Added mechanisms for default policy

With a default policy defined, assignments implicitly call createXXX on the default policy Added ScriptState* to the accessors visible from JavaScript Tests were updated to check string assignment when trusted-types are needed before and after the default policy is defined Bug: 739170 Change-Id: I9bb841d69f324b841602d41abd71f753a9858af8 Reviewed-on: https://chromium-review.googlesource.com/c/1207530Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Yuki Shiino <yukishiino@chromium.org> Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#605720}

Added mechanisms for default policy
With a default policy defined, assignments implicitly call createXXX on the default policy Added ScriptState* to the accessors visible from JavaScript Tests were updated to check string assignment when trusted-types are needed before and after the default policy is defined Bug: 739170 Change-Id: I9bb841d69f324b841602d41abd71f753a9858af8 Reviewed-on: https://chromium-review.googlesource.com/c/1207530Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Yuki Shiino <yukishiino@chromium.org> Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#605720}
7ba7aded · Daniel Vogelheim · Commit Bot · d4860fed · 7ba7aded · 7ba7aded
Commit 7ba7aded authored Nov 06, 2018 by Daniel Vogelheim Committed by Commit Bot Nov 06, 2018
26 changed files
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/TrustedTypePolicyFactory-createPolicy-defaultTests.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/TrustedTypePolicyFactory-createPolicy-defaultTests.tentative.html
+<!DOCTYPE html>
+<script src="/resources/testharness.js" ></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="support/helper.sub.js"></script>
+<body>
+<script>
+  //Policy name test
+  test(t => {
+    assert_throws("InvalidStateError", _ => {
+      let policy = window.TrustedTypes.createPolicy('default', { createHTML: s => s } );
+    });
+  }, "default policy has to be exposed");
+</script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/Window-TrustedTypes.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/Window-TrustedTypes.tentative.html
@@ -8,4 +8,10 @@
    let factory = window.TrustedTypes;
    assert_true(factory instanceof TrustedTypePolicyFactory);
  }, "factory = window.TrustedTypes");
+
+  test(t => {
+    assert_throws(new TypeError(), _ => {
+      let factory = new TrustedTypePolicyFactory();
+    });
+  }, "factory construction fails");
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-DOMParser-parseFromString.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-DOMParser-parseFromString.tentative.html
@@ -30,4 +30,19 @@
      var doc = parser.parseFromString(null, "text/html");
    });
  }, "'document.innerText = null' throws");
+
+  // After default policy creation string assignment implicitly calls createHTML.
+  test(t => {
+    let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true);
+    let parser = new DOMParser();
+    let doc = parser.parseFromString(INPUTS.HTML, "text/html");
+    assert_equals(doc.body.innerText, RESULTS.HTML);
+  }, "'document.innerText = string' assigned via default policy (successful HTML transformation).");
+
+  // After default policy creation null assignment implicitly calls createHTML.
+  test(t => {
+    var parser = new DOMParser();
+    var doc = parser.parseFromString(null, "text/html");
+    assert_equals(doc.body.innerText, "null");
+  }, "'document.innerText = null' assigned via default policy does not throw");
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.tentative.html
@@ -53,4 +53,17 @@
      setInterval(null);
    });
  }, "`window.setInterval(null)` throws.");
+
+  // After default policy creation string assignment implicitly calls createScript.
+  test(t => {
+    let policy = window.TrustedTypes.createPolicy("default", { createScript: createScriptJS }, true);
+    setTimeout(INPUTS.SCRIPT);
+    setInterval(INPUTS.SCRIPT);
+  }, "`setTimeout(string)`, `setInterval(string)` via default policy (successful Script transformation).");
+
+  // After default policy creation null assignment implicitly calls createScript.
+  test(t => {
+    setTimeout(null);
+    setInterval(null);
+  }, "`setTimeout(null)`, `setInterval(null)` via default policy (successful Script transformation).");
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Document-write.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Document-write.tentative.html
@@ -9,6 +9,14 @@
 </head>
 <body>
 <script>
+  // TrustedHTML assignments do not throw.
+  test(t => {
+    let p = createHTML_policy(window, 1);
+    let html = p.createHTML(INPUTS.HTML);
+    document.write(html);
+    assert_equals(document.body.innerText, RESULTS.HTML);
+  }, "document.write with html assigned via policy (successful URL transformation).");
+
  // String assignments throw.
  test(t => {
    assert_throws(new TypeError(), _ => {

