From 8a29748fb24c7fafe0c1d21eab7923ec00971fe7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Wang?= Date: Fri, 13 Dec 2024 08:54:53 +0000 Subject: [PATCH] Bug 1931288 - Implement EnsureCSPDoesNotBlockStringCompilation as per CSP spec. r=smaug,tschuster See https://w3c.github.io/webappsec-csp/#can-compile-strings Differential Revision: https://phabricator.services.mozilla.com/D229624 --- caps/nsScriptSecurityManager.cpp | 15 ++ caps/nsScriptSecurityManager.h | 2 +- .../trusted-types/TrustedTypeUtils.cpp | 143 +++++++++++++ dom/security/trusted-types/TrustedTypeUtils.h | 16 ++ dom/workers/RuntimeService.cpp | 15 +- .../source-file.html.ini | 37 ++-- ...eval-csp-tt-default-policy-mutate.html.ini | 18 -- .../eval-csp-tt-no-default-policy.html.ini | 24 --- ...ments-and-applying-default-policy.html.ini | 24 --- .../eval-function-constructor.html.ini | 192 ------------------ .../eval-with-permissive-csp.html.ini | 9 - .../trusted-types-eval-reporting.html.ini | 4 +- .../meta/trusted-types/tt-block-eval.html.ini | 3 - ...arguments-and-default-policy-throwing.html | 22 ++ 14 files changed, 231 insertions(+), 293 deletions(-) delete mode 100644 testing/web-platform/meta/trusted-types/eval-csp-tt-default-policy-mutate.html.ini delete mode 100644 testing/web-platform/meta/trusted-types/eval-csp-tt-no-default-policy.html.ini delete mode 100644 testing/web-platform/meta/trusted-types/eval-function-constructor-untrusted-arguments-and-applying-default-policy.html.ini delete mode 100644 testing/web-platform/meta/trusted-types/eval-function-constructor.html.ini delete mode 100644 testing/web-platform/meta/trusted-types/eval-with-permissive-csp.html.ini delete mode 100644 testing/web-platform/meta/trusted-types/tt-block-eval.html.ini create mode 100644 testing/web-platform/tests/trusted-types/eval-function-constructor-untrusted-arguments-and-default-policy-throwing.html diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp index 92df479739d5..9979b9dfbcf1 100644 --- a/caps/nsScriptSecurityManager.cpp +++ b/caps/nsScriptSecurityManager.cpp @@ -475,6 +475,21 @@ bool nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction( nsCOMPtr subjectPrincipal = nsContentUtils::SubjectPrincipal(); + if (aKind == JS::RuntimeCode::JS) { + ErrorResult error; + bool areArgumentsTrusted = TrustedTypeUtils:: + AreArgumentsTrustedForEnsureCSPDoesNotBlockStringCompilation( + cx, aCodeString, aCompilationType, aParameterStrings, aBodyString, + aParameterArgs, aBodyArg, error); + if (error.MaybeSetPendingException(cx)) { + return false; + } + if (!areArgumentsTrusted) { + *aOutCanCompileStrings = false; + return true; + } + } + // Check if Eval is allowed per firefox hardening policy bool contextForbidsEval = (subjectPrincipal->IsSystemPrincipal() || XRE_IsE10sParentProcess()); diff --git a/caps/nsScriptSecurityManager.h b/caps/nsScriptSecurityManager.h index e4526fc6a572..65164aaf834a 100644 --- a/caps/nsScriptSecurityManager.h +++ b/caps/nsScriptSecurityManager.h @@ -88,7 +88,7 @@ class nsScriptSecurityManager final : public nsIScriptSecurityManager { virtual ~nsScriptSecurityManager(); // Decides, based on CSP, whether or not eval() and stuff can be executed. - static bool ContentSecurityPolicyPermitsJSAction( + MOZ_CAN_RUN_SCRIPT static bool ContentSecurityPolicyPermitsJSAction( JSContext* aCx, JS::RuntimeCode aKind, JS::Handle aCodeString, JS::CompilationType aCompilationType, JS::Handle> aParameterStrings, diff --git a/dom/security/trusted-types/TrustedTypeUtils.cpp b/dom/security/trusted-types/TrustedTypeUtils.cpp index 5d729f3371fb..6d8da2b732f4 100644 --- a/dom/security/trusted-types/TrustedTypeUtils.cpp +++ b/dom/security/trusted-types/TrustedTypeUtils.cpp @@ -492,6 +492,15 @@ GetTrustedTypesCompliantStringForTrustedHTML(const nsAString& aInput, &aInput, aSink, aSinkGroup, aNode, aResultHolder, aError); } +MOZ_CAN_RUN_SCRIPT