Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve test coverage of sink values #494

Closed
lukewarlow opened this issue Mar 28, 2024 · 9 comments
Closed

Improve test coverage of sink values #494

lukewarlow opened this issue Mar 28, 2024 · 9 comments
Milestone
v1

Comments

@lukewarlow
Copy link
Member

We should ensure that we have exhaustive coverage of the "sink" value, this is the prefix for violation object samples, aswell as being one of the arguments for the default policy.
@lukewarlow
Copy link
Member Author

Example change web-platform-tests/wpt#45058

@lukewarlow lukewarlow added this to the v1 milestone Mar 28, 2024
@lukewarlow lukewarlow mentioned this issue Mar 28, 2024
Merged
moz-wptsync-bot pushed a commit to web-platform-tests/wpt that referenced this issue Dec 18, 2024
@mbrodesser-Igalia @moz-wptsync-bot
part 9) Extend WPT to check sink value of "Document parseHTMLUnsafe".
902982a 
One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1907849
gecko-commit: cb3e58c8b7ff8d78bfab512fae053cc7de5d787b
gecko-reviewers: smaug
moz-v2v-gh pushed a commit to mozilla/gecko-dev that referenced this issue Dec 18, 2024
@mbrodesser-Igalia
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
ab5e1fc 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363
ErichDonGubler pushed a commit to erichdongubler-mozilla/firefox that referenced this issue Dec 19, 2024
@mbrodesser-Igalia
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
0d55fc8 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363
moz-wptsync-bot pushed a commit to web-platform-tests/wpt that referenced this issue Dec 30, 2024
@mbrodesser-Igalia @moz-wptsync-bot
part 9) Extend WPT to check sink value of "Document parseHTMLUnsafe".
0175f74 
One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1907849
gecko-commit: c006cb26e155686ac4c27d2a0797ff2ce03e39a8
gecko-reviewers: smaug
@moz-wptsync-bot moz-wptsync-bot mentioned this issue Dec 30, 2024
Merged
moz-v2v-gh pushed a commit to mozilla/gecko-dev that referenced this issue Dec 30, 2024
@mbrodesser-Igalia
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
6be2663 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363
moz-wptsync-bot pushed a commit to web-platform-tests/wpt that referenced this issue Dec 31, 2024
@mbrodesser-Igalia @moz-wptsync-bot
part 9) Extend WPT to check sink value of "Document parseHTMLUnsafe".
0ecc6b7 
One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1907849
gecko-commit: c006cb26e155686ac4c27d2a0797ff2ce03e39a8
gecko-reviewers: smaug
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified-and-comments-removed that referenced this issue Jan 1, 2025
@marco-c
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
6e52bae 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

UltraBlame original commit: cb3e58c8b7ff8d78bfab512fae053cc7de5d787b
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified-and-comments-removed that referenced this issue Jan 1, 2025
@marco-c
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
db203bc 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

UltraBlame original commit: c006cb26e155686ac4c27d2a0797ff2ce03e39a8
gecko-dev-updater pushed a commit to marco-c/gecko-dev-comments-removed that referenced this issue Jan 1, 2025
@marco-c
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
df279d0 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

UltraBlame original commit: cb3e58c8b7ff8d78bfab512fae053cc7de5d787b
gecko-dev-updater pushed a commit to marco-c/gecko-dev-comments-removed that referenced this issue Jan 1, 2025
@marco-c
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
186a430 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

UltraBlame original commit: c006cb26e155686ac4c27d2a0797ff2ce03e39a8
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified that referenced this issue Jan 1, 2025
@marco-c
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
74acd73 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

UltraBlame original commit: cb3e58c8b7ff8d78bfab512fae053cc7de5d787b
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified that referenced this issue Jan 1, 2025
@marco-c
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
f280058 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

UltraBlame original commit: c006cb26e155686ac4c27d2a0797ff2ce03e39a8
i3roly pushed a commit to i3roly/firefox-dynasty that referenced this issue Jan 2, 2025
@mbrodesser-Igalia
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
619a0be 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363
i3roly pushed a commit to i3roly/firefox-dynasty that referenced this issue Jan 2, 2025
@mbrodesser-Igalia
Bug 1907849: part 9) Extend WPT to check sink value of "Document pars…
04cc105 
…eHTMLUnsafe". r=smaug

