Closed
Bug 1487445
Opened 7 years ago
Closed 7 years ago
[wpt-sync] Sync PR 12764 - Element::setAttribute() modified to accept TrustedTypes
Categories
(Core :: DOM: Security, enhancement, P4)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla64
| Tracking | Status | |
|---|---|---|
| firefox64 | --- | fixed |
People
(Reporter: wpt-sync, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream][domsecurity-backlog])
Sync web-platform-tests PR 12764 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/12764
Details from upstream follow.
Maja Kabus <kabusm@google.com> wrote:
> Element::setAttribute() modified to accept TrustedTypes
>
> Element::setAttribute() modified to accept generic TrustedType
> (StringOrTrustedHTMLOrTrustedScriptOrTrustedScriptURLOrTrustedURL)
> (the name will be changed later).
> This is the implementation used for setting attributes explicitly.
>
> Added new implementations of Element::setAttribute(),
> one per each Trusted Type, to be used internally
> in HTMLElement functions.
>
> Corrected existing TrustedXXX::GetString() implementations
> to be concise.
> Added TrustedScriptURL::GetString().
>
> Bug: 739170
> Change-Id: I3a9f51cbed5d75f8059141738b419cc66e529006
>
> Reviewed-on: https://chromium-review.googlesource.com/1146563
> WPT-Export-Revision: 3da8b1bf5d8d05f1228ec7abfda9c259c66331ce
|
Assignee | |
Updated•7 years ago
|
Component: web-platform-tests → DOM: Security
Product: Testing → Core
|
|
Assignee | |
Comment 1•7 years ago
|
||
|
|
Assignee | |
Comment 2•7 years ago
|
||
|
|
Assignee | |
Comment 3•7 years ago
|
||
|
|
Assignee | |
Comment 4•7 years ago
|
||
|
|
Assignee | |
Comment 5•7 years ago
|
||
|
||
Updated•7 years ago
|
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
|
|
Assignee | |
Updated•7 years ago
|
Whiteboard: [wptsync downstream][domsecurity-backlog] → [wptsync downstream]
|
|
Assignee | |
Comment 6•7 years ago
|
||
|
|
||
Updated•7 years ago
|
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
|
|
Assignee | |
Updated•7 years ago
|
Whiteboard: [wptsync downstream][domsecurity-backlog] → [wptsync downstream]
|
|
Assignee | |
Comment 7•7 years ago
|
||
|
|
Assignee | |
Comment 8•7 years ago
|
||
|
|
Assignee | |
Comment 9•7 years ago
|
||
|
|
Assignee | |
Comment 10•7 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=272227edcabb91ce6a27a3c2a47b8c27c169621c
|
|
Assignee | |
Comment 11•7 years ago
|
||
Ran 25 tests and 144 subtests
OK : 22
PASS : 6
FAIL : 138
TIMEOUT: 3
New tests that have failures or other problems:
/trusted-types/Element-setAttribute.tentative.html
a.href assigned via policy (successful URL transformation): FAIL
a.rel assigned via policy (successful URL transformation): FAIL
area.href assigned via policy (successful URL transformation): FAIL
base.href assigned via policy (successful URL transformation): FAIL
embed.src assigned via policy (successful ScriptURL transformation): FAIL
frame.src assigned via policy (successful URL transformation): FAIL
iframe.src assigned via policy (successful URL transformation): FAIL
iframe.srcdoc assigned via policy (successful HTML transformation): FAIL
img.src assigned via policy (successful URL transformation): FAIL
input.src assigned via policy (successful URL transformation): FAIL
link.href assigned via policy (successful URL transformation): FAIL
object.codeBase assigned via policy (successful URL transformation): FAIL
object.data assigned via policy (successful URL transformation): FAIL
script.src assigned via policy (successful ScriptURL transformation): FAIL
source.src assigned via policy (successful URL transformation): FAIL
track.src assigned via policy (successful URL transformation): FAIL
video.src assigned via policy (successful URL transformation): FAIL
/trusted-types/block-string-assignment-to-Element-setAttribute.tentative.html
a.href accepts only TrustedURL: FAIL
a.rel assigned via policy (successful URL transformation): FAIL
area.href accepts only TrustedURL: FAIL
base.href accepts only TrustedURL: FAIL
embed.src accepts only TrustedScriptURL: FAIL
frame.src accepts only TrustedURL: FAIL
iframe.src accepts only TrustedURL: FAIL
iframe.srcdoc accepts only TrustedHTML: FAIL
img.src accepts only TrustedURL: FAIL
input.src accepts only TrustedURL: FAIL
link.href accepts only TrustedURL: FAIL
object.codeBase accepts only TrustedURL: FAIL
object.data accepts only TrustedURL: FAIL
script.src accepts only TrustedScriptURL: FAIL
source.src accepts only TrustedURL: FAIL
track.src accepts only TrustedURL: FAIL
video.src accepts only TrustedURL: FAIL
|
|
||
Updated•7 years ago
|
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
|
||
Comment 12•7 years ago
|
||
Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/bf7a9b6ec543
[wpt PR 12764] - Element::setAttribute() modified to accept TrustedTypes, a=testonly
https://hg.mozilla.org/integration/mozilla-inbound/rev/50a3b8c5bb8b
[wpt PR 12764] - Update wpt metadata, a=testonly
|
||
Comment 13•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/bf7a9b6ec543
https://hg.mozilla.org/mozilla-central/rev/50a3b8c5bb8b
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox64:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
You need to log in
before you can comment on or make changes to this bug.
Description
•