--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-insertAdjacentHTML.tentative.html
@@ -90,6 +90,58 @@
    assert_equals(d.lastChild, null);
    assert_equals(d.nextSibling, null);
  }, "`insertAdjacentHTML(null)` throws.");
+
+  // After default policy creation string assignment implicitly calls createHTML.
+  test(t => {
+    let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true);
+
+    var d = document.createElement('div');
+    container.appendChild(d);
+
+    d.insertAdjacentHTML('beforebegin', INPUTS.HTML);
+    assert_equals(d.previousSibling.nodeType, Node.TEXT_NODE);
+    assert_equals(d.previousSibling.data, RESULTS.HTML);
+
+    d.insertAdjacentHTML('afterbegin', INPUTS.HTML);
+    assert_equals(d.firstChild.nodeType, Node.TEXT_NODE);
+    assert_equals(d.firstChild.data, RESULTS.HTML);
+
+    d.insertAdjacentHTML('beforeend', INPUTS.HTML);
+    assert_equals(d.lastChild.nodeType, Node.TEXT_NODE);
+    assert_equals(d.lastChild.data, RESULTS.HTML);
+
+    d.insertAdjacentHTML('afterend', INPUTS.HTML);
+    assert_equals(d.nextSibling.nodeType, Node.TEXT_NODE);
+    assert_equals(d.nextSibling.data, RESULTS.HTML);
+
+    while (container.firstChild)
+      container.firstChild.remove();
+  }, "`insertAdjacentHTML(string)` assigned via default policy (successful HTML transformation).");
+
+   // After default policy creation null assignment implicitly calls createHTML.
+  test(t => {
+    var d = document.createElement('div');
+    container.appendChild(d);
+
+    d.insertAdjacentHTML('beforebegin', null);
+    assert_equals(d.previousSibling.nodeType, Node.TEXT_NODE);
+    assert_equals(d.previousSibling.data, "null");
+
+    d.insertAdjacentHTML('afterbegin', null);
+    assert_equals(d.firstChild.nodeType, Node.TEXT_NODE);
+    assert_equals(d.firstChild.data, "null");
+
+    d.insertAdjacentHTML('beforeend', null);
+    assert_equals(d.lastChild.nodeType, Node.TEXT_NODE);
+    assert_equals(d.lastChild.data, "null");
+
+    d.insertAdjacentHTML('afterend', null);
+    assert_equals(d.nextSibling.nodeType, Node.TEXT_NODE);
+    assert_equals(d.nextSibling.data, "null");
+
+    while (container.firstChild)
+      container.firstChild.remove();
+  }, "`insertAdjacentHTML(null)` assigned via default policy does not throw.");
 </script>
 </body>
 </html>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-outerHTML.tentative-expected.txt
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-outerHTML.tentative-expected.txt
+This is a testharness.js-based test.
+PASS outerHTML with html assigned via policy (successful HTML transformation).
+PASS `outerHTML = string` throws.
+PASS `outerHTML = null` throws.
+PASS `outerHTML = string` assigned via default policy (successful HTML transformation).
+FAIL `outerHTML = null` assigned via default policy does not throw assert_equals: expected "null" but got ""
+Harness: the test ran to completion.
+
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-outerHTML.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-outerHTML.tentative.html
@@ -49,6 +49,30 @@
    while (container.firstChild)
      container.firstChild.remove();
  }, "`outerHTML = null` throws.");
+
+  // After default policy creation string assignment implicitly calls createHTML.
+  test(t => {
+    let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true);
+
+    var d = document.createElement('div');
+    document.querySelector('#container').appendChild(d);
+    d.outerHTML = INPUTS.HTML;
+    assert_equals(container.innerText, RESULTS.HTML);
+
+    while (container.firstChild)
+      container.firstChild.remove();
+  }, "`outerHTML = string` assigned via default policy (successful HTML transformation).");
+
+  // After default policy creation null assignment implicitly calls createHTML.
+  test(t => {
+    var d = document.createElement('div');
+    container.appendChild(d);
+    d.outerHTML = null;
+    assert_equals(container.innerText, "null");
+
+    while (container.firstChild)
+      container.firstChild.remove();
+  }, "`outerHTML = null` assigned via default policy does not throw");
 </script>
 </body>
 </html>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-setAttribute.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Element-setAttribute.tentative.html
@@ -10,7 +10,7 @@
 <body>
 <script>
  // TrustedURL Assignments
-  let testCases = [
+  const URLTestCases = [
    [ 'a', 'href' ],
    [ 'area', 'href' ],
    [ 'base', 'href' ],
@@ -26,7 +26,7 @@
    [ 'track', 'src' ]
  ];

-  testCases.forEach(c => {
+  URLTestCases.forEach(c => {
    test(t => {
      assert_element_accepts_trusted_url_explicit_set(window, c, t, c[0], c[1], RESULTS.URL);
      assert_throws_no_trusted_type_explicit_set(c[0], c[1], 'A string');
@@ -35,12 +35,12 @@
  });

  // TrustedScriptURL Assignments
-  let scriptTestCases = [
+  const scriptURLTestCases = [
    [ 'embed', 'src' ],
    [ 'script', 'src' ]
  ];

-  scriptTestCases.forEach(c => {
+  scriptURLTestCases.forEach(c => {
    test(t => {
      assert_element_accepts_trusted_script_url_explicit_set(window, c, t, c[0], c[1], RESULTS.SCRIPTURL);
      assert_throws_no_trusted_type_explicit_set(c[0], c[1], 'A string');
@@ -49,7 +49,7 @@
  });

  // TrustedHTML Assignments
-  let HTMLTestCases = [
+  const HTMLTestCases = [
    [ 'iframe', 'srcdoc' ]
  ];

@@ -61,6 +61,35 @@
    }, c[0] + "." + c[1] + " accepts only TrustedHTML");
  });

+  // After default policy creation string and null assignments implicitly call createXYZ
+  let p = window.TrustedTypes.createPolicy("default", { createURL: createURLJS, createScriptURL: createScriptURLJS, createHTML: createHTMLJS }, true);
+  URLTestCases.forEach(c => {
+    test(t => {
+      assert_element_accepts_trusted_type(c[0], c[1], INPUTS.URL, RESULTS.URL);
+
+      // Properties that actually parse the URLs will resort to the base URL
+      // when given a null or empty URL.
+      assert_element_accepts_trusted_type(c[0], c[1], null, "" + window.location);
+    }, c[0] + "." + c[1] + " accepts string and null after default policy was created.");
+  });
+
+  scriptURLTestCases.forEach(c => {
+    test(t => {
+      assert_element_accepts_trusted_type(c[0], c[1], INPUTS.SCRIPTURL, RESULTS.SCRIPTURL);
+
+      // Properties that actually parse the URLs will resort to the base URL
+      // when given a null or empty URL.
+      assert_element_accepts_trusted_type(c[0], c[1], null, "" + window.location);
+    }, c[0] + "." + c[1] + " accepts string and null after default policy was created.");
+  });
+
+  HTMLTestCases.forEach(c => {
+    test(t => {
+      assert_element_accepts_trusted_type(c[0], c[1], INPUTS.HTML, RESULTS.HTML);
+      assert_element_accepts_trusted_type(c[0], c[1], null, "null");
+    }, c[0] + "." + c[1] + " accepts string and null after default policy was created.");
+  });
+
  // Other attributes can be assigned with TrustedTypes or strings or null values
  test(t => {
    assert_element_accepts_trusted_url_explicit_set(window, 'arel', t, 'a', 'rel', RESULTS.URL);