One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363
@fred-wang
Copy link
Collaborator

fred-wang commented Jan 3, 2025
edited
Loading

Trusted Types spec:
https://w3c.github.io/trusted-types/dist/spec/#enforcement-in-scripts

HTML spec:
https://html.spec.whatwg.org/multipage/infrastructure.html#tt-trustedhtml
https://html.spec.whatwg.org/multipage/infrastructure.html#tt-trustedscript
https://html.spec.whatwg.org/multipage/infrastructure.html#tt-trustedscripturl

DOM spec:
whatwg/dom#1268

CSP spec:
https://w3c.github.io/webappsec-csp/#can-compile-strings

SVG spec (merged PR don't seem to show up on https://svgwg.org/svg2-draft):
w3c/svgwg#934

Service Workers spec:
https://w3c.github.io/ServiceWorker/#ref-for-dom-serviceworkercontainer-register

execCommand draft:
https://w3c.github.io/editing/docs/execCommand/#methods-to-query-and-execute-commands

Blink IDL: https://source.chromium.org/search?q=(TrustedHTML%20OR%20TrustedScript%20OR%20TrustedScriptURL%20OR%20TrustedType)%20AND%20filepath:third_party%2Fblink%2Frenderer%2Fcore%20AND%20file:idl&start=1

WebKit IDL: https://searchfox.org/wubkat/search?q=TrustedHTML%7CTrustedScriptURL%7CTrustedScript%7CTrustedType&path=.idl%24&case=false&regexp=true

Gecko IDL: https://searchfox.org/mozilla-central/search?q=TrustedHTML%7CTrustedScriptURL%7CTrustedScript%7CTrustedType&path=.webidl%24&case=false&regexp=true

Note that checking the IDL does not give the complete list of sinks, for example eval and function constructors ends up using https://w3c.github.io/webappsec-csp/#can-compile-strings

@fred-wang
Copy link
Collaborator

fred-wang commented Jan 6, 2025
edited
Loading

Trusted Types spec:

  • HTMLScriptElement's innerText (TrustedScript) -- covered by block-string-assignment-to-text-and-url-sinks.html
  • HTMLScriptElement's textContent (TrustedScript) -- covered by block-string-assignment-to-text-and-url-sinks.html
  • HTMLScriptElement's src (TrustedScriptURL) -- covered block-string-assignment-to-text-and-url-sinks.html
  • HTMLScriptElement's text (TrustedScript) -- block-string-assignment-to-text-and-url-sinks.html

HTML spec:

  • Document's write() (TrustedHTML) -- covered by block-string-assignment-to-Document-write.html
  • Document's writeln() (TrustedHTML) -- covered by block-string-assignment-to-Document-write.html
  • Document's parseHTMLUnsafe() (TrustedHTML) -- covered by block-string-assignment-to-Document-parseHTMLUnsafe.html
  • HTMLIFrameElement's srcdoc (TrustedHTML) -- covered by block-string-assignment-to-HTMLIFrameElement-srcdoc.html
  • Element's setHTMLUnsafe()̀ (TrustedHTML`) -- covered by block-string-assignment-to-Element-setHTMLUnsafe.html
  • Element's innerHTML (TrustedHTML) -- block-string-assignment-to-text-and-url-sinks.html
  • Element's outerHTML (TrustedHTML) -- covered by block-string-assignment-to-Element-outerHTML.html
  • Element's insertAdjacentHTML() (TrustedHTML) -- covered by block-string-assignment-to-Element-insertAdjacentHTML.html
  • ShadowRoot's setHTMLUnsafe() (TrustedHTML) -- covered by block-string-assignment-to-ShadowRoot-setHTMLUnsafe.html
  • ShadowRoot's innerHTML (TrustedHTML) -- covered by block-string-assignment-to-ShadowRoot-innerHTML.html
  • DOMParser's parseFromString()̀ (TrustedHTML`) -- covered by block-string-assignment-to-DOMParser-parseFromString.html
  • Range's createContextualFragment() (TrustedHTML) -- covered by block-string-assignment-to-Range-createContextualFragment.html
  • eval() (TrustedScript) -- covered by block-eval-function-constructor.html
  • WindowOrWorkerGlobalScope's setTimeout() (TrustedScript) -- covered by block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.html (done in block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.js, which is loaded from Window, Worker and SharedWorker)
  • WindowOrWorkerGlobalScope's setInterval() (TrustedScript) -- covered by block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.html (done in block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.js, which is loaded from Window, Worker and SharedWorker)
  • WorkerGlobalScope's importScripts() (TrustedScriptURL) -- covered by trusted-types/support/WorkerGlobalScope-importScripts.https.js
  • Worker's constructor (TrustedScriptURL) -- covered by worker-constructor.https.html (from Window) and WorkerGlobalScope-worker-constructor.html (from DedicatedWorker/SharedWorker)
  • SharedWorker's constructor (TrustedScriptURL) -- covered by worker-constructor.https.html

