptyString::TrustedHTML(_) => unreachable!(), + } + } } impl ElementMethods<crate::DomTypeHolder> for Element { @@ -3100,7 +3118,17 @@ impl ElementMethods<crate::DomTypeHolder> for Element { } /// <https://html.spec.whatwg.org/multipage/#dom-element-sethtmlunsafe> - fn SetHTMLUnsafe(&self, html: DOMString, can_gc: CanGc) { + fn SetHTMLUnsafe(&self, html: TrustedHTMLOrString, can_gc: CanGc) -> ErrorResult { + // Step 1. Let compliantHTML be the result of invoking the + // Get Trusted Type compliant string algorithm with TrustedHTML, + // this's relevant global object, html, "Element setHTMLUnsafe", and "script". + let html = DOMString::from(TrustedHTML::get_trusted_script_compliant_string( + &self.owner_global(), + html, + "Element", + "setHTMLUnsafe", + can_gc, + )?); // Step 2. Let target be this's template contents if this is a template element; otherwise this. let target = if let Some(template) = self.downcast::<HTMLTemplateElement>() { DomRoot::upcast(template.Content(can_gc)) @@ -3110,6 +3138,7 @@ impl ElementMethods<crate::DomTypeHolder> for Element { // Step 3. Unsafely set HTML given target, this, and compliantHTML Node::unsafely_set_html(&target, self, html, can_gc); + Ok(()) } /// <https://html.spec.whatwg.org/multipage/#dom-element-gethtml> @@ -3125,7 +3154,7 @@ impl ElementMethods<crate::DomTypeHolder> for Element { } /// <https://html.spec.whatwg.org/multipage/#dom-element-innerhtml> - fn GetInnerHTML(&self, can_gc: CanGc) -> Fallible<DOMString> { + fn GetInnerHTML(&self, can_gc: CanGc) -> Fallible<TrustedHTMLOrNullIsEmptyString> { let qname = QualName::new( self.prefix().clone(), self.namespace().clone(), @@ -3142,16 +3171,28 @@ impl ElementMethods<crate::DomTypeHolder> for Element { .xml_serialize(XmlChildrenOnly(Some(qname))) }; - Ok(result) + Ok(TrustedHTMLOrNullIsEmptyString::NullIsEmptyString(result)) } /// <https://html.spec.whatwg.org/multipage/#dom-element-innerhtml> - fn SetInnerHTML(&self, value: DOMString, can_gc: CanGc) -> ErrorResult { - // Step 2. + fn SetInnerHTML(&self, value: TrustedHTMLOrNullIsEmptyString, can_gc: CanGc) -> ErrorResult { + // Step 1: Let compliantString be the result of invoking the + // Get Trusted Type compliant string algorithm with TrustedHTML, + // this's relevant global object, the given value, "Element innerHTML", and "script". + let value = DOMString::from(TrustedHTML::get_trusted_script_compliant_string( + &self.owner_global(), + value.convert(), + "Element", + "innerHTML", + can_gc, + )?); // https://github.com/w3c/DOM-Parsing/issues/1 let target = if let Some(template) = self.downcast::<HTMLTemplateElement>() { + // Step 4: If context is a template element, then set context to + // the template element's template contents (a DocumentFragment). DomRoot::upcast(template.Content(can_gc)) } else { + // Step 2: Let context be this. DomRoot::from_ref(self.upcast()) }; @@ -3168,15 +3209,17 @@ impl ElementMethods<crate::DomTypeHolder> for Element { return Ok(()); } - // Step 1. + // Step 3: Let fragment be the result of invoking the fragment parsing algorithm steps + // with context and compliantString. let frag = self.parse_fragment(value, can_gc)?; + // Step 5: Replace all with fragment within context. Node::replace_all(Some(frag.upcast()), &target, can_gc); Ok(()) } /// <https://html.spec.whatwg.org/multipage/#dom-element-outerhtml> - fn GetOuterHTML(&self, can_gc: CanGc) -> Fallible<DOMString> { + fn GetOuterHTML(&self, can_gc: CanGc) -> Fallible<TrustedHTMLOrNullIsEmptyString> { // FIXME: This should use the fragment serialization algorithm, which takes // care of distinguishing between html/xml documents let result = if self.owner_document().is_html_document() { @@ -3186,27 +3229,39 @@ impl ElementMethods<crate::DomTypeHolder> for Element { self.upcast::<Node>().xml_serialize(XmlIncludeNode) }; - Ok(result) + Ok(TrustedHTMLOrNullIsEmptyString::NullIsEmptyString(result)) } /// <https://html.spec.whatwg.org/multipage/#dom-element-outerhtml> - fn SetOuterHTML(&self, value: DOMString, can_gc: CanGc) -> ErrorResult { + fn SetOuterHTML(&self, value: TrustedHTMLOrNullIsEmptyString, can_gc: CanGc) -> ErrorResult { + // Step 1: Let compliantString be the result of invoking the + // Get Trusted Type compliant string algorithm with