const nsAString* +GetTrustedTypesCompliantStringForTrustedScript( + const nsAString& aInput, const nsAString& aSink, + const nsAString& aSinkGroup, nsIGlobalObject& aGlobalObject, + Maybe& aResultHolder, ErrorResult& aError) { + return GetTrustedTypesCompliantString( + &aInput, aSink, aSinkGroup, aGlobalObject, aResultHolder, aError); +} + bool GetTrustedTypeDataForAttribute(const nsAtom* aElementName, int32_t aElementNamespaceID, nsAtom* aAttributeName, @@ -613,4 +622,138 @@ bool HostGetCodeForEval(JSContext* aCx, JS::Handle aCode, return true; } +bool AreArgumentsTrustedForEnsureCSPDoesNotBlockStringCompilation( + JSContext* aCx, JS::Handle aCodeString, + JS::CompilationType aCompilationType, + JS::Handle> aParameterStrings, + JS::Handle aBodyString, + JS::Handle> aParameterArgs, + JS::Handle aBodyArg, ErrorResult& aError) { + // EnsureCSPDoesNotBlockStringCompilation is essentially HTML's implementation + // of HostEnsureCanCompileStrings, so we only consider the cases described in + // the Dynamic Code Brand Checks spec. The algorithm is also supposed to be + // called for "TIMER" too but in that case it does not execute the specific + // part implemented in the present method (step 2). + // https://html.spec.whatwg.org/multipage/webappapis.html#hostensurecancompilestrings(realm,-parameterstrings,-bodystring,-codestring,-compilationtype,-parameterargs,-bodyarg) + // https://tc39.es/proposal-dynamic-code-brand-checks/#sec-hostensurecancompilestrings + // https://html.spec.whatwg.org/#timer-initialisation-steps + if (!StaticPrefs::dom_security_trusted_types_enabled() || + aCompilationType == JS::CompilationType::Undefined) { + return true; + } + + // https://html.spec.whatwg.org/multipage/webappapis.html#hostensurecancompilestrings(realm,-parameterstrings,-bodystring,-codestring,-compilationtype,-parameterargs,-bodyarg) + // https://w3c.github.io/webappsec-csp/#can-compile-strings + nsIGlobalObject* global = xpc::CurrentNativeGlobal(aCx); + if (!global) { + aError.Throw(NS_ERROR_NULL_POINTER); + return false; + } + + // Exit early for some cases where GetTrustedTypesCompliantString + // would have no effect on aCodeString. + if (nsPIDOMWindowInner* piDOMWindowInner = global->GetAsInnerWindow()) { + const Document* extantDoc = piDOMWindowInner->GetExtantDoc(); + if (extantDoc && + !extantDoc->HasPolicyWithRequireTrustedTypesForDirective()) { + return true; + } + } + + // Steps 2.2 - 2.4. + bool isTrusted = true; + auto isArgumentTrusted = [&aCx](JS::Handle aValue, + JS::Handle aString, + ErrorResult& aError) { + if (!aValue.isObject()) { + return false; + } + JS::Rooted object(aCx, &aValue.toObject()); + TrustedScript* trustedScript; + if (NS_FAILED(UNWRAP_OBJECT(TrustedScript, &object, trustedScript))) { + return false; + } + nsAutoJSString jsString; + if (NS_WARN_IF(!jsString.init(aCx, aString))) { + aError.StealExceptionFromJSContext(aCx); + return false; + } + return jsString.Equals(trustedScript->mData); + }; + if (aCompilationType == JS::CompilationType::DirectEval || + aCompilationType == JS::CompilationType::IndirectEval) { + // The following assertions are guanranteed by the steps of PerformEval. + MOZ_ASSERT(aParameterArgs.empty()); + MOZ_ASSERT(aParameterStrings.empty()); + MOZ_ASSERT(aBodyString); + MOZ_ASSERT(aBodyArg.isString() || aBodyArg.isObject()); + isTrusted = aBodyArg.isObject(); +#ifdef DEBUG + bool trusted = isArgumentTrusted(aBodyArg, aBodyString, aError); + if (aError.Failed()) { + return false; + } + // The following assertion is guaranteed by the HTML implementation of + // HostGetCodeForEval. + MOZ_ASSERT(isTrusted == trusted); +#endif + } else { + MOZ_ASSERT(aCompilationType == JS::CompilationType::Function); + if (aBodyString) { + isTrusted = isArgumentTrusted(aBodyArg, aBodyString, aError); + if (aError.Failed()) { + return