DOM spec:

  • Element's setAttribute() (TrustedType) -- covered by set-event-handlers-content-attributes.tentative.html (event handler attributes) and Element-setAttribute-setAttributeNS-sinks.tentative.html (other attributes)
  • Element's setAttributeNS() (TrustedType) -- covered by set-event-handlers-content-attributes.tentative.html (event handler attributes) and Element-setAttribute-setAttributeNS-sinks.tentative.html (other attributes)

CSP spec:

  • eval() (TrustedScript) -- covered by block-eval-function-constructor.html
  • function constructor (TrustedScript) -- covered by block-eval-function-constructor.html

SVG spec:

  • SVGAnimatedString's baseVal (TrustedScriptURL) -- this seems essentially used for SVGScriptElement's href, but the spec status is a bit fuzzy. -- covered by trusted-types-svg-script-set-href.html
  • Luke mentioned SVGScriptElement should have similar script enforcement as HTML. For now we have block-string-assignment-to-text-and-url-sinks.html and a few other tests, but they will need to be checked again when we amend the SVG spec.

Service Workers spec:

  • ServiceWorkerContainer's register() (TrustedScriptURL) -- covered by worker-constructor.https.html (from Window) and ServiceWorkerContainer-register-from-Worker.https.html (from Worker)

execCommand draft:

  • Document's execCommand() (TrustedHTML) -- covered by block-Document-execCommand.html

@lukewarlow
Copy link
Member Author

There's also SVGScriptElement which needs handling it's just not specced yet

@fred-wang
Copy link
Collaborator

@lukewarlow yes I noticed that. It seems some PRs have been merged but are still not public. will follow-up with you privately

@fred-wang
Copy link
Collaborator

#494 (comment) should now be an up-to-date list of existing sinks. Still need to check whether we cover everything. The state of the SVG spec is still not great, but essentially we would make SVGScriptElement behave similarly to HTMLScriptElement.

Everything that is implemented in Gecko or WebKit is covered by one of the spec at #494 (comment) but Chromium still seems to implement legacy stuff (probably we should write some tests to verify these are not valid sinks):

https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/dom/child_node_part.idl?q=(TrustedHTML%20OR%20TrustedScript%20OR%20TrustedScriptURL%20OR%20TrustedType)%20AND%20filepath:third_party%2Fblink%2Frenderer%2Fcore%20AND%20file:idl&start=11
https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/dom/parent_node.idl?q=(TrustedHTML%20OR%20TrustedScript%20OR%20TrustedScriptURL%20OR%20TrustedType)%20AND%20filepath:third_party%2Fblink%2Frenderer%2Fcore%20AND%20file:idl&start=11
https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/dom/child_node.idl?q=(TrustedHTML%20OR%20TrustedScript%20OR%20TrustedScriptURL%20OR%20TrustedType)%20AND%20filepath:third_party%2Fblink%2Frenderer%2Fcore%20AND%20file:idl&start=11

fred-wang added a commit to web-platform-tests/wpt that referenced this issue Jan 6, 2025
@fred-wang
Add test to verify legacy sinks for TrustedScript are not supported
e771977 
This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
@fred-wang fred-wang mentioned this issue Jan 6, 2025
Merged
fred-wang added a commit to web-platform-tests/wpt that referenced this issue Jan 6, 2025
@fred-wang
Add test to verify legacy sinks for TrustedScript are not supported (#…
dc4c466 
…49920)

This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
@fred-wang
Copy link
Collaborator

Everything that is implemented in Gecko or WebKit is covered by one of the spec at #494 (comment) but Chromium still seems to implement legacy stuff (probably we should write some tests to verify these are not valid sinks).