TrustedHTML, + // this's relevant global object, the given value, "Element outerHTML", and "script". + let value = DOMString::from(TrustedHTML::get_trusted_script_compliant_string( + &self.owner_global(), + value.convert(), + "Element", + "outerHTML", + can_gc, + )?); let context_document = self.owner_document(); let context_node = self.upcast::<Node>(); - // Step 1. + // Step 2: Let parent be this's parent. let context_parent = match context_node.GetParentNode() { None => { - // Step 2. + // Step 3: If parent is null, return. There would be no way to + // obtain a reference to the nodes created even if the remaining steps were run. return Ok(()); }, Some(parent) => parent, }; let parent = match context_parent.type_id() { - // Step 3. + // Step 4: If parent is a Document, throw a "NoModificationAllowedError" DOMException. NodeTypeId::Document(_) => return Err(Error::NoModificationAllowed), - // Step 4. + // Step 5: If parent is a DocumentFragment, set parent to the result of + // creating an element given this's node document, "body", and the HTML namespace. NodeTypeId::DocumentFragment(_) => { let body_elem = Element::create( QualName::new(None, ns!(html), local_name!("body")), @@ -3222,9 +3277,10 @@ impl ElementMethods<crate::DomTypeHolder> for Element { _ => context_node.GetParentElement().unwrap(), }; - // Step 5. + // Step 6: Let fragment be the result of invoking the + // fragment parsing algorithm steps given parent and compliantString. let frag = parent.parse_fragment(value, can_gc)?; - // Step 6. + // Step 7: Replace this with fragment within this's parent. context_parent.ReplaceChild(frag.upcast(), context_node, can_gc)?; Ok(()) } @@ -3391,38 +3447,57 @@ impl ElementMethods<crate::DomTypeHolder> for Element { fn InsertAdjacentHTML( &self, position: DOMString, - text: DOMString, + text: TrustedHTMLOrString, can_gc: CanGc, ) -> ErrorResult { - // Step 1. + // Step 1: Let compliantString be the result of invoking the + // Get Trusted Type compliant string algorithm with TrustedHTML, + // this's relevant global object, string, "Element insertAdjacentHTML", and "script". + let text = DOMString::from(TrustedHTML::get_trusted_script_compliant_string( + &self.owner_global(), + text, + "Element", + "insertAdjacentHTML", + can_gc, + )?); let position = position.parse::<AdjacentPosition>()?; + // Step 2: Let context be null. + // Step 3: Use the first matching item from this list: let context = match position { + // If position is an ASCII case-insensitive match for the string "beforebegin" + // If position is an ASCII case-insensitive match for the string "afterend" AdjacentPosition::BeforeBegin | AdjacentPosition::AfterEnd => { match self.upcast::<Node>().GetParentNode() { + // Step 3.2: If context is null or a Document, throw a "NoModificationAllowedError" DOMException. Some(ref node) if node.is::<Document>() => { return Err(Error::NoModificationAllowed); }, None => return Err(Error::NoModificationAllowed), + // Step 3.1: Set context to this's parent. Some(node) => node, } }, + // If position is an ASCII case-insensitive match for the string "afterbegin" + // If position is an ASCII case-insensitive match for the string "beforeend" AdjacentPosition::AfterBegin | AdjacentPosition::BeforeEnd => { + // Set context to this. DomRoot::from_ref(self.upcast::<Node>()) }, }; - // Step 2. + // Step 4. let context = Element::fragment_parsing_context( &context.owner_doc(), context.downcast::<Element>(), can_gc, ); - // Step 3. + // Step 5: Let fragment be the result of invoking the + // fragment parsing algorithm steps with context and compliantString. let fragment = context.parse_fragment(text, can_gc)?; - // Step 4. + // Step 6. self.insert_adjacent(position, fragment.upcast(), can_gc) .map(|_| ()) } diff --git a/components/script/dom/trustedhtml.rs b/components/script/dom/trustedhtml.rs index 8508f28c150..d1ca3cd5e71 100644 --- a/components/script/dom/trustedhtml.rs +++ b/components/script/dom/trustedhtml.rs @@ -6,8 +6,11 @@ use std::fmt; use dom_struct::dom_struct; +use crate::conversions::Convert; use crate::dom::bindings::codegen::Bindings::TrustedHTMLBinding::TrustedHTMLMethods; -use crate::dom::bindings::codegen::UnionTypes::TrustedHTMLOrString; +use crate::dom::bindings::codegen::UnionTypes::{ + TrustedHTMLOrNullIsEmptyString, TrustedHTMLOrString, +}; use crate::dom::bindings::error::Fallible; use crate::dom::bindings::reflector::{Reflector, reflect_dom_object}; use crate::dom::bindings::root::DomRoot; @@ -80,3 +83,16 @@ impl TrustedHTMLMethods<crate::DomTypeHolder> for TrustedHTML { DOMString::from(&*self.data) } } + +impl Convert<TrustedHTMLOrString> for TrustedHTMLOrNullIsEmptyString { + fn convert(self) -> TrustedHTMLOrString { + match self { + TrustedHTMLOrNullIsEmptyString::TrustedHTML(trusted_html) => { + TrustedHTMLOrString::TrustedHTML(trusted_html) + }, + TrustedHTMLOrNullIsEmptyString::NullIsEmptyString(str) => { + TrustedHTMLOrString::String(str) + }, + } + } +} diff --git a/components/script/webdriver_handlers.rs b/components/script/webdriver_handlers.rs index 330ae4f0788..6b4264d945e 100644 --- a/components/script/webdriver_handlers.rs +++ b/components/script/webdriver_handlers.rs @@ -902,7 +902,7 @@ pub(crate) fn handle_get_page_source( .find_document(pipeline) .ok_or(ErrorStatus::UnknownError) .and_then(|document| match document.GetDocumentElement() { - Some(element) => match element.GetOuterHTML(can_gc) { + Some(element) => match element.outer_html(can_gc) { Ok(source) => Ok(source.to_string()), Err(_) => { match XMLSerializer::new(document.window(), None, can_gc) diff --git a/components/script_bindings/webidls/Element.webidl b/components/script_bindings/webidls/Element.webidl index 0d2e204ae52..42733b91929 100644 --- a/components/script_bindings/webidls/Element.webidl +++ b/components/script_bindings/webidls/Element.webidl @@ -82,7 +82,7 @@ interface Element : Node { [Throws] undefined insertAdjacentText(DOMString where_, DOMString data); [CEReactions, Throws] - undefined insertAdjacentHTML(DOMString position, DOMString html); + undefined insertAdjacentHTML(DOMString position, (TrustedHTML or DOMString) string); [Throws, Pref="dom_shadowdom_enabled"] ShadowRoot attachShadow(ShadowRootInit init); readonly attribute ShadowRoot? shadowRoot; @@ -122,11 +122,11 @@ partial interface Element { // https://html.spec.whatwg.org/multipage/#dom-parsing-and-serialization partial interface Element { - [CEReactions] undefined setHTMLUnsafe(DOMString html); + [CEReactions, Throws] undefined setHTMLUnsafe((TrustedHTML or DOMString) html); DOMString getHTML(optional GetHTMLOptions options = {}); - [CEReactions, Throws] attribute [LegacyNullToEmptyString] DOMString innerHTML; - [CEReactions, Throws] attribute [LegacyNullToEmptyString] DOMString outerHTML; + [CEReactions, Throws] attribute (TrustedHTML or [LegacyNullToEmptyString] DOMString) innerHTML; + [CEReactions, Throws] attribute (TrustedHTML or [LegacyNullToEmptyString] DOMString) outerHTML; }; dictionary GetHTMLOptions { diff --git a/tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini index 783a58399e0..282ea4398ee 100644 --- a/tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini +++ b/tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini @@ -16,6 +16,3 @@ [AsyncGenerator Function constructor is also clipped.] expected: FAIL - - [Trusted Types violation sample is clipped to 40 characters excluded the sink name.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/HTMLElement-generic.html.ini b/tests/wpt/meta/trusted-types/HTMLElement-generic.html.ini index 8ed1a875db3..ea201041595 100644 --- a/tests/wpt/meta/trusted-types/HTMLElement-generic.html.ini +++ b/tests/wpt/meta/trusted-types/HTMLElement-generic.html.ini @@ -1,22 +1,10 @@ [HTMLElement-generic.html] - [TT enabled: div.innerHTML\n = String on a\n connected element\n ] - expected: FAIL - - [TT enabled: div.innerHTML\n = String on a\n non-connected element\n ] - expected: FAIL - [TT enabled: iframe.srcdoc\n = String on a\n connected element\n ] expected: FAIL [TT enabled: iframe.srcdoc\n = String on a\n non-connected element\n ] expected: FAIL - [TT enabled: div.innerHTML\n = String on a\n connected element\n after removing the "require-trusted-types-for 'script' directive] - expected: FAIL - - [TT enabled: div.innerHTML\n = String on a\n non-connected element\n after removing the "require-trusted-types-for 'script' directive] - expected: FAIL - [TT enabled: iframe.srcdoc\n = String on a\n connected element\n after removing the "require-trusted-types-for 'script' directive] expected: FAIL diff --git a/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.html.ini b/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.html.ini deleted file mode 100644 index 1306015ff46..00000000000 --- a/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.html.ini +++ /dev/null @@ -1,12 +0,0 @@ -[block-string-assignment-to-Element-insertAdjacentHTML.html] - [`insertAdjacentHTML(string)` throws.] - expected: FAIL - - [`insertAdjacentHTML(string)` still throws TypeError when position invalid.] - expected: FAIL - - [`insertAdjacentHTML(null)` throws.] - expected: FAIL - - [`insertAdjacentHTML(string)` assigned via default policy (successful HTML transformation).] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-outerHTML.html.ini b/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-outerHTML.html.ini deleted file mode 100644 index e5abefcc766..00000000000 --- a/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-outerHTML.html.ini +++ /dev/null @@ -1,15 +0,0 @@ -[block-string-assignment-to-Element-outerHTML.html] - [`outerHTML = string` throws.] - expected: FAIL - - [`outerHTML = string` throws TypeError even when parent is a document.] - expected: FAIL - - [`outerHTML = null` throws.] - expected: FAIL - - [`outerHTML = string` assigned via default policy (successful HTML transformation).] - expected: FAIL - - [`outerHTML = null` assigned via default policy does not throw] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html.ini b/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html.ini deleted file mode 100644 index e6b59ba6714..00000000000 --- a/tests/wpt/meta/trusted-types/block-string-assignment-to-Element-setHTMLUnsafe.html.ini +++ /dev/null @@ -1,12 +0,0 @@ -[block-string-assignment-to-Element-setHTMLUnsafe.html] - [`element.setHTMLUnsafe(string)` throws.] - expected: FAIL - - [`element.setHTMLUnsafe(null)` throws.] - expected: FAIL - - [`element.setHTMLUnsafe(string)` assigned via default policy (successful HTML transformation).] - expected: FAIL - - [`element.setHTMLUnsafe(string)` assigned via default policy does not throw] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/block-string-assignment-to-HTMLElement-generic.html.ini b/tests/wpt/meta/trusted-types/block-string-assignment-to-HTMLElement-generic.html.ini index ed3a70b31ab..ed5b6d15978 100644 --- a/tests/wpt/meta/trusted-types/block-string-assignment-to-HTMLElement-generic.html.ini +++ b/tests/wpt/meta/trusted-types/block-string-assignment-to-HTMLElement-generic.html.ini @@ -1,12 +1,6 @@ [block-string-assignment-to-HTMLElement-generic.html] - [div.innerHTML accepts only TrustedHTML] - expected: FAIL - [iframe.srcdoc accepts only TrustedHTML] expected: FAIL - [div.innerHTML accepts string and null after default policy was created] - expected: FAIL - [iframe.srcdoc accepts string and null after default policy was created] expected: FAIL diff --git a/tests/wpt/meta/trusted-types/block-string-assignment-to-text-and-url-sinks.html.ini b/tests/wpt/meta/trusted-types/block-string-assignment-to-text-and-url-sinks.html.ini deleted file mode 100644 index 1e9f6e44f44..00000000000 --- a/tests/wpt/meta/trusted-types/block-string-assignment-to-text-and-url-sinks.html.ini +++ /dev/null @@ -1,9 +0,0 @@ -[block-string-assignment-to-text-and-url-sinks.html] - [Setting HTMLDivElement.innerHTML to a plain string] - expected: FAIL - - [Setting HTMLScriptElement.innerHTML to a plain string] - expected: FAIL - - [Setting SVGScriptElement.innerHTML to a plain string] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/default-policy.html.ini b/tests/wpt/meta/trusted-types/default-policy.html.ini deleted file mode 100644 index cf57031ddbe..00000000000 --- a/tests/wpt/meta/trusted-types/default-policy.html.ini +++ /dev/null @@ -1,22 +0,0 @@ -[default-policy.html] - expected: OK - [Count SecurityPolicyViolation events.] - expected: FAIL - - [div.innerHTML no default policy] - expected: FAIL - - [div.innerHTML default] - expected: FAIL - - [div.innerHTML null] - expected: FAIL - - [div.innerHTML throw] - expected: FAIL - - [div.innerHTML undefined] - expected: FAIL - - [div.innerHTML typeerror] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/empty-default-policy.html.ini