Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/external/wpt/trusted-types/block-string-assignment-to-ShadowRoot-setHTMLUnsafe.html 

<!DOCTYPE html>
<html>
<head>
  <meta name="author" title="Luke Warlow" href="mailto:[email protected]">
  <script src="/resources/testharness.js"></script>
  <script src="/resources/testharnessreport.js"></script>
  <script src="support/helper.sub.js"></script>

  <meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script';">
</head>
<body>
<div id="container"></div>
<script>
  var container = document.querySelector('#container')

  // TrustedHTML assignments do not throw.
  test(t => {
    let p = createHTML_policy(window, 1);
    let html = p.createHTML(INPUTS.HTML);

    let d = document.createElement('div');
    let s = d.attachShadow({mode: 'open'});
    document.querySelector('#container').appendChild(d);
    s.setHTMLUnsafe(html);
    assert_equals(s.innerHTML, RESULTS.HTML);

    while (container.firstChild)
      container.firstChild.remove();
  }, "shadowRoot.setHTMLUnsafe(html) assigned via policy (successful HTML transformation).");

  // String assignments throw.
  test(t => {
    let d = document.createElement('div');
    let s = d.attachShadow({mode: 'open'});
    container.appendChild(d);
    assert_throws_js(TypeError, _ => {
      s.setHTMLUnsafe("Fail");
    });
    assert_equals(s.innerHTML, "");
    while (container.firstChild)
      container.firstChild.remove();
  }, "`shadowRoot.setHTMLUnsafe(string)` throws.");

  // Null assignment throws.
  test(t => {
    let d = document.createElement('div');
    let s = d.attachShadow({mode: 'open'});
    container.appendChild(d);
    assert_throws_js(TypeError, _ => {
      s.setHTMLUnsafe(null);
    });
    assert_equals(s.innerHTML, "");
    while (container.firstChild)
      container.firstChild.remove();
  }, "`shadowRoot.setHTMLUnsafe(null)` throws.");

  // After default policy creation string assignment implicitly calls createHTML.
  test(t => {
    let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true);

    let d = document.createElement('div');
    let s = d.attachShadow({mode: 'open'});
    document.querySelector('#container').appendChild(d);
    s.setHTMLUnsafe(INPUTS.HTML);
    assert_equals(s.innerHTML, RESULTS.HTML);

    while (container.firstChild)
      container.firstChild.remove();
  }, "`shadowRoot.setHTMLUnsafe(string)` assigned via default policy (successful HTML transformation).");

  // After default policy creation null assignment implicitly calls createHTML.
  test(t => {
    let d = document.createElement('div');
    let s = d.attachShadow({mode: 'open'});
    container.appendChild(d);
    s.setHTMLUnsafe(null);
    assert_equals(s.innerHTML, "null");

    while (container.firstChild)
      container.firstChild.remove();
  }, "`shadowRoot.setHTMLUnsafe(string)` assigned via default policy does not throw");
</script>
</body>
</html>