--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-HTMLElement-generic.tentative-expected.txt
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-HTMLElement-generic.tentative-expected.txt
+This is a testharness.js-based test.
+PASS a.href accepts only TrustedURL
+PASS area.href accepts only TrustedURL
+PASS base.href accepts only TrustedURL
+PASS frame.src accepts only TrustedURL
+PASS iframe.src accepts only TrustedURL
+PASS img.src accepts only TrustedURL
+PASS input.src accepts only TrustedURL
+PASS link.href accepts only TrustedURL
+PASS video.src accepts only TrustedURL
+PASS object.data accepts only TrustedURL
+PASS object.codeBase accepts only TrustedURL
+PASS source.src accepts only TrustedURL
+PASS track.src accepts only TrustedURL
+PASS embed.src accepts only TrustedScriptURL
+PASS script.src accepts only TrustedScriptURL
+PASS div.innerHTML accepts only TrustedHTML
+PASS iframe.srcdoc accepts only TrustedHTML
+PASS a.href accepts string and null after default policy was created
+PASS area.href accepts string and null after default policy was created
+PASS base.href accepts string and null after default policy was created
+PASS frame.src accepts string and null after default policy was created
+PASS iframe.src accepts string and null after default policy was created
+PASS img.src accepts string and null after default policy was created
+PASS input.src accepts string and null after default policy was created
+PASS link.href accepts string and null after default policy was created
+PASS video.src accepts string and null after default policy was created
+PASS object.data accepts string and null after default policy was created
+PASS object.codeBase accepts string and null after default policy was created
+PASS source.src accepts string and null after default policy was created
+PASS track.src accepts string and null after default policy was created
+PASS embed.src accepts string and null after default policy was created
+PASS script.src accepts string and null after default policy was created
+FAIL div.innerHTML accepts string and null after default policy was created assert_equals: expected "null" but got ""
+PASS iframe.srcdoc accepts string and null after default policy was created
+Harness: the test ran to completion.
+
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-HTMLElement-generic.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-HTMLElement-generic.tentative.html
@@ -11,7 +11,7 @@
 <script>
  var testnb = 0;
  // TrustedURL Assignments
-  let testCases = [
+  const URLTestCases = [
    [ 'a', 'href' ],
    [ 'area', 'href' ],
    [ 'base', 'href' ],
@@ -27,7 +27,7 @@
    [ 'track', 'src' ]
  ];

-  testCases.forEach(c => {
+  URLTestCases.forEach(c => {
    test(t => {
      assert_element_accepts_trusted_url(window, ++testnb, t, c[0], c[1], RESULTS.URL);
      assert_throws_no_trusted_type(c[0], c[1], 'A string');
@@ -36,13 +36,13 @@
  });

  // TrustedScriptURL Assignments
-  let scriptTestCases = [
+  const scriptURLTestCases = [
    [ 'embed', 'src' ],
    [ 'script', 'src' ]
  ];

  testnb = 0;
-  scriptTestCases.forEach(c => {
+  scriptURLTestCases.forEach(c => {
    test(t => {
      assert_element_accepts_trusted_script_url(window, ++testnb, t, c[0], c[1], RESULTS.SCRIPTURL);
      assert_throws_no_trusted_type(c[0], c[1], 'A string');
@@ -51,7 +51,7 @@
  });

  // TrustedHTML Assignments
-  let HTMLTestCases = [
+  const HTMLTestCases = [
    [ 'div', 'innerHTML' ],
    [ 'iframe', 'srcdoc' ]
  ];
@@ -64,4 +64,29 @@
      assert_throws_no_trusted_type(c[0], c[1], null);
    }, c[0] + "." + c[1] + " accepts only TrustedHTML");
  });
+
+  // After default policy creation string and null assignments implicitly call createHTML
+  let p = window.TrustedTypes.createPolicy("default", { createURL: createURLJS, createScriptURL: createScriptURLJS, createHTML: createHTMLJS }, true);
+
+  URLTestCases.forEach(c => {
+    test(t => {
+      assert_element_accepts_trusted_type(c[0], c[1], INPUTS.URL, RESULTS.URL);
+      assert_element_accepts_trusted_type(c[0], c[1], null, "" + window.location);
+    }, c[0] + "." + c[1] + " accepts string and null after default policy was created");
+  });
+
+  scriptURLTestCases.forEach(c => {
+    test(t => {
+      assert_element_accepts_trusted_type(c[0], c[1], INPUTS.SCRIPTURL, RESULTS.SCRIPTURL);
+      assert_element_accepts_trusted_type(c[0], c[1], null, "" + window.location);
+    }, c[0] + "." + c[1] + " accepts string and null after default policy was created");
+  });
+
+
+  HTMLTestCases.forEach(c => {
+    test(t => {
+      assert_element_accepts_trusted_type(c[0], c[1], INPUTS.HTML, RESULTS.HTML);
+      assert_element_accepts_trusted_type(c[0], c[1], null, "null");
+    }, c[0] + "." + c[1] + " accepts string and null after default policy was created");
+  });
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Location-assign.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Location-assign.tentative.html
@@ -30,4 +30,20 @@
      location.assign(null);
    });
  }, "`location.assign = null` throws");
+
+  // Create default policy. Applies to all subsequent tests.
+  let p = window.TrustedTypes.createPolicy("default",
+      { createURL: createLocationURLJS }, true);
+
+  // After default policy creation string assignment implicitly calls createURL.
+  test(t => {
+    location.assign("abcdefg");
+    assert_true(location.href.endsWith("#abcdefg"));
+  }, "`location.assign = string` via default policy (successful URL transformation).");
+
+  // After default policy creation null assignment implicitly calls createURL.
+  test(t => {
+    location.assign(null);
+    assert_true(location.href.endsWith("#null"));
+  }, "`location.assign = null` via default policy does not throw.");
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Location-href.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Location-href.tentative.html
@@ -30,4 +30,21 @@
      location.href = null;
    });
  }, "`location.href = null` throws");
+
+
+  // Create default policy. Applies to all subsequent tests.
+  let p = window.TrustedTypes.createPolicy("default",
+      { createURL: createLocationURLJS }, true);
+
+  // After default policy creation string assignment implicitly calls createURL.
+  test(t => {
+    location.href = "xxxx";
+    assert_true(location.href.endsWith("#xxxx"));
+  }, "`location.href = string` via default policy (successful URL transformation).");
+
+  // After default policy creation null assignment implicitly calls createURL.
+  test(t => {
+    location.href = null;
+    assert_true(location.href.endsWith("#null"));
+  }, "`location.href = null` assigned via default policy does not throw.");
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Location-replace.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Location-replace.tentative.html
@@ -30,4 +30,20 @@
      location.replace(null);
    });
  }, "`location.replace = null` throws");
+
+  // Create default policy. Applies to all subsequent tests.
+  let p = window.TrustedTypes.createPolicy("default",
+      { createURL: createLocationURLJS }, true);
+
+  // After default policy creation string assignment implicitly calls createURL.
+  test(t => {
+    location.replace("potato");
+    assert_true(location.href.endsWith("#potato"));
+  }, "`location.replace = string` via default policy (successful URL transformation).");
+
+  // After default policy creation null assignment implicitly calls createURL.
+  test(t => {
+    location.replace(null);
+    assert_true(location.href.endsWith("#null"));
+  }, "`location.replace = null` via default policy (successful URL transformation).");
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Range-createContextualFragment.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Range-createContextualFragment.tentative.html
@@ -33,4 +33,21 @@
      var result = range.createContextualFragment(null);
    });
  }, "`range.createContextualFragment(null)` throws.");
+
+  // After default policy creation string assignment implicitly calls createHTML
+  test(t => {
+    let p = window.TrustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true);
+    var range = document.createRange();
+    range.selectNodeContents(document.documentElement);
+    var result = range.createContextualFragment(INPUTS.HTML);
+    assert_equals(result.textContent, RESULTS.HTML);
+  }, "`range.createContextualFragment(string)` assigned via default policy (successful HTML transformation).");
+
+  // After default policy creation null assignment implicitly calls createHTML
+  test(t => {
+    var range = document.createRange();
+    range.selectNodeContents(document.documentElement);
+    var result = range.createContextualFragment(null);
+    assert_equals(result.textContent, "null");
+  }, "`range.createContextualFragment(null)` assigned via default policy does not throw.");
 </script>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Window-open.tentative.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/block-string-assignment-to-Window-open.tentative.html
@@ -29,6 +29,14 @@
    });
  }

+  function testWindowDoesntThrow(t, url, expected, win) {
+    let child_window = win.open(url, "", "");
+    child_window.onload = t.step_func_done(_ => {
+      assert_equals(child_window.location.href, expected);
+      child_window.close();
+    });
+  }
+
  // TrustedURL assignments do not throw.
  test(t => {
    testWindowOpen(t, window, ++testnb);
@@ -55,6 +63,24 @@
  test(t => {
    testWindowThrows(t, null, document, ++testnb);
  }, "`document.open(null)` throws.");
+
+  // After default policy creation string assignment implicitly calls createURL.
+  let p = window.TrustedTypes.createPolicy("default", { createURL: createURLJS }, true);
+  test(t => {
+    testWindowDoesntThrow(t, INPUTS.URL, RESULTS.URL, window);
+  }, "'window.open(string)' assigned via default policy (successful URL transformation).");
+
+  test(t => {
+    testWindowDoesntThrow(t, INPUTS.URL, RESULTS.URL, document);
+  }, "'document.open(string)' assigned via default policy (successful URL transformation).");
+
+  test(t => {
+    testWindowDoesntThrow(t, null, "null", window);
+  }, "'window.open(null)' assigned via default policy does not throw.");
+
+  test(t => {
+    testWindowDoesntThrow(t, null, "null", document);
+  }, "'document.open(null)' assigned via default policy does not throw.");
 </script>
 </body>
 </html>
--- a/third_party/WebKit/LayoutTests/external/wpt/trusted-types/support/helper.sub.js
+++ b/third_party/WebKit/LayoutTests/external/wpt/trusted-types/support/helper.sub.js
-var INPUTS = {
+const INPUTS = {
  HTML: "Hi, I want to be transformed!",
  SCRIPT: "Hi, I want to be transformed!",
  SCRIPTURL: "http://this.is.a.scripturl.test/",
  URL: "http://hello.i.am.an.url/"
 };

-var RESULTS = {
+const RESULTS = {
  HTML: "Quack, I want to be a duck!",
  SCRIPT: "Meow, I want to be a cat!",
  SCRIPTURL: "http://this.is.a.successful.test/",
@@ -31,6 +31,14 @@ function createURLJS(url) {
      .replace("an.url", "successfully.transformed");
 }

+// When testing location.href (& friends), we have the problem that assigning
+// to the new location will navigate away from the test. To fix this, we'll
+// have a policy that will just stick the argument into the fragment identifier
+// of the current location.href.
+function createLocationURLJS(value) {
+  return location.href.replace(/#.*/g, "") + "#" + value;
+}
+
 function createHTML_policy(win, c) {
  return win.TrustedTypes.createPolicy('SomeHTMLPolicyName' + c, { createHTML: createHTMLJS });
 }

--- a/third_party/blink/renderer/bindings/core/v8/custom/v8_element_custom.cc
+++ b/third_party/blink/renderer/bindings/core/v8/custom/v8_element_custom.cc
@@ -37,7 +37,7 @@ void V8Element::innerHTMLAttributeSetterCustom(
  if (value->IsNull()) {
    cpp_value.SetString(String());
  } else {
-    V8StringOrTrustedHTML::ToImpl(info.GetIsolate(), value, cpp_value,
+    V8StringOrTrustedHTML::ToImpl(isolate, value, cpp_value,
                                  UnionTypeConversionMode::kNotNullable,
                                  exception_state);
  }
@@ -70,7 +70,7 @@ void V8Element::outerHTMLAttributeSetterCustom(
  if (value->IsNull()) {
    cpp_value.SetString(String());
  } else {
-    V8StringOrTrustedHTML::ToImpl(info.GetIsolate(), value, cpp_value,
+    V8StringOrTrustedHTML::ToImpl(isolate, value, cpp_value,
                                  UnionTypeConversionMode::kNotNullable,
                                  exception_state);
  }

