1487445 - [wpt-sync] Sync PR 12764 - Element::setAttribute() modified to accept TrustedTypes

Status: RESOLVED FIXED

(Core :: DOM: Security, enhancement, P4)

Description

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Sync web-platform-tests PR 12764 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/12764
Details from upstream follow.

Maja Kabus <kabusm@google.com> wrote:
>  Element::setAttribute() modified to accept TrustedTypes
>  
>  Element::setAttribute() modified to accept generic TrustedType
>  (StringOrTrustedHTMLOrTrustedScriptOrTrustedScriptURLOrTrustedURL)
>  (the name will be changed later).
>  This is the implementation used for setting attributes explicitly.
>  
>  Added new implementations of Element::setAttribute(),
>  one per each Trusted Type, to be used internally
>  in HTMLElement functions.
>  
>  Corrected existing TrustedXXX::GetString() implementations
>  to be concise.
>  Added TrustedScriptURL::GetString().
>  
>  Bug: 739170
>  Change-Id: I3a9f51cbed5d75f8059141738b419cc66e529006
>  
>  Reviewed-on: https://chromium-review.googlesource.com/1146563
>  WPT-Export-Revision: 3da8b1bf5d8d05f1228ec7abfda9c259c66331ce

Comment 1

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=fe75fb9f65173dcac64a93a1f6f9292425edcc16

Comment 2

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=107110cbe2afc78accbfd70a5639e53193f0837b

Comment 3

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=681aeed3fb40bb05c5ab5d11a9279927b6549742

Comment 4

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=a038ed2a4251b52b7b440e06591842feeffe71ff

Comment 5

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=5fa06226c626ac6539c57f61abf046c460400bc1

Comment 6

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=1aadf42d1319c0d4d52c514fb95fb0b30d4089e9

Comment 7

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=afbf0bf0d97586371e826e53401b1fe0522b3e8b

Comment 8

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=309c37f540e059b626c4e40131365cd9a39b23bd

Comment 9

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=3160dffaa8c1570d505389af21d4e8192b55d668

Comment 10

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=272227edcabb91ce6a27a3c2a47b8c27c169621c

Comment 11

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Ran 25 tests and 144 subtests
OK     : 22
PASS   : 6
FAIL   : 138
TIMEOUT: 3

New tests that have failures or other problems:
/trusted-types/Element-setAttribute.tentative.html
    a.href assigned via policy (successful URL transformation): FAIL
    a.rel assigned via policy (successful URL transformation): FAIL
    area.href assigned via policy (successful URL transformation): FAIL
    base.href assigned via policy (successful URL transformation): FAIL
    embed.src assigned via policy (successful ScriptURL transformation): FAIL
    frame.src assigned via policy (successful URL transformation): FAIL
    iframe.src assigned via policy (successful URL transformation): FAIL
    iframe.srcdoc assigned via policy (successful HTML transformation): FAIL
    img.src assigned via policy (successful URL transformation): FAIL
    input.src assigned via policy (successful URL transformation): FAIL
    link.href assigned via policy (successful URL transformation): FAIL
    object.codeBase assigned via policy (successful URL transformation): FAIL
    object.data assigned via policy (successful URL transformation): FAIL
    script.src assigned via policy (successful ScriptURL transformation): FAIL
    source.src assigned via policy (successful URL transformation): FAIL
    track.src assigned via policy (successful URL transformation): FAIL
    video.src assigned via policy (successful URL transformation): FAIL
/trusted-types/block-string-assignment-to-Element-setAttribute.tentative.html
    a.href accepts only TrustedURL: FAIL
    a.rel assigned via policy (successful URL transformation): FAIL
    area.href accepts only TrustedURL: FAIL
    base.href accepts only TrustedURL: FAIL
    embed.src accepts only TrustedScriptURL: FAIL
    frame.src accepts only TrustedURL: FAIL
    iframe.src accepts only TrustedURL: FAIL
    iframe.srcdoc accepts only TrustedHTML: FAIL
    img.src accepts only TrustedURL: FAIL
    input.src accepts only TrustedURL: FAIL
    link.href accepts only TrustedURL: FAIL
    object.codeBase accepts only TrustedURL: FAIL
    object.data accepts only TrustedURL: FAIL
    script.src accepts only TrustedScriptURL: FAIL
    source.src accepts only TrustedURL: FAIL
    track.src accepts only TrustedURL: FAIL
    video.src accepts only TrustedURL: FAIL

Comment 12

[Pulsebot]

Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/bf7a9b6ec543
[wpt PR 12764] - Element::setAttribute() modified to accept TrustedTypes, a=testonly
https://hg.mozilla.org/integration/mozilla-inbound/rev/50a3b8c5bb8b
[wpt PR 12764] - Update wpt metadata, a=testonly

Comment 13

[Daniel Varga [:dvarga]]

https://hg.mozilla.org/mozilla-central/rev/bf7a9b6ec543
https://hg.mozilla.org/mozilla-central/rev/50a3b8c5bb8b