Commit dc20fdde authored by Stefano Sanfilippo's avatar Stefano Sanfilippo Committed by Commit Bot

[Trusted Types] Clean up uses of "trusted-types *".

Change-Id: Id71c80eb058ddd35ecda8156a2faf742d25faf24
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2095536Reviewed-by: default avatarAndy Paicu <andypaicu@chromium.org>
Reviewed-by: default avatarDaniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Stefano Sanfilippo <ssanfilippo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#749182}
parent 62b01f85
<!doctype html> <!doctype html>
<html> <html>
<head> <head>
<meta http-equiv="Content-Security-Policy" content="trusted-types *"> <meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script'">
<title>Define a restrictive CSP trusted-types directive.</title> <title>Define a restrictive CSP trusted-types directive.</title>
</head> </head>
<body> <body>
......
...@@ -1404,6 +1404,28 @@ TEST_F(ContentSecurityPolicyTest, TrustedTypesStar) { ...@@ -1404,6 +1404,28 @@ TEST_F(ContentSecurityPolicyTest, TrustedTypesStar) {
EXPECT_FALSE(csp->AllowTrustedTypePolicy("somepolicy", true)); EXPECT_FALSE(csp->AllowTrustedTypePolicy("somepolicy", true));
} }
TEST_F(ContentSecurityPolicyTest, TrustedTypesStarMix) {
csp->BindToDelegate(execution_context->GetContentSecurityPolicyDelegate());
csp->DidReceiveHeader("trusted-types abc * def",
ContentSecurityPolicyType::kEnforce,
ContentSecurityPolicySource::kHTTP);
EXPECT_TRUE(csp->AllowTrustedTypePolicy("abc", false));
EXPECT_TRUE(csp->AllowTrustedTypePolicy("def", false));
EXPECT_TRUE(csp->AllowTrustedTypePolicy("ghi", false));
EXPECT_FALSE(csp->AllowTrustedTypePolicy("abc", true));
EXPECT_FALSE(csp->AllowTrustedTypePolicy("def", true));
EXPECT_FALSE(csp->AllowTrustedTypePolicy("ghi", true));
}
TEST_F(ContentSecurityPolicyTest, TrustedTypeDupe) {
csp->BindToDelegate(execution_context->GetContentSecurityPolicyDelegate());
csp->DidReceiveHeader("trusted-types somepolicy 'allow-duplicates'",
ContentSecurityPolicyType::kEnforce,
ContentSecurityPolicySource::kHTTP);
EXPECT_TRUE(csp->AllowTrustedTypePolicy("somepolicy", false));
EXPECT_TRUE(csp->AllowTrustedTypePolicy("somepolicy", true));
}
TEST_F(ContentSecurityPolicyTest, TrustedTypeDupeStar) { TEST_F(ContentSecurityPolicyTest, TrustedTypeDupeStar) {
csp->BindToDelegate(execution_context->GetContentSecurityPolicyDelegate()); csp->BindToDelegate(execution_context->GetContentSecurityPolicyDelegate());
csp->DidReceiveHeader("trusted-types * 'allow-duplicates'", csp->DidReceiveHeader("trusted-types * 'allow-duplicates'",
......
...@@ -23,9 +23,6 @@ namespace blink { ...@@ -23,9 +23,6 @@ namespace blink {
void TrustedTypesCheckForHTMLThrows(const String& string) { void TrustedTypesCheckForHTMLThrows(const String& string) {
auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600)); auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600));
Document& document = dummy_page_holder->GetDocument(); Document& document = dummy_page_holder->GetDocument();
document.GetContentSecurityPolicy()->DidReceiveHeader(
"trusted-types *", network::mojom::ContentSecurityPolicyType::kEnforce,
network::mojom::ContentSecurityPolicySource::kMeta);
V8TestingScope scope; V8TestingScope scope;
DummyExceptionStateForTesting exception_state; DummyExceptionStateForTesting exception_state;
ASSERT_FALSE(exception_state.HadException()); ASSERT_FALSE(exception_state.HadException());
...@@ -46,9 +43,6 @@ void TrustedTypesCheckForHTMLThrows(const String& string) { ...@@ -46,9 +43,6 @@ void TrustedTypesCheckForHTMLThrows(const String& string) {
void TrustedTypesCheckForScriptThrows(const String& string) { void TrustedTypesCheckForScriptThrows(const String& string) {
auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600)); auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600));
Document& document = dummy_page_holder->GetDocument(); Document& document = dummy_page_holder->GetDocument();
document.GetContentSecurityPolicy()->DidReceiveHeader(
"trusted-types *", network::mojom::ContentSecurityPolicyType::kEnforce,
network::mojom::ContentSecurityPolicySource::kMeta);
V8TestingScope scope; V8TestingScope scope;
DummyExceptionStateForTesting exception_state; DummyExceptionStateForTesting exception_state;
ASSERT_FALSE(exception_state.HadException()); ASSERT_FALSE(exception_state.HadException());
...@@ -71,9 +65,6 @@ void TrustedTypesCheckForScriptThrows(const String& string) { ...@@ -71,9 +65,6 @@ void TrustedTypesCheckForScriptThrows(const String& string) {
void TrustedTypesCheckForScriptURLThrows(const String& string) { void TrustedTypesCheckForScriptURLThrows(const String& string) {
auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600)); auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600));
Document& document = dummy_page_holder->GetDocument(); Document& document = dummy_page_holder->GetDocument();
document.GetContentSecurityPolicy()->DidReceiveHeader(
"trusted-types *", network::mojom::ContentSecurityPolicyType::kEnforce,
network::mojom::ContentSecurityPolicySource::kMeta);
V8TestingScope scope; V8TestingScope scope;
DummyExceptionStateForTesting exception_state; DummyExceptionStateForTesting exception_state;
ASSERT_FALSE(exception_state.HadException()); ASSERT_FALSE(exception_state.HadException());
...@@ -98,9 +89,6 @@ void TrustedTypesCheckForScriptWorks( ...@@ -98,9 +89,6 @@ void TrustedTypesCheckForScriptWorks(
String expected) { String expected) {
auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600)); auto dummy_page_holder = std::make_unique<DummyPageHolder>(IntSize(800, 600));
Document& document = dummy_page_holder->GetDocument(); Document& document = dummy_page_holder->GetDocument();
document.GetContentSecurityPolicy()->DidReceiveHeader(
"trusted-types *", network::mojom::ContentSecurityPolicyType::kEnforce,
network::mojom::ContentSecurityPolicySource::kMeta);
V8TestingScope scope; V8TestingScope scope;
DummyExceptionStateForTesting exception_state; DummyExceptionStateForTesting exception_state;
String s = TrustedTypesCheckForScript( String s = TrustedTypesCheckForScript(
......
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<meta http-equiv="Content-Security-Policy" content="trusted-types *; require-trusted-types-for 'script';"> <meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script';">
<script> <script>
if (window.testRunner) { if (window.testRunner) {
testRunner.dumpAsText(); testRunner.dumpAsText();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment