Trusted Types: In report-only mode, assignment should pass

... even if default policy application fails.

Bug: 739170
Change-Id: I2a44b281eea185f5b34b3050a14dca219f38d5fc
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1789303Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#695962}

third_party/blink/renderer/core/trustedtypes/trusted_types_util.cc

@@ -290,9 +290,12 @@ String GetStringFromTrustedHTML(const String& string,
   }
 
   if (result->toString().IsNull()) {
-    TrustedTypeFail(kTrustedHTMLAssignmentAndDefaultPolicyFailed,
-                    execution_context, exception_state, string);
-    return g_empty_string;
+    if (TrustedTypeFail(kTrustedHTMLAssignmentAndDefaultPolicyFailed,
+                        execution_context, exception_state, string)) {
+      return g_empty_string;
+    } else {
+      return string;
+    }
   }
 
   return result->toString();
@@ -346,9 +349,12 @@ String GetStringFromTrustedScript(const String& potential_script,
   }
 
   if (result->toString().IsNull()) {
-    TrustedTypeFail(kTrustedScriptAssignmentAndDefaultPolicyFailed,
-                    execution_context, exception_state, potential_script);
-    return g_empty_string;
+    if (TrustedTypeFail(kTrustedScriptAssignmentAndDefaultPolicyFailed,
+                        execution_context, exception_state, potential_script)) {
+      return g_empty_string;
+    } else {
+      return potential_script;
+    }
   }
 
   return result->toString();
@@ -390,9 +396,12 @@ String GetStringFromTrustedScriptURL(
   }
 
   if (result->toString().IsNull()) {
-    TrustedTypeFail(kTrustedScriptURLAssignmentAndDefaultPolicyFailed,
-                    execution_context, exception_state, string);
-    return g_empty_string;
+    if (TrustedTypeFail(kTrustedScriptURLAssignmentAndDefaultPolicyFailed,
+                        execution_context, exception_state, string)) {
+      return g_empty_string;
+    } else {
+      return string;
+    }
   }
 
   return result->toString();
@@ -430,9 +439,12 @@ String GetStringFromTrustedURL(USVStringOrTrustedURL string_or_trusted_url,
   }
 
   if (result->toString().IsNull()) {
-    TrustedTypeFail(kTrustedURLAssignmentAndDefaultPolicyFailed,
-                    execution_context, exception_state, string);
-    return g_empty_string;
+    if (TrustedTypeFail(kTrustedURLAssignmentAndDefaultPolicyFailed,
+                        execution_context, exception_state, string)) {
+      return g_empty_string;
+    } else {
+      return string;
+    }
   }
 
   return result->toString();

third_party/blink/web_tests/external/wpt/trusted-types/default-policy-report-only.tentative.html

@@ -7,26 +7,6 @@
 </head>
 <body>
 <script>
-
-// We expect to run this test in two instances, enforcing and report-only
-// Trusted Type policies. We'll infer from our URL which one we are.
-//
-// The expected file names/headers are:
-// - default-policy.tentative.html:
-//     Content-Security-Policy: trusted-types *
-// - default-policy-report-only.tentative.html:
-//    Content-Security-Policy-Report-Only: trusted-types *
-//
-// The behaviour of the tests should be _mostly_ identical, except that
-// Trusted Types relevant assignments should only throw in the enforced
-// case. We will use assert_throws for things that should always throw
-// (i.e., regular exceptions), and maybe_throws for tests that should only
-// throw in TT-enforcing mode.
-const is_report_only = document.location.pathname.includes("report-only");
-const maybe_throws = (is_report_only
-  ? (error, fn, message) => fn()
-  : assert_throws);
-
 // Ensure that only the right events trigger violation reports.
 // The Promise will resolve, when an event including the string "done" is
 // received. The last line of this test file will cause this trigger.
@@ -69,7 +49,8 @@ const testCases = [
 testCases.forEach(c => {
   test(t => {
     const element = document.createElement(c[0]);
-    maybe_throws(TypeError(), _ => element[c[1]] = "nodefault");
+    element[c[1]] = "nodefault";
+    assert_true(element[c[1]].includes("nodefault"));
   }, `${c[0]}.${c[1]} no default policy`);
 });
 
@@ -105,7 +86,8 @@ testCases.forEach(c => {
   }, name + "default");
   test(t => {
     const element = document.createElement(c[0]);
-    maybe_throws(TypeError(), _ => element[c[1]] = "null");
+    element[c[1]] = "null";
+    assert_true(element[c[1]].includes("null"));
   }, name + "null");
   test(t => {
     const element = document.createElement(c[0]);
@@ -113,7 +95,8 @@ testCases.forEach(c => {
   }, name + "throw");
   test(t => {
     const element = document.createElement(c[0]);
-    maybe_throws(TypeError(), _ => element[c[1]] = "undefined");
+    element[c[1]] = "undefined";
+    assert_true(element[c[1]].includes("undefined"));
   }, name + "undefined");
   test(t => {
     const element = document.createElement(c[0]);

third_party/blink/web_tests/external/wpt/trusted-types/default-policy.tentative.html

@@ -7,26 +7,6 @@
 </head>
 <body>
 <script>
-
-// We expect to run this test in two instances, enforcing and report-only
-// Trusted Type policies. We'll infer from our URL which one we are.
-//
-// The expected file names/headers are:
-// - default-policy.tentative.html:
-//     Content-Security-Policy: trusted-types *
-// - default-policy-report-only.tentative.html:
-//    Content-Security-Policy-Report-Only: trusted-types *
-//
-// The behaviour of the tests should be _mostly_ identical, except that
-// Trusted Types relevant assignments should only throw in the enforced
-// case. We will use assert_throws for things that should always throw
-// (i.e., regular exceptions), and maybe_throws for tests that should only
-// throw in TT-enforcing mode.
-const is_report_only = document.location.pathname.includes("report-only");
-const maybe_throws = (is_report_only
-  ? (error, fn, message) => fn()
-  : assert_throws);
-
 // Ensure that only the right events trigger violation reports.
 // The Promise will resolve, when an event including the string "done" is
 // received. The last line of this test file will cause this trigger.
@@ -69,7 +49,8 @@ const testCases = [
 testCases.forEach(c => {
   test(t => {
     const element = document.createElement(c[0]);
-    maybe_throws(TypeError(), _ => element[c[1]] = "nodefault");
+    assert_throws(TypeError(), _ => element[c[1]] = "nodefault");
+    assert_equals(element[c[1]], "");
   }, `${c[0]}.${c[1]} no default policy`);
 });
 
@@ -105,7 +86,8 @@ testCases.forEach(c => {
   }, name + "default");
   test(t => {
     const element = document.createElement(c[0]);
-    maybe_throws(TypeError(), _ => element[c[1]] = "null");
+    assert_throws(TypeError(), _ => element[c[1]] = "null");
+    assert_equals(element[c[1]], "");
   }, name + "null");
   test(t => {
     const element = document.createElement(c[0]);
@@ -113,7 +95,8 @@ testCases.forEach(c => {
   }, name + "throw");
   test(t => {
     const element = document.createElement(c[0]);
-    maybe_throws(TypeError(), _ => element[c[1]] = "undefined");
+    assert_throws(TypeError(), _ => element[c[1]] = "undefined");
+    assert_equals(element[c[1]], "");
   }, name + "undefined");
   test(t => {
     const element = document.createElement(c[0]);