File: sanitizer-boolean-defaults.tentative.html

package info (click to toggle)
firefox 144.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,637,504 kB
  • sloc: cpp: 7,576,692; javascript: 6,430,831; ansic: 3,748,119; python: 1,398,978; xml: 628,810; asm: 438,679; java: 186,194; sh: 63,212; makefile: 19,159; objc: 13,086; perl: 12,986; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; exp: 762; php: 436; lisp: 258; awk: 247; sql: 66; sed: 53; csh: 10
file content (75 lines) | stat: -rw-r--r-- 2,620 bytes parent folder | download | duplicates (10) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
<!DOCTYPE html>
<html>
<head>
<title>Test boolean defaults in config per PR #254</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
</head>
<body>
<script>
// Test cases extracted from : https://github.com/WICG/sanitizer-api/pull/254
//
// These are somewhat redundant with tests in sanitizer-config.tentative.html,
// so maybe we can long-term merge them together.

// Comments.
test(t => {
  function try_unsafe(config) {
    const div = document.createElement("div");
    div.setHTMLUnsafe("<!--bla-->", config)
    return div.innerHTML.includes("<!--");
  }
  function try_safe(config) {
    const div = document.createElement("div");
    div.setHTML("<!--bla-->", config)
    return div.innerHTML.includes("<!--");
  }

  assert_false(new Sanitizer().get().comments, "1");
  assert_true(new Sanitizer({}).get().comments, "2");
  assert_true(new Sanitizer({comments: true}).get().comments, "3");
  assert_false(new Sanitizer({comments: false}).get().comments, "4");

  assert_true(try_unsafe(), "5");
  assert_true(try_unsafe({sanitizer:{}}), "6");
  assert_true(try_unsafe({sanitizer:{comments:true}}), "7");
  assert_false(try_unsafe({sanitizer:{comments:false}}), "8");

  assert_false(try_safe(), "9");
  assert_false(try_safe({sanitizer:{}}), "10");
  assert_true(try_safe({sanitizer:{comments:true}}), "11");
  assert_false(try_safe({sanitizer:{comments:false}}), "12");
}, "comments");

// Data Attributes:
test(t => {
  function try_unsafe(config) {
    const div = document.createElement("div");
    div.setHTMLUnsafe("<div data-foo='bar'>", config)
    return div.innerHTML.includes("data-foo");
  }
  function try_safe(config) {
    const div = document.createElement("div");
    div.setHTML("<div data-foo='bar'>", config)
    return div.innerHTML.includes("data-foo");
  }

  assert_false(new Sanitizer().get().dataAttributes, "1");
  assert_true(new Sanitizer({}).get().dataAttributes, "2");
  assert_true(new Sanitizer({dataAttributes: true}).get().dataAttributes, "3");
  assert_false(new Sanitizer({dataAttributes: false}).get().dataAttributes, "4");

  assert_true(try_unsafe(), "5");
  assert_true(try_unsafe({sanitizer:{}}), "6");
  assert_true(try_unsafe({sanitizer:{dataAttributes:true}}), "7");
  assert_false(try_unsafe({sanitizer:{dataAttributes:false}}), "8");

  assert_false(try_safe(), "9");
  assert_false(try_safe({sanitizer:{}}), "10");
  assert_true(try_safe({sanitizer:{dataAttributes:true}}), "11");
  assert_false(try_safe({sanitizer:{dataAttributes:false}}), "12");
}, "data attributes");

</script>
</body>
</html>