Tests added in web-platform-tests/wpt#49920 for ParentNode/ChildNode and support remove from Chromium for DOM parts in https://chromium-review.googlesource.com/c/chromium/src/+/6150068.

i3roly pushed a commit to i3roly/firefox-dynasty that referenced this issue Jan 10, 2025
@fred-wang @moz-wptsync-bot
Bug 1940068 [wpt PR 49920] - Add test to verify legacy sinks for Trus…
b304a22 
…tedScript are not supported, a=testonly

Automatic update from web-platform-tests
Add test to verify legacy sinks for TrustedScript are not supported (#49920)

This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
--

wpt-commits: dc4c46629bdddcb8a4cd1f3dc702cb4d2f5eb4ee
wpt-pr: 49920
moz-v2v-gh pushed a commit to mozilla/gecko-dev that referenced this issue Jan 10, 2025
@fred-wang @moz-wptsync-bot
Bug 1940068 [wpt PR 49920] - Add test to verify legacy sinks for Trus…
765f681 
…tedScript are not supported, a=testonly

Automatic update from web-platform-tests
Add test to verify legacy sinks for TrustedScript are not supported (#49920)

This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
--

wpt-commits: dc4c46629bdddcb8a4cd1f3dc702cb4d2f5eb4ee
wpt-pr: 49920
@fred-wang
Copy link
Collaborator

I'm closing this issue as complete. Potential improvements that can be done separately:

sadym-chromium pushed a commit to web-platform-tests/wpt that referenced this issue Jan 14, 2025
@mbrodesser-Igalia @sadym-chromium
part 9) Extend WPT to check sink value of "Document parseHTMLUnsafe".
77270dd 
One step towards fixing w3c/trusted-types#494.

Differential Revision: https://phabricator.services.mozilla.com/D232363

bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1907849
gecko-commit: c006cb26e155686ac4c27d2a0797ff2ce03e39a8
gecko-reviewers: smaug
sadym-chromium pushed a commit to web-platform-tests/wpt that referenced this issue Jan 14, 2025
@fred-wang @sadym-chromium
Add test to verify legacy sinks for TrustedScript are not supported (#…
0f7381c 
…49920)

This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified-and-comments-removed that referenced this issue Jan 16, 2025
@marco-c
Bug 1940068 [wpt PR 49920] - Add test to verify legacy sinks for Trus…
b5997f2 
…tedScript are not supported, a=testonly

Automatic update from web-platform-tests
Add test to verify legacy sinks for TrustedScript are not supported (#49920)

This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
--

wpt-commits: dc4c46629bdddcb8a4cd1f3dc702cb4d2f5eb4ee
wpt-pr: 49920

UltraBlame original commit: b9478748139d73216a1c81ea40747000934f52bc
gecko-dev-updater pushed a commit to marco-c/gecko-dev-comments-removed that referenced this issue Jan 16, 2025
@marco-c
Bug 1940068 [wpt PR 49920] - Add test to verify legacy sinks for Trus…
4ec63ba 
…tedScript are not supported, a=testonly

Automatic update from web-platform-tests
Add test to verify legacy sinks for TrustedScript are not supported (#49920)

This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
--

wpt-commits: dc4c46629bdddcb8a4cd1f3dc702cb4d2f5eb4ee
wpt-pr: 49920

UltraBlame original commit: b9478748139d73216a1c81ea40747000934f52bc
gecko-dev-updater pushed a commit to marco-c/gecko-dev-wordified that referenced this issue Jan 16, 2025
@marco-c
Bug 1940068 [wpt PR 49920] - Add test to verify legacy sinks for Trus…
55f114e 
…tedScript are not supported, a=testonly

Automatic update from web-platform-tests
Add test to verify legacy sinks for TrustedScript are not supported (#49920)

This verifies some API for ParentNode/ChildNode [1] [2] don't do any
check for trusted types. This might already be covered by IDL tests but
we just perform a direct verification here. This test fails in Chromium,
which is not aligned with the DOM spec here [3] and performs specific
checks for HTML script elements. Chromium also implements similar
behavior for `ChildNodePart.replaceChildren()` but that's currently not
shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ
--

wpt-commits: dc4c46629bdddcb8a4cd1f3dc702cb4d2f5eb4ee
wpt-pr: 49920

UltraBlame original commit: b9478748139d73216a1c81ea40747000934f52bc
@fred-wang fred-wang mentioned this issue Jan 16, 2025
Open
@fred-wang
Copy link
Collaborator

Do similar tests for violation object samples.

This can be tracked in #576

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1
Development

No branches or pull requests
2 participants
@fred-wang @lukewarlow