Closed Bug 2028985 Opened 3 months ago Closed 2 months ago

[wpt-sync] Sync PR 58943 - [Sanitizer] Ensure content is removed when an exception is thrown.

Categories

(Core :: DOM: Security, task, P4)

task

Tracking

()

RESOLVED FIXED
151 Branch
Tracking Status
firefox151 --- fixed

People

(Reporter: wpt-sync, Unassigned)

References

()

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 58943 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/58943
Details from upstream follow.

Daniel Vogelheim <vogelheim@chromium.org> wrote:

[Sanitizer] Ensure content is removed when an exception is thrown.

When the sanitize operation throws an exception, we don't clear the
parse result. Also, the callers will pass through the exception, but
will return the incomplete result to the callers.

Fixed: 496524586
Change-Id: I3a6402afacb5d5275f546dfdefdac5d270e96d1f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7705032
Reviewed-by: Noam Rosenthal \<nrosenthal@google.com>
Reviewed-by: Joey Arhar \<jarhar@chromium.org>
Commit-Queue: Daniel Vogelheim \<vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1609133}

Component: web-platform-tests → DOM: Security
Product: Testing → Core

CI Results

Ran 9 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 21 tests and 4 subtests

Status Summary

Firefox

OK : 1[GitHub] 21[Gecko-android-em-14-x86_64-debug-geckoview, Gecko-android-em-14-x86_64-lite-opt-geckoview, Gecko-android-em-14-x86_64-opt-geckoview, Gecko-linux2404-64-debug, Gecko-linux2404-64-opt, Gecko-windows11-32-24h2-debug, Gecko-windows11-32-24h2-opt, Gecko-windows11-64-24h2-debug, Gecko-windows11-64-24h2-opt]
PASS: 84[GitHub] 528[Gecko-android-em-14-x86_64-debug-geckoview, Gecko-android-em-14-x86_64-lite-opt-geckoview, Gecko-android-em-14-x86_64-opt-geckoview, Gecko-linux2404-64-debug, Gecko-linux2404-64-opt, Gecko-windows11-32-24h2-debug, Gecko-windows11-32-24h2-opt, Gecko-windows11-64-24h2-debug, Gecko-windows11-64-24h2-opt]
FAIL: 1[GitHub] 104[Gecko-android-em-14-x86_64-debug-geckoview, Gecko-android-em-14-x86_64-lite-opt-geckoview, Gecko-android-em-14-x86_64-opt-geckoview, Gecko-linux2404-64-debug, Gecko-linux2404-64-opt, Gecko-windows11-32-24h2-debug, Gecko-windows11-32-24h2-opt, Gecko-windows11-64-24h2-debug, Gecko-windows11-64-24h2-opt]