b/tests/wpt/meta/trusted-types/empty-default-policy.html.ini deleted file mode 100644 index c3f34522557..00000000000 --- a/tests/wpt/meta/trusted-types/empty-default-policy.html.ini +++ /dev/null @@ -1,7 +0,0 @@ -[empty-default-policy.html] - expected: OK - [Count SecurityPolicyViolation events.] - expected: FAIL - - [div.innerHTML default] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/require-trusted-types-for-TypeError-belongs-to-the-global-object-realm.html.ini b/tests/wpt/meta/trusted-types/require-trusted-types-for-TypeError-belongs-to-the-global-object-realm.html.ini index df0dfe485ed..63099aaaaff 100644 --- a/tests/wpt/meta/trusted-types/require-trusted-types-for-TypeError-belongs-to-the-global-object-realm.html.ini +++ b/tests/wpt/meta/trusted-types/require-trusted-types-for-TypeError-belongs-to-the-global-object-realm.html.ini @@ -1,6 +1,3 @@ [require-trusted-types-for-TypeError-belongs-to-the-global-object-realm.html] - [Setting innerHTML on a node inserted by the parser.] - expected: FAIL - [Setting innerHTML on a node adopted from a subframe.] expected: FAIL diff --git a/tests/wpt/meta/trusted-types/require-trusted-types-for-report-only.html.ini b/tests/wpt/meta/trusted-types/require-trusted-types-for-report-only.html.ini deleted file mode 100644 index 39ec281d5f2..00000000000 --- a/tests/wpt/meta/trusted-types/require-trusted-types-for-report-only.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[require-trusted-types-for-report-only.html] - [Require trusted types for 'script' block create HTML.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/require-trusted-types-for.html.ini b/tests/wpt/meta/trusted-types/require-trusted-types-for.html.ini deleted file mode 100644 index 38d5f9eb35a..00000000000 --- a/tests/wpt/meta/trusted-types/require-trusted-types-for.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[require-trusted-types-for.html] - [Require trusted types for 'script' block create HTML.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/should-sink-type-mismatch-violation-be-blocked-by-csp-001.html.ini b/tests/wpt/meta/trusted-types/should-sink-type-mismatch-violation-be-blocked-by-csp-001.html.ini index 57cd759f8bf..d3218647e91 100644 --- a/tests/wpt/meta/trusted-types/should-sink-type-mismatch-violation-be-blocked-by-csp-001.html.ini +++ b/tests/wpt/meta/trusted-types/should-sink-type-mismatch-violation-be-blocked-by-csp-001.html.ini @@ -1,20 +1,5 @@ [should-sink-type-mismatch-violation-be-blocked-by-csp-001.html] expected: TIMEOUT - [Multiple enforce require-trusted-types-for directives.] - expected: FAIL - - [Multiple report-only require-trusted-types-for directives.] - expected: FAIL - - [One violated report-only require-trusted-types-for directive followed by multiple enforce directives] - expected: FAIL - - [One violated enforce require-trusted-types-for directive followed by multiple report-only directives] - expected: FAIL - - [Mixing enforce and report-only require-trusted-types-for directives.] - expected: FAIL - [directive "require-trusted-types-for 'script'%09'script'%0A'script'%0C'script'%0D'script'%20'script'" (required-ascii-whitespace)] expected: TIMEOUT @@ -33,9 +18,6 @@ [directive "require-trusted-types-for unquoted-invalid 'script' also-unquoted-invalid (unknown sink group)] expected: NOTRUN - [directive "require-trusted-types-for 'invalid'%09'script'" (required-ascii-whitespace)] - expected: FAIL - [directive "require-trusted-types-for 'invalid'%0A%20'script'" (required-ascii-whitespace)] expected: TIMEOUT diff --git a/tests/wpt/meta/trusted-types/trusted-types-createHTMLDocument.html.ini b/tests/wpt/meta/trusted-types/trusted-types-createHTMLDocument.html.ini deleted file mode 100644 index cca7dc42f2b..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-createHTMLDocument.html.ini +++ /dev/null @@ -1,24 +0,0 @@ -[trusted-types-createHTMLDocument.html] - [Trusted Type instances created in the main doc can be used. (document)] - expected: FAIL - - [Trusted Type instances created in the main doc can be used. (createHTMLDocument)] - expected: FAIL - - [Trusted Type instances created in the main doc can be used. (DOMParser)] - expected: FAIL - - [Trusted Type instances created in the main doc can be used. (XHR)] - expected: FAIL - - [Default policy applies. (document)] - expected: FAIL - - [Default policy applies. (createHTMLDocument)] - expected: FAIL - - [Default policy applies. (DOMParser)] - expected: FAIL - - [Default policy applies. (XHR)] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-report-only.html.ini b/tests/wpt/meta/trusted-types/trusted-types-report-only.html.ini deleted file mode 100644 index 253b126c18f..