third_party/blink/web_tests/external/wpt/trusted-types/block-text-node-insertion-into-script-element.tentative.html - ios-chromium-mirror - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
   <script src="/resources/testharness.js"></script>
   <script src="/resources/testharnessreport.js"></script>
   <script src="support/helper.sub.js"></script>
   <meta http-equiv="Content-Security-Policy" content="trusted-types *">
 </head>
 <body>
 <div id="container"></div>
 <script>
   var container = document.querySelector("#container");

   // Regression tests for 'Bypass via insertAdjacentText', reported at
   // https://github.com/WICG/trusted-types/issues/133

   // Original report:
   test(t => {
     // Setup: Create a <script> element with a <p> child.
     let s = document.createElement("script");
     let p = document.createElement("p");
     p.textContent = "hello('world');";
     s.appendChild(p);
     container.appendChild(s);

     // Sanity check: The <p> content doesn't count as source text.
     assert_equals(s.text, "");

     // Try to insertAdjacentText into the <script>, starting from the <p>
     try {
       p.insertAdjacentText("beforebegin", "hello('before');");
     } catch (err) { }
     assert_equals(s.text, "");
     try {
       p.insertAdjacentText("afterend", "hello('after');");
     } catch (err) { }
     assert_equals(s.text, "");
   }, "Regression test: Bypass via insertAdjacentText, initial comment");

   // Variant: Create a <script> element and create & insert a text node. Then
   // insert it into the document container to make it live.
   test(t => {
     // Setup: Create a <script> element, and insert text via a text node.
     let s = document.createElement("script");
     let text = document.createTextNode("alert('hello');");
     assert_throws(new TypeError(),
                   _ => { s.appendChild(text); },
                   "We should not be able to modify <script>.");
     container.appendChild(s);
   }, "Regression test: Bypass via appendChild into off-document script element");

   // Variant: Create a <script> element and insert it into the document. Then
   // create a text node and insert it into the live <script> element.
   test(t => {
     // Setup: Create a <script> element, insert it into the doc, and then create
     // and insert text via a text node.
     let s = document.createElement("script");
     container.appendChild(s);
     let text = document.createTextNode("alert('hello');");
     assert_throws(new TypeError(),
                   _ => { s.appendChild(text); },
                   "We should not be able to modify <script>.");
   }, "Regression test: Bypass via appendChild into live script element");
 </script>
 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="support/helper.sub.js"></script>
	<meta http-equiv="Content-Security-Policy" content="trusted-types *">
	</head>
	<body>
	<div id="container"></div>
	<script>
	var container = document.querySelector("#container");

	// Regression tests for 'Bypass via insertAdjacentText', reported at
	// https://github.com/WICG/trusted-types/issues/133

	// Original report:
	test(t => {
	// Setup: Create a <script> element with a <p> child.
	let s = document.createElement("script");
	let p = document.createElement("p");
	p.textContent = "hello('world');";
	s.appendChild(p);
	container.appendChild(s);

	// Sanity check: The <p> content doesn't count as source text.
	assert_equals(s.text, "");

	// Try to insertAdjacentText into the <script>, starting from the <p>
	try {
	p.insertAdjacentText("beforebegin", "hello('before');");
	} catch (err) { }
	assert_equals(s.text, "");
	try {
	p.insertAdjacentText("afterend", "hello('after');");
	} catch (err) { }
	assert_equals(s.text, "");
	}, "Regression test: Bypass via insertAdjacentText, initial comment");

	// Variant: Create a <script> element and create & insert a text node. Then
	// insert it into the document container to make it live.
	test(t => {
	// Setup: Create a <script> element, and insert text via a text node.
	let s = document.createElement("script");
	let text = document.createTextNode("alert('hello');");
	assert_throws(new TypeError(),
	_ => { s.appendChild(text); },
	"We should not be able to modify <script>.");
	container.appendChild(s);
	}, "Regression test: Bypass via appendChild into off-document script element");

	// Variant: Create a <script> element and insert it into the document. Then
	// create a text node and insert it into the live <script> element.
	test(t => {
	// Setup: Create a <script> element, insert it into the doc, and then create
	// and insert text via a text node.
	let s = document.createElement("script");
	container.appendChild(s);
	let text = document.createTextNode("alert('hello');");
	assert_throws(new TypeError(),
	_ => { s.appendChild(text); },
	"We should not be able to modify <script>.");
	}, "Regression test: Bypass via appendChild into live script element");
	</script>
	</body>
	</html>