--- a/third_party/blink/renderer/bindings/core/v8/custom/v8_shadow_root_custom.cc
+++ b/third_party/blink/renderer/bindings/core/v8/custom/v8_shadow_root_custom.cc
@@ -37,7 +37,7 @@ void V8ShadowRoot::innerHTMLAttributeSetterCustom(
  if (value->IsNull()) {
    cpp_value.SetString(String());
  } else {
-    V8StringOrTrustedHTML::ToImpl(info.GetIsolate(), value, cpp_value,
+    V8StringOrTrustedHTML::ToImpl(isolate, value, cpp_value,
                                  UnionTypeConversionMode::kNotNullable,
                                  exception_state);
  }

--- a/third_party/blink/renderer/bindings/core/v8/v8_binding_for_core.cc
+++ b/third_party/blink/renderer/bindings/core/v8/v8_binding_for_core.cc
@@ -871,13 +871,13 @@ bool HasCallableIteratorSymbol(v8::Isolate* isolate,
  return iterator_getter->IsFunction();
 }

-v8::Isolate* ToIsolate(ExecutionContext* context) {
+v8::Isolate* ToIsolate(const ExecutionContext* context) {
  if (context && context->IsDocument())
    return V8PerIsolateData::MainThreadIsolate();
  return v8::Isolate::GetCurrent();
 }

-v8::Isolate* ToIsolate(LocalFrame* frame) {
+v8::Isolate* ToIsolate(const LocalFrame* frame) {
  DCHECK(frame);
  return frame->GetWindowProxyManager()->GetIsolate();
 }

--- a/third_party/blink/renderer/bindings/core/v8/v8_binding_for_core.h
+++ b/third_party/blink/renderer/bindings/core/v8/v8_binding_for_core.h
@@ -439,8 +439,8 @@ CORE_EXPORT bool HasCallableIteratorSymbol(v8::Isolate*,
                                           v8::Local<v8::Value>,
                                           ExceptionState&);

-CORE_EXPORT v8::Isolate* ToIsolate(ExecutionContext*);
-CORE_EXPORT v8::Isolate* ToIsolate(LocalFrame*);
+CORE_EXPORT v8::Isolate* ToIsolate(const ExecutionContext*);
+CORE_EXPORT v8::Isolate* ToIsolate(const LocalFrame*);

 CORE_EXPORT DOMWindow* ToDOMWindow(v8::Isolate*, v8::Local<v8::Value>);
 CORE_EXPORT LocalDOMWindow* ToLocalDOMWindow(v8::Local<v8::Context>);

--- a/third_party/blink/renderer/core/trustedtypes/trusted_type_policy.cc
+++ b/third_party/blink/renderer/core/trustedtypes/trusted_type_policy.cc
@@ -31,13 +31,39 @@ TrustedTypePolicy* TrustedTypePolicy::Create(
 TrustedHTML* TrustedTypePolicy::createHTML(ScriptState* script_state,
                                           const String& input,
                                           ExceptionState& exception_state) {
+  return CreateHTML(script_state->GetIsolate(), input, exception_state);
+}
+
+TrustedScript* TrustedTypePolicy::createScript(
+    ScriptState* script_state,
+    const String& input,
+    ExceptionState& exception_state) {
+  return CreateScript(script_state->GetIsolate(), input, exception_state);
+}
+
+TrustedScriptURL* TrustedTypePolicy::createScriptURL(
+    ScriptState* script_state,
+    const String& input,
+    ExceptionState& exception_state) {
+  return CreateScriptURL(script_state->GetIsolate(), input, exception_state);
+}
+
+TrustedURL* TrustedTypePolicy::createURL(ScriptState* script_state,
+                                         const String& input,
+                                         ExceptionState& exception_state) {
+  return CreateURL(script_state->GetIsolate(), input, exception_state);
+}
+
+TrustedHTML* TrustedTypePolicy::CreateHTML(v8::Isolate* isolate,
+                                           const String& input,
+                                           ExceptionState& exception_state) {
  if (!policy_options_->createHTML()) {
    exception_state.ThrowTypeError(
        "Policy " + name_ +
        "'s TrustedTypePolicyOptions did not specify a 'createHTML' member.");
    return nullptr;
  }
-  v8::TryCatch try_catch(script_state->GetIsolate());
+  v8::TryCatch try_catch(isolate);
  String html;
  if (!policy_options_->createHTML()->Invoke(nullptr, input).To(&html)) {
    DCHECK(try_catch.HasCaught());
@@ -47,8 +73,8 @@ TrustedHTML* TrustedTypePolicy::createHTML(ScriptState* script_state,
  return TrustedHTML::Create(html);
 }

-TrustedScript* TrustedTypePolicy::createScript(
-    ScriptState* script_state,
+TrustedScript* TrustedTypePolicy::CreateScript(
+    v8::Isolate* isolate,
    const String& input,
    ExceptionState& exception_state) {
  if (!policy_options_->createScript()) {
@@ -57,7 +83,7 @@ TrustedScript* TrustedTypePolicy::createScript(
        "'s TrustedTypePolicyOptions did not specify a 'createScript' member.");
    return nullptr;
  }
-  v8::TryCatch try_catch(script_state->GetIsolate());
+  v8::TryCatch try_catch(isolate);
  String script;
  if (!policy_options_->createScript()->Invoke(nullptr, input).To(&script)) {
    DCHECK(try_catch.HasCaught());
@@ -67,8 +93,8 @@ TrustedScript* TrustedTypePolicy::createScript(
  return TrustedScript::Create(script);
 }