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-report-only.html.ini +++ /dev/null @@ -1,6 +0,0 @@ -[trusted-types-report-only.html] - [Trusted Type violation report-only: assign string to html] - expected: FAIL - - [Trusted Type violation report-only: assign string to script content] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-innerHTML.html.ini b/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-innerHTML.html.ini deleted file mode 100644 index ae31cf41b62..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-innerHTML.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[trusted-types-reporting-for-Element-innerHTML.html] - [Violation report for plain string.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-insertAdjacentHTML.html.ini b/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-insertAdjacentHTML.html.ini deleted file mode 100644 index ea9822131e6..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-insertAdjacentHTML.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[trusted-types-reporting-for-Element-insertAdjacentHTML.html] - [Violation report for plain string.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-outerHTML.html.ini b/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-outerHTML.html.ini deleted file mode 100644 index ccf4d385ddc..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-outerHTML.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[trusted-types-reporting-for-Element-outerHTML.html] - [Violation report for plain string.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-setHTMLUnsafe.html.ini b/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-setHTMLUnsafe.html.ini deleted file mode 100644 index a288f0fc52b..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-Element-setHTMLUnsafe.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[trusted-types-reporting-for-Element-setHTMLUnsafe.html] - [Violation report for plain string.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-HTMLScriptElement-innerHTML.html.ini b/tests/wpt/meta/trusted-types/trusted-types-reporting-for-HTMLScriptElement-innerHTML.html.ini deleted file mode 100644 index 74b6b2803cd..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-HTMLScriptElement-innerHTML.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[trusted-types-reporting-for-HTMLScriptElement-innerHTML.html] - [Violation report for plain string.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-SVGScriptElement-innerHTML.html.ini b/tests/wpt/meta/trusted-types/trusted-types-reporting-for-SVGScriptElement-innerHTML.html.ini deleted file mode 100644 index 55b972f6001..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-reporting-for-SVGScriptElement-innerHTML.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[trusted-types-reporting-for-SVGScriptElement-innerHTML.html] - [Violation report for plain string.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-sandbox-allow-scripts.html.ini b/tests/wpt/meta/trusted-types/trusted-types-sandbox-allow-scripts.html.ini deleted file mode 100644 index 7053da4f6d0..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-sandbox-allow-scripts.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[trusted-types-sandbox-allow-scripts.html] - [Default Trusted Types policy in a sandboxed page with allow-scripts.] - expected: FAIL diff --git a/tests/wpt/meta/trusted-types/trusted-types-source-file-path.html.ini b/tests/wpt/meta/trusted-types/trusted-types-source-file-path.html.ini deleted file mode 100644 index a05cfef0db5..00000000000 --- a/tests/wpt/meta/trusted-types/trusted-types-source-file-path.html.ini +++ /dev/null @@ -1,9 +0,0 @@ -[trusted-types-source-file-path.html] - [same-document script] - expected: FAIL - - [same-origin script] - expected: FAIL - - [cross-origin script] - expected: FAIL |