Chrome

OK : 1
PASS: 82
FAIL: 3

Safari

OK : 1
PASS: 4
FAIL: 81

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

New Tests That Don't Pass

  • /sanitizer-api/sethtml-tree-construction.tentative.html [wpt.fyi]
    • Testcase #71, "<table><div><td>", config: "{ "replaceWithChildrenElements": ["table"] }".: FAIL (Chrome: PASS, Safari: FAIL)
  • /sanitizer-api/sethtml-with-custom-elements.tentative.html [wpt.fyi]
    • Scoped custom element registry still works.: FAIL
  • /sanitizer-api/sethtml-with-trustedtypes-createParserOptions.tentative.html [wpt.fyi]
    • ShadowRoot.setHTMLUnsafe: passing a TrustedParserOptions overrides default policy: FAIL
    • Element.setHTMLUnsafe: passing a TrustedParserOptions overrides default policy: FAIL
  • /sanitizer-api/sethtml-with-trustedtypes-immutable.tentative.html [wpt.fyi]
    • createParserOptions doesn't mutate original object: FAIL
    • createParserOptions doesn't mutate sanitizer object: FAIL
  • /sanitizer-api/sethtml-with-trustedtypes.tentative.html [wpt.fyi]
    • ShadowRoot.setHTMLUnsafe: createParserOptions can inject a sanitizer config: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions can inject a sanitizer: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions can override a sanitizer config: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions returning null fails: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions returning undefined fails: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions returning 0 fails: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions returning 123 fails: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions returning "foo" fails: FAIL
    • ShadowRoot.innerHTML: createParserOptions can inject a sanitizer config: FAIL
    • ShadowRoot.innerHTML: createParserOptions can inject a sanitizer: FAIL
    • ShadowRoot.innerHTML: createParserOptions can override a sanitizer config: FAIL
    • ShadowRoot.innerHTML: createParserOptions returning null fails: FAIL
    • ShadowRoot.innerHTML: createParserOptions returning undefined fails: FAIL
    • ShadowRoot.innerHTML: createParserOptions returning 0 fails: FAIL
    • ShadowRoot.innerHTML: createParserOptions returning 123 fails: FAIL
    • ShadowRoot.innerHTML: createParserOptions returning "foo" fails: FAIL
    • ShadowRoot.beforebegin: createParserOptions can inject a sanitizer config: FAIL
    • ShadowRoot.beforebegin: createParserOptions can inject a sanitizer: FAIL
    • ShadowRoot.beforebegin: createParserOptions can override a sanitizer config: FAIL
    • ShadowRoot.beforebegin: createParserOptions returning null fails: FAIL
    • ShadowRoot.beforebegin: createParserOptions returning undefined fails: FAIL
    • ShadowRoot.beforebegin: createParserOptions returning 0 fails: FAIL
    • ShadowRoot.beforebegin: createParserOptions returning 123 fails: FAIL
    • ShadowRoot.beforebegin: createParserOptions returning "foo" fails: FAIL
    • ShadowRoot.afterend: createParserOptions can inject a sanitizer config: FAIL
    • ShadowRoot.afterend: createParserOptions can inject a sanitizer: FAIL
    • ShadowRoot.afterend: createParserOptions can override a sanitizer config: FAIL
    • ShadowRoot.afterend: createParserOptions returning null fails: FAIL
    • ShadowRoot.afterend: createParserOptions returning undefined fails: FAIL
    • ShadowRoot.afterend: createParserOptions returning 0 fails: FAIL
    • ShadowRoot.afterend: createParserOptions returning 123 fails: FAIL
    • ShadowRoot.afterend: createParserOptions returning "foo" fails: FAIL
    • ShadowRoot.setHTMLUnsafe: createParserOptions works after createHTML: FAIL
    • Element.setHTMLUnsafe: createParserOptions can inject a sanitizer config: FAIL
    • Element.setHTMLUnsafe: createParserOptions can inject a sanitizer: FAIL
    • Element.setHTMLUnsafe: createParserOptions can override a sanitizer config: FAIL
    • Element.setHTMLUnsafe: createParserOptions returning null fails: FAIL
    • Element.setHTMLUnsafe: createParserOptions returning undefined fails: FAIL
    • Element.setHTMLUnsafe: createParserOptions returning 0 fails: FAIL
    • Element.setHTMLUnsafe: createParserOptions returning 123 fails: FAIL
    • Element.setHTMLUnsafe: createParserOptions returning "foo" fails: FAIL
    • Element.innerHTML: createParserOptions can inject a sanitizer config: FAIL
    • Element.innerHTML: createParserOptions can inject a sanitizer: FAIL
    • Element.innerHTML: createParserOptions can override a sanitizer config: FAIL
