Add a Trusted Type test for setting ShadowRoot's innerHTML.

This is essentially a copy of block-string-assignment-to-ShadowRoot-setHTMLUnsafe.html, replacing set `shadowRoot.setHTMLUnsafe(html)` with `shadowRoot.innerHTML = html`. Note that innerHTML uses `LegacyNullToEmptyString`, so setting it to a null behaves slightly differently. Differential Revision: https://phabricator.services.mozilla.com/D229149 bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1931276 gecko-commit: 4b6f5fdc1a0ddf5ebd66be2d36743ac965489599 gecko-reviewers: smaug
web-platform-tests · Nov 30, 2024 · 982d859 · 982d859
1 parent 643af85
commit 982d859
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 14 deletions.
diff --git a/trusted-types/block-string-assignment-to-ShadowRoot-innerHTML.html b/trusted-types/block-string-assignment-to-ShadowRoot-innerHTML.html
@@ -0,0 +1,79 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <script src="support/helper.sub.js"></script>
+
+  <meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script';">
+</head>
+<body>
+<div id="container"></div>
+<script>
+  var container = document.querySelector('#container')
+  const cleanupPolicy =
+    trustedTypes.createPolicy('cleanup', { createHTML: _ => "" });
+  function cleanup() { container.innerHTML = cleanupPolicy.createHTML(""); }
+
+  // TrustedHTML assignments do not throw.
+  test(t => {
+    t.add_cleanup(cleanup);
+    let p = createHTML_policy(window, 1);
+    let html = p.createHTML(INPUTS.HTML);
+
+    let d = document.createElement('div');
+    let s = d.attachShadow({mode: 'open'});
+    document.querySelector('#container').appendChild(d);
+    s.innerHTML = html;
+    assert_equals(s.innerHTML, RESULTS.HTML);
+  }, "shadowRoot.innerHTML = html assigned via policy (successful HTML transformation).");
+
+  // String assignments throw.
+  test(t => {
+    t.add_cleanup(cleanup);
+    let d = document.createElement('div');
+    let s = d.attachShadow({mode: 'open'});
+    container.appendChild(d);
+    assert_throws_js(TypeError, _ => {
+      s.innerHTML = "Fail";
+    });
+    assert_equals(s.innerHTML, "");
+  }, "`shadowRoot.innerHTML = string` throws.");
+
+  // Null assignment throws.
+  test(t => {
+    t.add_cleanup(cleanup);
+    let d = document.createElement('div');
+    let s = d.attachShadow({mode: 'open'});
+    container.appendChild(d);
+    assert_throws_js(TypeError, _ => {
+      s.innerHTML = null;
+    });
+    assert_equals(s.innerHTML, "");
+  }, "`shadowRoot.innerHTML = null` throws.");
+
+  // After default policy creation string assignment implicitly calls createHTML.
+  test(t => {
+    t.add_cleanup(cleanup);
+    let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS });
+
+    let d = document.createElement('div');
+    let s = d.attachShadow({mode: 'open'});
+    document.querySelector('#container').appendChild(d);
+    s.innerHTML = INPUTS.HTML;
+    assert_equals(s.innerHTML, RESULTS.HTML);
+  }, "`shadowRoot.innerHTML = string` assigned via default policy (successful HTML transformation).");
+
+  // After default policy creation null assignment implicitly calls createHTML.
+  // null is treated as an empty string.
+  test(t => {
+    t.add_cleanup(cleanup);
+    let d = document.createElement('div');
+    let s = d.attachShadow({mode: 'open'});
+    container.appendChild(d);
+    s.innerHTML = null;
+    assert_equals(s.innerHTML, "");
+  }, "`shadowRoot.innerHTML = string` assigned via default policy does not throw");
+</script>
+</body>
+</html>
diff --git a/trusted-types/block-string-assignment-to-ShadowRoot-setHTMLUnsafe.html b/trusted-types/block-string-assignment-to-ShadowRoot-setHTMLUnsafe.html
@@ -12,9 +12,13 @@
 <div id="container"></div>
 <script>
   var container = document.querySelector('#container')
+  const cleanupPolicy =
+    trustedTypes.createPolicy('cleanup', { createHTML: _ => "" });
+  function cleanup() { container.innerHTML = cleanupPolicy.createHTML(""); }
 
   // TrustedHTML assignments do not throw.
   test(t => {
+    t.add_cleanup(cleanup);
     let p = createHTML_policy(window, 1);
     let html = p.createHTML(INPUTS.HTML);
 
@@ -23,61 +27,52 @@
     document.querySelector('#container').appendChild(d);
     s.setHTMLUnsafe(html);
     assert_equals(s.innerHTML, RESULTS.HTML);
-
-    while (container.firstChild)
-      container.firstChild.remove();
   }, "shadowRoot.setHTMLUnsafe(html) assigned via policy (successful HTML transformation).");
 
   // String assignments throw.
   test(t => {
+    t.add_cleanup(cleanup);
     let d = document.createElement('div');
     let s = d.attachShadow({mode: 'open'});
     container.appendChild(d);
     assert_throws_js(TypeError, _ => {
       s.setHTMLUnsafe("Fail");
     });
     assert_equals(s.innerHTML, "");
-    while (container.firstChild)
-      container.firstChild.remove();
   }, "`shadowRoot.setHTMLUnsafe(string)` throws.");
 
   // Null assignment throws.
   test(t => {
+    t.add_cleanup(cleanup);
     let d = document.createElement('div');
     let s = d.attachShadow({mode: 'open'});
     container.appendChild(d);
     assert_throws_js(TypeError, _ => {
       s.setHTMLUnsafe(null);
     });
     assert_equals(s.innerHTML, "");
-    while (container.firstChild)
-      container.firstChild.remove();
   }, "`shadowRoot.setHTMLUnsafe(null)` throws.");
 
   // After default policy creation string assignment implicitly calls createHTML.
   test(t => {
-    let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS }, true);
+    t.add_cleanup(cleanup);
+    let p = window.trustedTypes.createPolicy("default", { createHTML: createHTMLJS });
 
     let d = document.createElement('div');
     let s = d.attachShadow({mode: 'open'});
     document.querySelector('#container').appendChild(d);
     s.setHTMLUnsafe(INPUTS.HTML);
     assert_equals(s.innerHTML, RESULTS.HTML);
-
-    while (container.firstChild)
-      container.firstChild.remove();
   }, "`shadowRoot.setHTMLUnsafe(string)` assigned via default policy (successful HTML transformation).");
 
   // After default policy creation null assignment implicitly calls createHTML.
   test(t => {
+    t.add_cleanup(cleanup);
     let d = document.createElement('div');
     let s = d.attachShadow({mode: 'open'});
     container.appendChild(d);
     s.setHTMLUnsafe(null);
     assert_equals(s.innerHTML, "null");
-
-    while (container.firstChild)
-      container.firstChild.remove();
   }, "`shadowRoot.setHTMLUnsafe(string)` assigned via default policy does not throw");
 </script>
 </body>