-TrustedScriptURL* TrustedTypePolicy::createScriptURL(
-    ScriptState* script_state,
+TrustedScriptURL* TrustedTypePolicy::CreateScriptURL(
+    v8::Isolate* isolate,
    const String& input,
    ExceptionState& exception_state) {
  if (!policy_options_->createScriptURL()) {
@@ -77,7 +103,7 @@ TrustedScriptURL* TrustedTypePolicy::createScriptURL(
                                   "specify a 'createScriptURL' member.");
    return nullptr;
  }
-  v8::TryCatch try_catch(script_state->GetIsolate());
+  v8::TryCatch try_catch(isolate);
  String script_url;
  if (!policy_options_->createScriptURL()
           ->Invoke(nullptr, input)
@@ -89,7 +115,7 @@ TrustedScriptURL* TrustedTypePolicy::createScriptURL(
  return TrustedScriptURL::Create(KURL(script_url));
 }

-TrustedURL* TrustedTypePolicy::createURL(ScriptState* script_state,
+TrustedURL* TrustedTypePolicy::CreateURL(v8::Isolate* isolate,
                                         const String& input,
                                         ExceptionState& exception_state) {
  if (!policy_options_->createURL()) {
@@ -98,7 +124,7 @@ TrustedURL* TrustedTypePolicy::createURL(ScriptState* script_state,
        "'s TrustedTypePolicyOptions did not specify a 'createURL' member.");
    return nullptr;
  }
-  v8::TryCatch try_catch(script_state->GetIsolate());
+  v8::TryCatch try_catch(isolate);
  String url;
  if (!policy_options_->createURL()->Invoke(nullptr, input).To(&url)) {
    DCHECK(try_catch.HasCaught());
@@ -120,4 +146,5 @@ void TrustedTypePolicy::Trace(blink::Visitor* visitor) {
  visitor->Trace(policy_options_);
  ScriptWrappable::Trace(visitor);
 }
+
 }  // namespace blink
--- a/third_party/blink/renderer/core/trustedtypes/trusted_type_policy.h
+++ b/third_party/blink/renderer/core/trustedtypes/trusted_type_policy.h
@@ -10,6 +10,7 @@
 #include "third_party/blink/renderer/platform/bindings/script_wrappable.h"
 #include "third_party/blink/renderer/platform/bindings/trace_wrapper_member.h"
 #include "third_party/blink/renderer/platform/wtf/text/wtf_string.h"
+#include "v8/include/v8.h"

 namespace blink {

@@ -27,6 +28,15 @@ class CORE_EXPORT TrustedTypePolicy final : public ScriptWrappable {
                                   TrustedTypePolicyOptions*,
                                   bool exposed);

+  TrustedHTML* CreateHTML(v8::Isolate*, const String&, ExceptionState&);
+  TrustedScript* CreateScript(v8::Isolate*, const String&, ExceptionState&);
+  TrustedScriptURL* CreateScriptURL(v8::Isolate*,
+                                    const String&,
+                                    ExceptionState&);
+  TrustedURL* CreateURL(v8::Isolate*, const String&, ExceptionState&);
+
+  // IDL generates calls with ScriptState*, which contains the Isolate*.
+  // These methods all call the Isolate* variant.
  TrustedHTML* createHTML(ScriptState*, const String&, ExceptionState&);
  TrustedScript* createScript(ScriptState*, const String&, ExceptionState&);
  TrustedScriptURL* createScriptURL(ScriptState*,

--- a/third_party/blink/renderer/core/trustedtypes/trusted_type_policy_factory.cc
+++ b/third_party/blink/renderer/core/trustedtypes/trusted_type_policy_factory.cc
@@ -34,10 +34,15 @@ TrustedTypePolicy* TrustedTypePolicyFactory::createPolicy(
  // TODO(orsibatiz): After policy naming rules are estabilished, check for the
  // policy_name to be according to them.
  if (policy_map_.Contains(policy_name)) {
-    exception_state.ThrowTypeError("Policy with name" + policy_name +
+    exception_state.ThrowTypeError("Policy with name " + policy_name +
                                   " already exists.");
    return nullptr;
  }
+  if (policy_name == "default" && !exposed) {
+    exception_state.ThrowDOMException(DOMExceptionCode::kInvalidStateError,
+                                      "The default policy must be exposed.");
+    return nullptr;
+  }
  TrustedTypePolicy* policy = TrustedTypePolicy::Create(
      policy_name, const_cast<TrustedTypePolicyOptions*>(policy_options),
      exposed);

--- a/third_party/blink/renderer/core/trustedtypes/trusted_types_util.cc
+++ b/third_party/blink/renderer/core/trustedtypes/trusted_types_util.cc
@@ -9,10 +9,14 @@
 #include "third_party/blink/renderer/bindings/core/v8/string_or_trusted_script.h"
 #include "third_party/blink/renderer/bindings/core/v8/string_or_trusted_script_url.h"
 #include "third_party/blink/renderer/bindings/core/v8/usv_string_or_trusted_url.h"
+#include "third_party/blink/renderer/bindings/core/v8/v8_binding_for_core.h"
 #include "third_party/blink/renderer/core/dom/document.h"
+#include "third_party/blink/renderer/core/frame/local_dom_window.h"
 #include "third_party/blink/renderer/core/trustedtypes/trusted_html.h"
 #include "third_party/blink/renderer/core/trustedtypes/trusted_script.h"
 #include "third_party/blink/renderer/core/trustedtypes/trusted_script_url.h"
+#include "third_party/blink/renderer/core/trustedtypes/trusted_type_policy.h"
+#include "third_party/blink/renderer/core/trustedtypes/trusted_type_policy_factory.h"
 #include "third_party/blink/renderer/core/trustedtypes/trusted_url.h"

 namespace blink {
@@ -68,17 +72,34 @@ String GetStringFromTrustedHTML(StringOrTrustedHTML string_or_trusted_html,
         RuntimeEnabledFeatures::TrustedDOMTypesEnabled());
  DCHECK(!string_or_trusted_html.IsNull());

