Enable createParserOptions, passing a sanitizer to trusted types#606
Enable createParserOptions, passing a sanitizer to trusted types#606noamr wants to merge 14 commits into
Conversation
|
LGTM |
ced3862 to
d44dcea
Compare
|
I've made some changes:
(Note: this PR will fail build until we merge the latter) |
|
Are you able to fix the build failure now? |
I'll revisit this once I have the HTML counterpart ready. |
|
|
||
| ## Get Trusted Type parser input ## {#get-trusted-type-parser-input-algorithm} | ||
|
|
||
| To <dfn export>get Trusted Type compliant input</dfn> given a {{TrustedType}} |expectedType|, a [=realm/global object=] (|global|), string, or <code data-x="">Stream</code> |input|, |
There was a problem hiding this comment.
It's a special value meaning that we don't have a string yet and we are going to stream the HTML. is null better? This seemed more descriptive.
|
|
||
| 1. Throw a TypeError and abort further steps. | ||
| 1. Let |sanitizer| be |policyValue|["`sanitizer`"], [=with default|defaulting to=] a new {{SanitizerConfig}}. | ||
| 1. If |sanitizer| is a {{Sanitizer}}, then set |sanitizer| to a new {{Sanitizer}} whose [=Sanitizer/configuration=] is the result of [=canonicali`ze the configuration|canonicalizing=] |sanitizer|'s [=Sanitizer/configuration=]. |
There was a problem hiding this comment.
Shouldn't that already be canonicalized?
There was a problem hiding this comment.
This is the equivalent of cloning, to avoid mutating an existing object. The note underneath says so
There was a problem hiding this comment.
Refactored this, doesn't use "canonicalize" anymore.
|
Also, reportedly this impacts |
Added prose and examples for this |
|
(The build failure is in main, trying to resolve separately. Do you have an idea maybe @lukewarlow ?) |
|
In Also I feel like we should probably always return a Sanitizer object, instead of one of three options? Otherwise it seems easy to accidentally write code (not sure what for though?) that only works with a subset. |
It's a good point. I guess we need to return a clone of the underlying sanitizer if the getter is invoked so that you couldn't get a
Yea I was contemplating that. SGTM |
`createParserOptions` receives a `SetHTML{Unsafe}Options` and turns them into
a `TrustedParserOptions` using the given method from the policy config.
This is the `trusted-types` part of #594
(Need to wire it to HTML as well)
Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
Co-authored-by: Anne van Kesteren <annevk@annevk.nl>
6b671ea to
5db0166
Compare
The new version only passes a |
createParserOptionsreceives aSetHTML{Unsafe}Optionsand turns them into aTrustedParserOptionsusing the given method from the policy config.This is the
trusted-typespart of #594Note that this should only be merged when wired into the HTML standard, once the sanitizer is itself upstreamed.
Preview | Diff