false; + } + } + if (isTrusted) { + MOZ_ASSERT(aParameterArgs.length() == aParameterStrings.length()); + for (size_t index = 0; index < aParameterArgs.length(); index++) { + isTrusted = isArgumentTrusted(aParameterArgs[index], + aParameterStrings[index], aError); + if (aError.Failed()) { + return false; + } + if (!isTrusted) { + break; + } + } + } + } + + // If successful, the steps below always ends up with sourceString == + // codeString. Moreover if isTrusted == true, passing a new TrustedScript to + // GetTrustedTypesCompliantStringForTrustedScript would just return codeString + // immediately, so we can skip all these steps. + if (isTrusted) { + return true; + } + + // Steps 2.5 - 2.6. + nsAutoJSString codeString; + if (NS_WARN_IF(!codeString.init(aCx, aCodeString))) { + aError.StealExceptionFromJSContext(aCx); + return false; + } + + Maybe compliantStringHolder; + constexpr nsLiteralString evalSink = u"eval"_ns; + constexpr nsLiteralString functionSink = u"Function"_ns; + nsCOMPtr pinnedGlobal = global; + const nsAString* compliantString = + dom::TrustedTypeUtils::GetTrustedTypesCompliantStringForTrustedScript( + codeString, + aCompilationType == JS::CompilationType::Function ? functionSink + : evalSink, + kTrustedTypesOnlySinkGroup, *pinnedGlobal, compliantStringHolder, + aError); + + // Step 2.7-2.8. + // Callers will take care of throwing an EvalError when we return false. + if (aError.Failed()) { + aError.SuppressException(); + return false; + } + return compliantString->Equals(codeString); +} + } // namespace mozilla::dom::TrustedTypeUtils diff --git a/dom/security/trusted-types/TrustedTypeUtils.h b/dom/security/trusted-types/TrustedTypeUtils.h index e1ba87439715..fefd9d986f35 100644 --- a/dom/security/trusted-types/TrustedTypeUtils.h +++ b/dom/security/trusted-types/TrustedTypeUtils.h @@ -105,6 +105,11 @@ GetTrustedTypesCompliantStringForTrustedHTML(const nsAString& aInput, const nsINode& aNode, Maybe& aResultHolder, ErrorResult& aError); +MOZ_CAN_RUN_SCRIPT const nsAString* +GetTrustedTypesCompliantStringForTrustedScript( + const nsAString& aInput, const nsAString& aSink, + const nsAString& aSinkGroup, nsIGlobalObject& aGlobalObject, + Maybe& aResultHolder, ErrorResult& aError); // https://w3c.github.io/trusted-types/dist/spec/#abstract-opdef-process-value-with-a-default-policy template @@ -131,6 +136,17 @@ MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue( bool HostGetCodeForEval(JSContext* aCx, JS::Handle aCode, JS::MutableHandle aOutCode); +// Implements steps 1 and 2 of EnsureCSPDoesNotBlockStringCompilation. +// See https://w3c.github.io/webappsec-csp/#can-compile-strings +MOZ_CAN_RUN_SCRIPT bool +AreArgumentsTrustedForEnsureCSPDoesNotBlockStringCompilation( + JSContext* aCx, JS::Handle aCodeString, + JS::CompilationType aCompilationType, + JS::Handle> aParameterStrings, + JS::Handle aBodyString, + JS::Handle> aParameterArgs, + JS::Handle aBodyArg, ErrorResult& aError); + } // namespace TrustedTypeUtils } // namespace dom diff --git a/dom/workers/RuntimeService.cpp b/dom/workers/RuntimeService.cpp index d6aaef28faab..f528bec20afe 100644 --- a/dom/workers/RuntimeService.cpp +++ b/dom/workers/RuntimeService.cpp @@ -502,7 +502,7 @@ class LogViolationDetailsRunnable final : public WorkerMainThreadRunnable { ~LogViolationDetailsRunnable() = default; }; -bool ContentSecurityPolicyAllows( +MOZ_CAN_RUN_SCRIPT_FOR_DEFINITION bool ContentSecurityPolicyAllows( JSContext* aCx, JS::RuntimeCode aKind, JS::Handle aCodeString, JS::CompilationType aCompilationType, JS::Handle> aParameterStrings, @@ -517,6 +517,19 @@ bool ContentSecurityPolicyAllows( uint16_t violationType; nsAutoJSString scriptSample; if (aKind == JS::RuntimeCode::JS) { + ErrorResult error; + bool areArgumentsTrusted = TrustedTypeUtils:: + AreArgumentsTrustedForEnsureCSPDoesNotBlockStringCompilation( + aCx, aCodeString, aCompilationType, aParameterStrings, aBodyString, + aParameterArgs, aBodyArg, error); + if (error.MaybeSetPendingException(aCx)) { + return false; + } + if (!areArgumentsTrusted) { + *aOutCanCompileStrings = false; + return true; + } + if (NS_WARN_IF(!scriptSample.init(aCx, aCodeString))) { return false; } diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini index 9304567a2363..8bccffc97a53 100644 --- a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini +++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini @@ -1,54 +1,53 @@ [source-file.html] expected: - if (os == "android") and fission: [ERROR, TIMEOUT] - TIMEOUT + if (os == "android") and fission: [ERROR] [Basic HTTPS URL] - expected: TIMEOUT + expected: FAIL [Basic HTTP URL] - expected: NOTRUN + expected: FAIL [Basic WSS URL] - expected: NOTRUN + expected: FAIL [Basic WS URL] - expected: NOTRUN + expected: FAIL [Fragment] - expected: NOTRUN + expected: FAIL [Query] - expected: NOTRUN + expected: FAIL [Port] - expected: NOTRUN + expected: FAIL [User:password] - expected: NOTRUN + expected: FAIL [User] - expected: NOTRUN + expected: FAIL [Invalid URL] - expected: NOTRUN + expected: FAIL [file:] - expected: NOTRUN + expected: FAIL [Custom protocol] - expected: NOTRUN + expected: FAIL [about:blank] - expected: NOTRUN + expected: FAIL [about:custom] - expected: NOTRUN + expected: FAIL [data:] - expected: NOTRUN + expected: FAIL [blob:] - expected: NOTRUN + expected: FAIL [javascript:] - expected: NOTRUN + expected: FAIL diff --git a/testing/web-platform/meta/trusted-types/eval-csp-tt-default-policy-mutate.html.ini b/testing/web-platform/meta/trusted-types/eval-csp-tt-default-policy-mutate.html.ini deleted file mode 100644 index f3fb6a4ce2bc..000000000000 --- a/testing/web-platform/meta/trusted-types/eval-csp-tt-default-policy-mutate.html.ini +++ /dev/null @@ -1,18 +0,0 @@ -[eval-csp-tt-default-policy-mutate.html] - [eval of string where default policy mutates value throws.] - expected: FAIL - - [indirect eval of string where default policy mutates value throws.] - expected: FAIL - - [Function constructor with string where default policy mutates value throws.] - expected: FAIL - - [AsyncFunction constructor with string where default policy mutates value throws.] - expected: FAIL - - [GeneratorFunction constructor with string where default policy mutates value throws.] - expected: FAIL - - [AsyncGeneratorFunction constructor with string where default policy mutates value throws.] - expected: FAIL diff --git a/testing/web-platform/meta/trusted-types/eval-csp-tt-no-default-policy.html.ini b/testing/web-platform/meta/trusted-types/eval-csp-tt-no-default-policy.html.ini deleted file mode 100644 index 8593382b40a1..000000000000 --- a/testing/web-platform/meta/trusted-types/eval-csp-tt-no-default-policy.html.ini +++ /dev/null @@ -1,24 +0,0 @@ -[eval-csp-tt-no-default-policy.html] - [eval of string fails.] - expected: FAIL - - [indirect eval of string fails.] - expected: FAIL - - [Function constructor of string fails.] - expected: FAIL - - [Function constructor of all strings fails.] - expected: FAIL - - [Function constructor of string and TrustedScript fails.] - expected: FAIL - - [AsyncFunction constructor of string fails.] - expected: FAIL - - [GeneratorFunction constructor of string fails.] - expected: FAIL - - [AsyncGeneratorFunction constructor of string fails.] - expected: FAIL diff --git a/testing/web-platform/meta/trusted-types/eval-function-constructor-untrusted-arguments-and-applying-default-policy.html.ini b/testing/web-platform/meta/trusted-types/eval-function-constructor-untrusted-arguments-and-applying-default-policy.html.ini deleted file mode 100644 index c7f3467cfcf0..000000000000 --- a/testing/web-platform/meta/trusted-types/eval-function-constructor-untrusted-arguments-and-applying-default-policy.html.ini +++ /dev/null @@ -1,24 +0,0 @@ -[eval-function-constructor-untrusted-arguments-and-applying-default-policy.html] - [plain string at index 0 (default policy modifying the function text).] - expected: FAIL - - [plain string at index 1 (default policy modifying the function text).] - expected: FAIL - - [plain string at index 2 (default policy modifying the function text).] - expected: FAIL - - [plain string at index 3 (default policy modifying the function text).] - expected: FAIL - - [TrustedScript with forged toString() at index 0 (default policy modifying the function text).] - expected: FAIL - - [TrustedScript with forged toString() at index 1 (default policy modifying the function text).] - expected: FAIL - - [TrustedScript with forged toString() at index 2 (default policy modifying the function text).] - expected: FAIL - - [TrustedScript with forged toString() at index 3 (default policy modifying the function text).] - expected: FAIL diff --git a/testing/web-platform/meta/trusted-types/eval-function-constructor.html.ini b/testing/web-platform/meta/trusted-types/eval-function-constructor.html.ini deleted file mode 100644 index 31fc5686b050..000000000000 --- a/testing/web-platform/meta/trusted-types/eval-function-constructor.html.ini +++ /dev/null @@ -1,192 +0,0 @@ -[eval-function-constructor.html] - [Function constructor with mixed plain and trusted strings, mask #0] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #1] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #2] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #3] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #4] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #5] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #6] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #7] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #8] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #9] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #10] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #11] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #12] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #13] - expected: FAIL - - [Function constructor with mixed plain and trusted strings, mask #14] - expected: FAIL - - [Function constructor with trusted strings, and a forged toString() for the one at index 0] - expected: FAIL - - [Function constructor with trusted strings, and a forged toString() for the one at index 1] - expected: FAIL - - [Function constructor with trusted strings, and a forged toString() for the one at index 2] - expected: FAIL - - [Function constructor with trusted strings, and a forged toString() for the one at index 3] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #0] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #0] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #0] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #1] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #1] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #1] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #2] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #2] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #2] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #3] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #3] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #3] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #4] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #4] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #4] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #5] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #5] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #5] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #6] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #6] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #6] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #7] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #7] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #7] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #8] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #8] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #8] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #9] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #9] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #9] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #10] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #10] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #10] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #11] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #11] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #11] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #12] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #12] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #12] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #13] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #13] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #13] - expected: FAIL - - [AsyncFunction constructor with mixed plain and trusted strings, mask #14] - expected: FAIL - - [GeneratorFunction constructor with mixed plain and trusted strings, mask #14] - expected: FAIL - - [AsyncGeneratorFunction constructor with mixed plain and trusted strings, mask #14] - expected: FAIL diff --git a/testing/web-platform/meta/trusted-types/eval-with-permissive-csp.html.ini b/testing/web-platform/meta/trusted-types/eval-with-permissive-csp.html.ini deleted file mode 100644 index 3a1e07de734d..000000000000 --- a/testing/web-platform/meta/trusted-types/eval-with-permissive-csp.html.ini +++ /dev/null @@ -1,9 +0,0 @@ -[eval-with-permissive-csp.html] - [eval with plain string with Trusted Types and permissive CSP throws (no type).] - expected: FAIL - - [indirect eval with plain string with Trusted Types and permissive CSP throws (no type).] - expected: FAIL - - [Function constructor with plain string with Trusted Types and permissive CSP throws (no type).] - expected: FAIL diff --git a/testing/web-platform/meta/trusted-types/trusted-types-eval-reporting.html.ini b/testing/web-platform/meta/trusted-types/trusted-types-eval-reporting.html.ini index efcc05d8a763..f76315d08178 100644 --- a/testing/web-platform/meta/trusted-types/trusted-types-eval-reporting.html.ini +++ b/testing/web-platform/meta/trusted-types/trusted-types-eval-reporting.html.ini @@ -1,10 +1,10 @@ [trusted-types-eval-reporting.html] expected: TIMEOUT [Trusted Type violation report: evaluating a string.] - expected: FAIL + expected: TIMEOUT [Trusted Type violation report: evaluating a Trusted Script.] - expected: TIMEOUT + expected: NOTRUN [Trusted Type violation report: default policy transforms the script before CSP checks runs.] expected: NOTRUN diff --git a/testing/web-platform/meta/trusted-types/tt-block-eval.html.ini b/testing/web-platform/meta/trusted-types/tt-block-eval.html.ini deleted file mode 100644 index 57de179878e2..000000000000 --- a/testing/web-platform/meta/trusted-types/tt-block-eval.html.ini +++ /dev/null @@ -1,3 +0,0 @@ -[tt-block-eval.html] - [eval blocks if the default policy rejects a value.] - expected: FAIL diff --git a/testing/web-platform/tests/trusted-types/eval-function-constructor-untrusted-arguments-and-default-policy-throwing.html b/testing/web-platform/tests/trusted-types/eval-function-constructor-untrusted-arguments-and-default-policy-throwing.html new file mode 100644 index 000000000000..a33fe2d0eb45 --- /dev/null +++ b/testing/web-platform/tests/trusted-types/eval-function-constructor-untrusted-arguments-and-default-policy-throwing.html @@ -0,0 +1,22 @@ + + + + + + + + + + + +