-  if (!string_or_trusted_html.IsTrustedHTML() && doc &&
-      doc->RequireTrustedTypes()) {
+  bool require_trusted_type = doc && doc->RequireTrustedTypes();
+  if (!require_trusted_type && string_or_trusted_html.IsString()) {
+    return string_or_trusted_html.GetAsString();
+  }
+
+  if (string_or_trusted_html.IsTrustedHTML()) {
+    return string_or_trusted_html.GetAsTrustedHTML()->toString();
+  }
+
+  TrustedTypePolicy* default_policy =
+      doc->ExecutingWindow()->trustedTypes()->getExposedPolicy("default");
+  if (!default_policy) {
    exception_state.ThrowTypeError(
        "This document requires `TrustedHTML` assignment.");
    return g_empty_string;
  }

-  String markup = string_or_trusted_html.IsString()
-                      ? string_or_trusted_html.GetAsString()
-                      : string_or_trusted_html.GetAsTrustedHTML()->toString();
-  return markup;
+  TrustedHTML* result = default_policy->CreateHTML(
+      ToIsolate(doc), string_or_trusted_html.GetAsString(), exception_state);
+  if (exception_state.HadException()) {
+    exception_state.ClearException();
+    exception_state.ThrowTypeError(
+        "This document requires `TrustedHTML` assignment and 'default' policy "
+        "failed to execute.");
+    return g_empty_string;
+  }
+
+  return result->toString();
 }

 String GetStringFromTrustedScript(
@@ -89,18 +110,35 @@ String GetStringFromTrustedScript(
         RuntimeEnabledFeatures::TrustedDOMTypesEnabled());
  DCHECK(!string_or_trusted_script.IsNull());

-  if (!string_or_trusted_script.IsTrustedScript() && doc &&
-      doc->RequireTrustedTypes()) {
+  bool require_trusted_type = doc && doc->RequireTrustedTypes();
+  if (!require_trusted_type && string_or_trusted_script.IsString()) {
+    return string_or_trusted_script.GetAsString();
+  }
+
+  if (string_or_trusted_script.IsTrustedScript()) {
+    return string_or_trusted_script.GetAsTrustedScript()->toString();
+  }
+
+  TrustedTypePolicy* default_policy =
+      doc->ExecutingWindow()->trustedTypes()->getExposedPolicy("default");
+  if (!default_policy) {
    exception_state.ThrowTypeError(
        "This document requires `TrustedScript` assignment.");
    return g_empty_string;
  }

-  String markup =
-      string_or_trusted_script.IsString()
-          ? string_or_trusted_script.GetAsString()
-          : string_or_trusted_script.GetAsTrustedScript()->toString();
-  return markup;
+  TrustedScript* result = default_policy->CreateScript(
+      ToIsolate(doc), string_or_trusted_script.GetAsString(), exception_state);
+  if (exception_state.HadException()) {
+    exception_state.ClearException();
+    exception_state.ThrowTypeError(
+        "This document requires `TrustedScript` assignment and 'default' "
+        "policy "
+        "failed to execute.");
+    return g_empty_string;
+  }
+
+  return result->toString();
 }

 String GetStringFromTrustedScriptURL(
@@ -111,18 +149,37 @@ String GetStringFromTrustedScriptURL(
         RuntimeEnabledFeatures::TrustedDOMTypesEnabled());
  DCHECK(!string_or_trusted_script_url.IsNull());

-  if (!string_or_trusted_script_url.IsTrustedScriptURL() && doc &&
-      doc->RequireTrustedTypes()) {
+  bool require_trusted_type = doc && doc->RequireTrustedTypes();
+  if (!require_trusted_type && string_or_trusted_script_url.IsString()) {
+    return string_or_trusted_script_url.GetAsString();
+  }
+
+  if (string_or_trusted_script_url.IsTrustedScriptURL()) {
+    return string_or_trusted_script_url.GetAsTrustedScriptURL()->toString();
+  }
+
+  TrustedTypePolicy* default_policy =
+      doc->ExecutingWindow()->trustedTypes()->getExposedPolicy("default");
+  if (!default_policy) {
    exception_state.ThrowTypeError(
        "This document requires `TrustedScriptURL` assignment.");
    return g_empty_string;
  }

-  String markup =
-      string_or_trusted_script_url.IsString()
-          ? string_or_trusted_script_url.GetAsString()
-          : string_or_trusted_script_url.GetAsTrustedScriptURL()->toString();
-  return markup;
+  TrustedScriptURL* result = default_policy->CreateScriptURL(
+      ToIsolate(doc), string_or_trusted_script_url.GetAsString(),
+      exception_state);
+
+  if (exception_state.HadException()) {
+    exception_state.ClearException();
+    exception_state.ThrowTypeError(
+        "This document requires `TrustedScriptURL` assignment and 'default' "
+        "policy "
+        "failed to execute.");
+    return g_empty_string;
+  }
+
+  return result->toString();
 }

 String GetStringFromTrustedURL(USVStringOrTrustedURL string_or_trusted_url,
@@ -132,16 +189,33 @@ String GetStringFromTrustedURL(USVStringOrTrustedURL string_or_trusted_url,
         RuntimeEnabledFeatures::TrustedDOMTypesEnabled());
  DCHECK(!string_or_trusted_url.IsNull());

-  if (!string_or_trusted_url.IsTrustedURL() && doc &&
-      doc->RequireTrustedTypes()) {
+  bool require_trusted_type = doc && doc->RequireTrustedTypes();
+  if (!require_trusted_type && string_or_trusted_url.IsUSVString()) {
+    return string_or_trusted_url.GetAsUSVString();
+  }
+
+  if (string_or_trusted_url.IsTrustedURL()) {
+    return string_or_trusted_url.GetAsTrustedURL()->toString();
+  }
+
+  TrustedTypePolicy* default_policy =
+      doc->ExecutingWindow()->trustedTypes()->getExposedPolicy("default");
+  if (!default_policy) {
    exception_state.ThrowTypeError(
        "This document requires `TrustedURL` assignment.");
    return g_empty_string;
  }