    • Element.innerHTML: createParserOptions returning null fails: FAIL
    • Element.innerHTML: createParserOptions returning undefined fails: FAIL
    • Element.innerHTML: createParserOptions returning 0 fails: FAIL
    • Element.innerHTML: createParserOptions returning 123 fails: FAIL
    • Element.innerHTML: createParserOptions returning "foo" fails: FAIL
    • Element.outerHTML: createParserOptions can inject a sanitizer config: FAIL
    • Element.outerHTML: createParserOptions can inject a sanitizer: FAIL
    • Element.outerHTML: createParserOptions can override a sanitizer config: FAIL
    • Element.outerHTML: createParserOptions returning null fails: FAIL
    • Element.outerHTML: createParserOptions returning undefined fails: FAIL
    • Element.outerHTML: createParserOptions returning 0 fails: FAIL
    • Element.outerHTML: createParserOptions returning 123 fails: FAIL
    • Element.outerHTML: createParserOptions returning "foo" fails: FAIL
    • Element.createContextualFragment: createParserOptions can inject a sanitizer config: FAIL
    • Element.createContextualFragment: createParserOptions can inject a sanitizer: FAIL
    • Element.createContextualFragment: createParserOptions can override a sanitizer config: FAIL
    • Element.createContextualFragment: createParserOptions returning null fails: FAIL
    • Element.createContextualFragment: createParserOptions returning undefined fails: FAIL
    • Element.createContextualFragment: createParserOptions returning 0 fails: FAIL
    • Element.createContextualFragment: createParserOptions returning 123 fails: FAIL
    • Element.createContextualFragment: createParserOptions returning "foo" fails: FAIL
    • Element.afterbegin: createParserOptions can inject a sanitizer config: FAIL
    • Element.afterbegin: createParserOptions can inject a sanitizer: FAIL
    • Element.afterbegin: createParserOptions can override a sanitizer config: FAIL
    • Element.afterbegin: createParserOptions returning null fails: FAIL
    • Element.afterbegin: createParserOptions returning undefined fails: FAIL
    • Element.afterbegin: createParserOptions returning 0 fails: FAIL
    • Element.afterbegin: createParserOptions returning 123 fails: FAIL
    • Element.afterbegin: createParserOptions returning "foo" fails: FAIL
    • Element.beforeend: createParserOptions can inject a sanitizer config: FAIL
    • Element.beforeend: createParserOptions can inject a sanitizer: FAIL
    • Element.beforeend: createParserOptions can override a sanitizer config: FAIL
    • Element.beforeend: createParserOptions returning null fails: FAIL
    • Element.beforeend: createParserOptions returning undefined fails: FAIL
    • Element.beforeend: createParserOptions returning 0 fails: FAIL
    • Element.beforeend: createParserOptions returning 123 fails: FAIL
    • Element.beforeend: createParserOptions returning "foo" fails: FAIL
    • Element.beforebegin: createParserOptions can inject a sanitizer config: FAIL
    • Element.beforebegin: createParserOptions can inject a sanitizer: FAIL
    • Element.beforebegin: createParserOptions can override a sanitizer config: FAIL
    • Element.beforebegin: createParserOptions returning null fails: FAIL
    • Element.beforebegin: createParserOptions returning undefined fails: FAIL
    • Element.beforebegin: createParserOptions returning 0 fails: FAIL
    • Element.beforebegin: createParserOptions returning 123 fails: FAIL
    • Element.beforebegin: createParserOptions returning "foo" fails: FAIL
    • Element.afterend: createParserOptions can inject a sanitizer config: FAIL
    • Element.afterend: createParserOptions can inject a sanitizer: FAIL
    • Element.afterend: createParserOptions can override a sanitizer config: FAIL
    • Element.afterend: createParserOptions returning null fails: FAIL
    • Element.afterend: createParserOptions returning undefined fails: FAIL
    • Element.afterend: createParserOptions returning 0 fails: FAIL
    • Element.afterend: createParserOptions returning 123 fails: FAIL
    • Element.afterend: createParserOptions returning "foo" fails: FAIL
    • Element.setHTMLUnsafe: createParserOptions works after createHTML: FAIL
Pushed by wptsync@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/5687e92c65c0 https://hg.mozilla.org/integration/autoland/rev/6aaf028aa76e [wpt PR 58943] - [Sanitizer] Ensure content is removed when an exception is thrown., a=testonly
Status: NEW → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → 151 Branch
You need to log in before you can comment on or make changes to this bug.