Google Git
Sign in
chromium / chromium / src / f0f20ed4e59642d58fabeca7f7962cc8645a7ccf / . / chrome / test / data / webui / parse_html_subset_test.html
blob: 2205df5a40be49882fe0a0022680724a3253ee46 [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<title>parseHtmlSubset test</title>
</head>
<body>
<script>
function parseAndAssertThrows() {
var args = arguments;
assertThrows(function() {
parseHtmlSubset.apply(null, args);
});
}
function testText() {
parseHtmlSubset('');
parseHtmlSubset('abc');
parseHtmlSubset('&nbsp;');
}
function testSupportedTags() {
parseHtmlSubset('<b>bold</b>');
parseHtmlSubset('Some <b>bold</b> text');
parseHtmlSubset('Some <strong>strong</strong> text');
parseHtmlSubset('<B>bold</B>');
parseHtmlSubset('Some <B>bold</B> text');
parseHtmlSubset('Some <STRONG>strong</STRONG> text');
}
function testInvalidTags() {
parseAndAssertThrows('<unknown_tag>x</unknown_tag>');
parseAndAssertThrows('<img>');
parseAndAssertThrows('<script>alert(1)<' + '/script>');
}
function testInvalidAttributes() {
parseAndAssertThrows('<b onclick="alert(1)">x</b>');
parseAndAssertThrows('<b style="color:red">x</b>');
parseAndAssertThrows('<b foo>x</b>');
parseAndAssertThrows('<b foo=bar></b>');
}
function testValidAnchors() {
parseHtmlSubset('<a href="https://google.com">Google</a>');
parseHtmlSubset('<a href="chrome://settings">Google</a>');
}
function testInvalidAnchorHrefs() {
parseAndAssertThrows('<a href="http://google.com">Google</a>');
parseAndAssertThrows('<a href="ftp://google.com">Google</a>');
parseAndAssertThrows('<a href="http/google.com">Google</a>');
parseAndAssertThrows('<a href="javascript:alert(1)">Google</a>');
parseAndAssertThrows('<a href="chrome-extension://whurblegarble">Google</a>');
}
function testInvalidAnchorAttributes() {
parseAndAssertThrows('<a name=foo>Google</a>');
parseAndAssertThrows(
'<a onclick="alert(1)" href="https://google.com">Google</a>');
parseAndAssertThrows('<a foo="bar(1)" href="https://google.com">Google</a>');
}
function testAnchorTarget() {
var df = parseHtmlSubset(
'<a href="https://google.com" target="_blank">Google</a>');
assertEquals('_blank', df.firstChild.target);
}
function testInvalidTarget() {
parseAndAssertThrows('<form target="_evil">', ['form']);
parseAndAssertThrows('<iframe target="_evil">', ['iframe']);
parseAndAssertThrows('<a href="https://google.com" target="foo">Google</a>');
}
function testCustomTags() {
parseHtmlSubset('yo <I>ho</i><bR>yo <EM>ho</em>', ['i', 'EM', 'Br']);
}
function testInvalidCustomTags() {
parseAndAssertThrows("a pirate's<script>lifeForMe();<" + '/script>', ['br']);
}
function testCustomAttributes() {
function returnsTruthy(node, value) {
assertEquals('A', node.tagName);
assertEquals('fancy', value);
return true;
}
parseHtmlSubset('<a class="fancy">I\'m fancy!</a>', null,
{class: returnsTruthy});
}
function testInvalidCustomAttributes() {
function returnsFalsey() {
return false;
}
parseAndAssertThrows('<a class="fancy">I\'m fancy!</a>', null,
{class: returnsFalsey});
parseAndAssertThrows('<a class="fancy">I\'m fancy!</a>');
}
function testOnErrorAsync(testDoneCalback) {
window.called = false;
parseAndAssertThrows('<img onerror="window.called = true" src="_.png">');
parseAndAssertThrows('<img src="_.png" onerror="window.called = true">');
window.setTimeout(function() {
assertFalse(window.called);
testDoneCalback();
});
}
</script>
</body>
</html>