-  String markup = string_or_trusted_url.IsUSVString()
-                      ? string_or_trusted_url.GetAsUSVString()
-                      : string_or_trusted_url.GetAsTrustedURL()->toString();
-  return markup;
+  TrustedURL* result = default_policy->CreateURL(
+      ToIsolate(doc), string_or_trusted_url.GetAsUSVString(), exception_state);
+  if (exception_state.HadException()) {
+    exception_state.ClearException();
+    exception_state.ThrowTypeError(
+        "This document requires `TrustedURL` assignment and 'default' policy "
+        "failed to execute.");
+    return g_empty_string;
+  }
+
+  return result->toString();
 }
 }  // namespace blink
--- a/third_party/blink/renderer/core/trustedtypes/trusted_types_util_test.cc
+++ b/third_party/blink/renderer/core/trustedtypes/trusted_types_util_test.cc
@@ -12,6 +12,7 @@
 #include "third_party/blink/renderer/bindings/core/v8/string_or_trusted_script_url.h"
 #include "third_party/blink/renderer/bindings/core/v8/usv_string_or_trusted_url.h"
 #include "third_party/blink/renderer/core/dom/document.h"
+#include "third_party/blink/renderer/core/testing/dummy_page_holder.h"
 #include "third_party/blink/renderer/core/trustedtypes/trusted_html.h"
 #include "third_party/blink/renderer/core/trustedtypes/trusted_script.h"
 #include "third_party/blink/renderer/core/trustedtypes/trusted_script_url.h"
@@ -37,11 +38,14 @@ void GetStringFromTrustedTypeThrows(

 void GetStringFromTrustedHTMLThrows(
    const StringOrTrustedHTML& string_or_trusted_html) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
  ASSERT_FALSE(exception_state.HadException());
-  String s = GetStringFromTrustedHTML(string_or_trusted_html, document,
+  String s = GetStringFromTrustedHTML(string_or_trusted_html, &document,
                                      exception_state);
  EXPECT_TRUE(exception_state.HadException());
  EXPECT_EQ(ESErrorType::kTypeError, exception_state.CodeAs<ESErrorType>());
@@ -50,11 +54,14 @@ void GetStringFromTrustedHTMLThrows(

 void GetStringFromTrustedScriptThrows(
    const StringOrTrustedScript& string_or_trusted_script) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
  ASSERT_FALSE(exception_state.HadException());
-  String s = GetStringFromTrustedScript(string_or_trusted_script, document,
+  String s = GetStringFromTrustedScript(string_or_trusted_script, &document,
                                        exception_state);
  EXPECT_TRUE(exception_state.HadException());
  EXPECT_EQ(ESErrorType::kTypeError, exception_state.CodeAs<ESErrorType>());
@@ -63,12 +70,15 @@ void GetStringFromTrustedScriptThrows(

 void GetStringFromTrustedScriptURLThrows(
    const StringOrTrustedScriptURL& string_or_trusted_script_url) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
  ASSERT_FALSE(exception_state.HadException());
  String s = GetStringFromTrustedScriptURL(string_or_trusted_script_url,
-                                           document, exception_state);
+                                           &document, exception_state);
  EXPECT_TRUE(exception_state.HadException());
  EXPECT_EQ(ESErrorType::kTypeError, exception_state.CodeAs<ESErrorType>());
  exception_state.ClearException();
@@ -76,12 +86,15 @@ void GetStringFromTrustedScriptURLThrows(

 void GetStringFromTrustedURLThrows(
    const USVStringOrTrustedURL& string_or_trusted_url) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
  ASSERT_FALSE(exception_state.HadException());
-  String s =
-      GetStringFromTrustedURL(string_or_trusted_url, document, exception_state);
+  String s = GetStringFromTrustedURL(string_or_trusted_url, &document,
+                                     exception_state);
  EXPECT_TRUE(exception_state.HadException());
  EXPECT_EQ(ESErrorType::kTypeError, exception_state.CodeAs<ESErrorType>());
  exception_state.ClearException();
@@ -103,10 +116,13 @@ void GetStringFromTrustedTypeWorks(
 void GetStringFromTrustedHTMLWorks(
    const StringOrTrustedHTML& string_or_trusted_html,
    String expected) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
-  String s = GetStringFromTrustedHTML(string_or_trusted_html, document,
+  String s = GetStringFromTrustedHTML(string_or_trusted_html, &document,
                                      exception_state);
  ASSERT_EQ(s, expected);
 }
@@ -114,10 +130,13 @@ void GetStringFromTrustedHTMLWorks(
 void GetStringFromTrustedScriptWorks(
    const StringOrTrustedScript& string_or_trusted_script,
    String expected) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
-  String s = GetStringFromTrustedScript(string_or_trusted_script, document,
+  String s = GetStringFromTrustedScript(string_or_trusted_script, &document,
                                        exception_state);
  ASSERT_EQ(s, expected);
 }
@@ -125,22 +144,28 @@ void GetStringFromTrustedScriptWorks(
 void GetStringFromTrustedScriptURLWorks(
    const StringOrTrustedScriptURL& string_or_trusted_script_url,
    String expected) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
  String s = GetStringFromTrustedScriptURL(string_or_trusted_script_url,
-                                           document, exception_state);
+                                           &document, exception_state);
  ASSERT_EQ(s, expected);
 }

 void GetStringFromTrustedURLWorks(
    const USVStringOrTrustedURL& string_or_trusted_url,
    String expected) {
-  Document* document = Document::CreateForTest();
-  document->SetRequireTrustedTypes();
+  std::unique_ptr<DummyPageHolder> dummy_page_holder =
+      DummyPageHolder::Create(IntSize(800, 600));
+  Document& document = dummy_page_holder->GetDocument();
+  document.SetRequireTrustedTypes();
+  V8TestingScope scope;
  DummyExceptionStateForTesting exception_state;
-  String s =
-      GetStringFromTrustedURL(string_or_trusted_url, document, exception_state);
+  String s = GetStringFromTrustedURL(string_or_trusted_url, &document,
+                                     exception_state);
  ASSERT_EQ(s, expected);
 }