зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1680566 - Reformat sanitizer API test. r=freddyb
Just remove a bunch of indentation and use 2-spaces like the usual Gecko / JS style. Remove unneeded setBoolPref (pushPrefEnv takes care of that). Differential Revision: https://phabricator.services.mozilla.com/D98676
This commit is contained in:
Родитель
8b9e5e401d
Коммит
2e9947a755
|
@ -1,87 +1,82 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<title>Test sanitizer api</title>
|
||||
<script src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" href="/tests/SimpleTest/test.css" />
|
||||
<div id="div"></div>
|
||||
<script type="text/javascript">
|
||||
"use strict";
|
||||
/* global Sanitizer */
|
||||
// we're not done after "onload"
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
(async function() {
|
||||
// Ensure Sanitizer is not exposed when the pref is false
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["dom.security.sanitizer.enabled", false]],
|
||||
});
|
||||
ok(typeof Sanitizer === "undefined", "Sanitizer undefined when preffed off");
|
||||
|
||||
<head>
|
||||
<title>Test sanitizer api</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id="div"></div>
|
||||
<script type="text/javascript">
|
||||
"use strict";
|
||||
/* global Sanitizer */
|
||||
// we're not done after "onload"
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
var oldVal = SpecialPowers.getBoolPref("dom.security.sanitizer.enabled");
|
||||
|
||||
(async function() {
|
||||
// Ensure Sanitizer is not exposed when the pref is false
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["dom.security.sanitizer.enabled", false]],
|
||||
});
|
||||
ok(typeof Sanitizer === "undefined", "Sanitizer undefined when preffed off");
|
||||
|
||||
// The rest of this test assumes the sanitizer is enabled
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["dom.security.sanitizer.enabled", true]],
|
||||
});
|
||||
// The rest of this test assumes the sanitizer is enabled
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["dom.security.sanitizer.enabled", true]],
|
||||
});
|
||||
|
||||
|
||||
function* possibleInputTypes(inputStr) {
|
||||
/* This generator function, given a string, yields all possible input objects
|
||||
for our sanitizer API (string, docfragment, document).
|
||||
*/
|
||||
function* possibleInputTypes(inputStr) {
|
||||
/* This generator function, given a string, yields all possible input objects
|
||||
for our sanitizer API (string, docfragment, document).
|
||||
*/
|
||||
|
||||
// 1) as string
|
||||
yield ({testInput: inputStr, testType: "String" });
|
||||
// 2) as DocumentFragment
|
||||
let temp = document.createElement('template');
|
||||
// asking eslint to skip this: innerHTML is safe for template elements.
|
||||
// eslint-disable-next-line no-unsanitized/property
|
||||
temp.innerHTML = inputStr;
|
||||
yield ({testInput: temp.content, testType: "DocumentFragment" });
|
||||
// 3) as HTMLDocument
|
||||
const parser = new DOMParser;
|
||||
yield ({testInput: parser.parseFromString(inputStr, "text/html"), testType: "Document" });
|
||||
}
|
||||
// basic interface smoke test
|
||||
ok(typeof Sanitizer === "function", "Sanitizer constructor exposed when preffed on");
|
||||
const mySanitizer = new Sanitizer();
|
||||
ok(mySanitizer, "Sanitizer constructor works");
|
||||
ok(mySanitizer.sanitize, "sanitize function exists");
|
||||
// 1) as string
|
||||
yield ({testInput: inputStr, testType: "String" });
|
||||
// 2) as DocumentFragment
|
||||
let temp = document.createElement('template');
|
||||
// asking eslint to skip this: innerHTML is safe for template elements.
|
||||
// eslint-disable-next-line no-unsanitized/property
|
||||
temp.innerHTML = inputStr;
|
||||
yield ({testInput: temp.content, testType: "DocumentFragment" });
|
||||
// 3) as HTMLDocument
|
||||
const parser = new DOMParser;
|
||||
yield ({testInput: parser.parseFromString(inputStr, "text/html"), testType: "Document" });
|
||||
}
|
||||
// basic interface smoke test
|
||||
ok(typeof Sanitizer === "function", "Sanitizer constructor exposed when preffed on");
|
||||
const mySanitizer = new Sanitizer();
|
||||
ok(mySanitizer, "Sanitizer constructor works");
|
||||
ok(mySanitizer.sanitize, "sanitize function exists");
|
||||
|
||||
// testing sanitizer results
|
||||
const testCases = [
|
||||
{testString: "<p>hello</p>", testExpected: "<p>hello</p>" },
|
||||
// script element encoded to not confuse the HTML parser and end execution here
|
||||
{ testString: "<p>second test</p><script>alert(1)\x3C/script>", testExpected: "<p>second test</p>"},
|
||||
];
|
||||
// testing sanitizer results
|
||||
const testCases = [
|
||||
{
|
||||
testString: "<p>hello</p>",
|
||||
testExpected: "<p>hello</p>"
|
||||
},
|
||||
{
|
||||
// script element encoded to not confuse the HTML parser and end execution here
|
||||
testString: "<p>second test</p><script>alert(1)\x3C/script>",
|
||||
testExpected: "<p>second test</p>"
|
||||
},
|
||||
];
|
||||
|
||||
|
||||
const div = document.getElementById("div");
|
||||
for (let test of testCases) {
|
||||
const {testString, testExpected} = test;
|
||||
const div = document.getElementById("div");
|
||||
for (let test of testCases) {
|
||||
const {testString, testExpected} = test;
|
||||
|
||||
for (let testInputAndType of possibleInputTypes(testString)) {
|
||||
const {testInput, testType} = testInputAndType;
|
||||
for (let testInputAndType of possibleInputTypes(testString)) {
|
||||
const {testInput, testType} = testInputAndType;
|
||||
|
||||
// test documentfragment API
|
||||
div.innerHTML = "";
|
||||
const docFragment = mySanitizer.sanitize(testInput);
|
||||
div.append(docFragment);
|
||||
is(div.innerHTML, testExpected, `Sanitizer.sanitize() should turn (${testType}) '${testInput}' into '${testExpected}'`);
|
||||
// test documentfragment API
|
||||
div.innerHTML = "";
|
||||
const docFragment = mySanitizer.sanitize(testInput);
|
||||
div.append(docFragment);
|
||||
is(div.innerHTML, testExpected, `Sanitizer.sanitize() should turn (${testType}) '${testInput}' into '${testExpected}'`);
|
||||
|
||||
// test string api, doesnt work yet
|
||||
/*is(mySanitizer.sanitizeToString(testInput), testExpected,
|
||||
`Sanitizer.sanitizeToString() should turn (${testType}) '${testInput}' into '${testExpected}'`);*/
|
||||
}
|
||||
}
|
||||
// test string api, doesnt work yet
|
||||
/*is(mySanitizer.sanitizeToString(testInput), testExpected,
|
||||
`Sanitizer.sanitizeToString() should turn (${testType}) '${testInput}' into '${testExpected}'`);*/
|
||||
}
|
||||
}
|
||||
|
||||
SpecialPowers.setBoolPref("dom.security.sanitizer.enabled", oldVal);
|
||||
SimpleTest.finish();
|
||||
})();
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
SimpleTest.finish();
|
||||
})();
|
||||
</script>
|
||||
|
|
Загрузка…
Ссылка в новой задаче