Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(340)

Unified Diff: tests/lib_strong/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart

Issue 2771453003: Format all tests. (Closed)
Patch Set: Format files Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: tests/lib_strong/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart
diff --git a/tests/lib_strong/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart b/tests/lib_strong/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart
index 84821ffb9c24cd33f43e16e7a920d46b59e52035..db130b151da8a2173178b2e749e7d38c044bf869 100644
--- a/tests/lib_strong/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart
+++ b/tests/lib_strong/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart
@@ -17,8 +17,8 @@ import 'utils.dart';
void validateHtml(String html, String reference, NodeValidator validator) {
var a = document.body.createFragment(html, validator: validator);
- var b = document.body.createFragment(reference,
- treeSanitizer: NodeTreeSanitizer.trusted);
+ var b = document.body
+ .createFragment(reference, treeSanitizer: NodeTreeSanitizer.trusted);
// Prevent a false pass when both the html and the reference both get entirely
// deleted, which is technically a match, but unlikely to be what we meant.
@@ -42,7 +42,7 @@ class RecordingUriValidator implements UriPolicy {
}
void testHtml(String name, NodeValidator validator, String html,
- [String reference]) {
+ [String reference]) {
test(name, () {
if (reference == null) {
reference = html;
@@ -56,63 +56,44 @@ main() {
group('DOM_sanitization', () {
var validator = new NodeValidatorBuilder.common();
- testHtml('allows simple constructs',
- validator,
+ testHtml('allows simple constructs', validator,
'<div class="baz">something</div>');
- testHtml('blocks unknown attributes',
- validator,
- '<div foo="baz">something</div>',
- '<div>something</div>');
+ testHtml('blocks unknown attributes', validator,
+ '<div foo="baz">something</div>', '<div>something</div>');
- testHtml('blocks custom element',
- validator,
- '<x-my-element>something</x-my-element>',
- '');
+ testHtml('blocks custom element', validator,
+ '<x-my-element>something</x-my-element>', '');
- testHtml('blocks custom is element',
- validator,
- '<div is="x-my-element">something</div>',
- '');
+ testHtml('blocks custom is element', validator,
+ '<div is="x-my-element">something</div>', '');
- testHtml('blocks body elements',
- validator,
- '<body background="s"></body>',
- '');
+ testHtml(
+ 'blocks body elements', validator, '<body background="s"></body>', '');
- testHtml('allows select elements',
+ testHtml(
+ 'allows select elements',
validator,
'<select>'
- '<option>a</option>'
+ '<option>a</option>'
'</select>');
- testHtml('blocks sequential script elements',
- validator,
- '<div><script></script><script></script></div>',
- '<div></div>');
+ testHtml('blocks sequential script elements', validator,
+ '<div><script></script><script></script></div>', '<div></div>');
- testHtml('blocks inline styles',
- validator,
- '<div style="background: red"></div>',
- '<div></div>');
+ testHtml('blocks inline styles', validator,
+ '<div style="background: red"></div>', '<div></div>');
- testHtml('blocks namespaced attributes',
- validator,
- '<div ns:foo="foo"></div>',
- '<div></div>');
+ testHtml('blocks namespaced attributes', validator,
+ '<div ns:foo="foo"></div>', '<div></div>');
- testHtml('blocks namespaced common attributes',
- validator,
- '<div ns:class="foo"></div>',
- '<div></div>');
+ testHtml('blocks namespaced common attributes', validator,
+ '<div ns:class="foo"></div>', '<div></div>');
- testHtml('blocks namespaced common elements',
- validator,
- '<ns:div></ns:div>',
- '');
+ testHtml('blocks namespaced common elements', validator,
+ '<ns:div></ns:div>', '');
- testHtml('allows CDATA sections',
- validator,
+ testHtml('allows CDATA sections', validator,
'<span>![CDATA[ some text ]]></span>');
test('sanitizes template contents', () {
