зеркало из https://github.com/mozilla/gecko-dev.git
77 строки
2.7 KiB
HTML
77 строки
2.7 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
<script src="support/testcases.sub.js"></script>
|
|
</head>
|
|
|
|
<body>
|
|
<script>
|
|
function getString(fragment) {
|
|
d = document.createElement("div");
|
|
d.replaceChildren(...fragment.cloneNode(true).childNodes);
|
|
return d.innerHTML;
|
|
}
|
|
|
|
function getFragment(markup) {
|
|
const d = document.createElement("div");
|
|
d.innerHTML = markup;
|
|
let f = document.createDocumentFragment();
|
|
f.replaceChildren(...d.childNodes);
|
|
return f;
|
|
}
|
|
function getDoc(markup) {
|
|
return new DOMParser().parseFromString(markup, "text/html");
|
|
}
|
|
function assert_node_equals(node1, node2) {
|
|
assert_true(node1 instanceof Node && node1.isEqualNode(node2),
|
|
`Node[${getString(node1)}] == Node[${getString(node2)}]`);
|
|
}
|
|
|
|
test(t => {
|
|
let s = new Sanitizer();
|
|
assert_throws_js(TypeError, _ => s.sanitize());
|
|
}, "Sanitizer.sanitize() should throw an error.");
|
|
|
|
test(t => {
|
|
let s = new Sanitizer();
|
|
assert_throws_js(TypeError, _ => s.sanitize(null));
|
|
}, "Sanitizer.sanitize(null).");
|
|
|
|
const probe_string = `<a href="about:blank">hello</a><script>cons` +
|
|
`ole.log("world!");<` + `/script>`;
|
|
test(t => {
|
|
const sanitized = new Sanitizer().sanitize(getFragment(probe_string));
|
|
const expected = getFragment(probe_string.substr(0, 31));
|
|
assert_node_equals(expected, sanitized);
|
|
}, "Sanitizer.sanitze(DocumentFragment)");
|
|
|
|
test(t => {
|
|
const sanitized = new Sanitizer().sanitize(getDoc(probe_string));
|
|
const expected = getFragment(probe_string.substr(0, 31));
|
|
assert_node_equals(expected, sanitized);
|
|
}, "Sanitizer.sanitze(Document)");
|
|
|
|
testcases.forEach(c => test(t => {
|
|
let s = new Sanitizer(c.config_input);
|
|
var dom = new DOMParser().parseFromString("<!DOCTYPE html><body>" + c.value, "text/html");
|
|
fragment = s.sanitize(dom);
|
|
assert_true(fragment instanceof DocumentFragment);
|
|
|
|
let result = getString(fragment);
|
|
assert_equals(result, c.result);
|
|
}, "SanitizerAPI with config: " + c.message + ", sanitize from document function for <body>"));
|
|
|
|
testcases.forEach(c => test(t => {
|
|
let s = new Sanitizer(c.config_input);
|
|
let tpl = document.createElement("template");
|
|
tpl.innerHTML = c.value;
|
|
fragment = s.sanitize(tpl.content);
|
|
assert_true(fragment instanceof DocumentFragment);
|
|
assert_equals(getString(fragment), c.result);
|
|
}, "SanitizerAPI with config: " + c.message + ", sanitize from document fragment function for <template>"));
|
|
</script>
|
|
</body>
|
|
</html>
|