@@ -122,13 +103,12 @@ main() {
'<div></div>'
'<script></script>'
'<img src="http://example.com/foo"/>'
- '</template>';
+ '</template>';
var fragment = document.body.createFragment(html, validator: validator);
var template = fragment.nodes.single as TemplateElement;
- var expectedContent = document.body.createFragment(
- '<div></div>'
+ var expectedContent = document.body.createFragment('<div></div>'
'<img/>');
validateNodeTree(template.content, expectedContent);
@@ -153,10 +133,11 @@ main() {
expect(child.childNodes.length, 0);
});
- testHtml("sanitizes embed",
- validator,
- "<div><embed src='' type='application/x-shockwave-flash'></embed></div>",
- "<div></div>");
+ testHtml(
+ "sanitizes embed",
+ validator,
+ "<div><embed src='' type='application/x-shockwave-flash'></embed></div>",
+ "<div></div>");
});
group('URI_sanitization', () {
@@ -165,7 +146,6 @@ main() {
checkUriPolicyCalls(String name, String html, String reference,
List<String> expectedCalls) {
-
test(name, () {
recorder.reset();
@@ -174,184 +154,118 @@ main() {
});
}
- checkUriPolicyCalls('a::href',
- '<a href="s"></a>',
- '<a></a>',
- ['s']);
+ checkUriPolicyCalls('a::href', '<a href="s"></a>', '<a></a>', ['s']);
- checkUriPolicyCalls('area::href',
- '<area href="s"></area>',
- '<area></area>',
- ['s']);
+ checkUriPolicyCalls(
+ 'area::href', '<area href="s"></area>', '<area></area>', ['s']);
- checkUriPolicyCalls('blockquote::cite',
+ checkUriPolicyCalls(
+ 'blockquote::cite',
'<blockquote cite="s"></blockquote>',
'<blockquote></blockquote>',
['s']);
- checkUriPolicyCalls('command::icon',
- '<command icon="s"/>',
- '<command/>',
- ['s']);
- checkUriPolicyCalls('img::src',
- '<img src="s"/>',
- '<img/>',
- ['s']);
- checkUriPolicyCalls('input::src',
- '<input src="s"/>',
- '<input/>',
- ['s']);
- checkUriPolicyCalls('ins::cite',
- '<ins cite="s"></ins>',
- '<ins></ins>',
- ['s']);
- checkUriPolicyCalls('q::cite',
- '<q cite="s"></q>',
- '<q></q>',
- ['s']);
- checkUriPolicyCalls('video::poster',
- '<video poster="s"/>',
- '<video/>',
- ['s']);
+ checkUriPolicyCalls(
+ 'command::icon', '<command icon="s"/>', '<command/>', ['s']);
+ checkUriPolicyCalls('img::src', '<img src="s"/>', '<img/>', ['s']);
+ checkUriPolicyCalls('input::src', '<input src="s"/>', '<input/>', ['s']);
+ checkUriPolicyCalls(
+ 'ins::cite', '<ins cite="s"></ins>', '<ins></ins>', ['s']);
+ checkUriPolicyCalls('q::cite', '<q cite="s"></q>', '<q></q>', ['s']);
+ checkUriPolicyCalls(
+ 'video::poster', '<video poster="s"/>', '<video/>', ['s']);
});
group('allowNavigation', () {
var validator = new NodeValidatorBuilder()..allowNavigation();
- testHtml('allows anchor tags',
- validator,
- '<a href="#foo">foo</a>');
+ testHtml('allows anchor tags', validator, '<a href="#foo">foo</a>');
- testHtml('allows form elements',
- validator,
+ testHtml('allows form elements', validator,
'<form method="post" action="/foo"></form>');
- testHtml('disallows script navigation',
- validator,
- '<a href="javascript:foo = 1">foo</a>',
- '<a>foo</a>');
+ testHtml('disallows script navigation', validator,
+ '<a href="javascript:foo = 1">foo</a>', '<a>foo</a>');
- testHtml('disallows cross-site navigation',
- validator,
- '<a href="http://example.com">example.com</a>',
- '<a>example.com</a>');
+ testHtml('disallows cross-site navigation', validator,
+ '<a href="http://example.com">example.com</a>', '<a>example.com</a>');
- testHtml('blocks other elements',
- validator,
- '<a href="#foo"><b>foo</b></a>',
- '<a href="#foo"></a>');
+ testHtml('blocks other elements', validator,
+ '<a href="#foo"><b>foo</b></a>', '<a href="#foo"></a>');
- testHtml('blocks tag extension',
- validator,
- '<a is="x-foo"></a>',
- '');
+ testHtml('blocks tag extension', validator, '<a is="x-foo"></a>', '');
});
group('allowImages', () {
var validator = new NodeValidatorBuilder()..allowImages();
- testHtml('allows images',
- validator,
+ testHtml('allows images', validator,
'<img src="/foo.jpg" alt="something" width="100" height="100"/>');
- testHtml('blocks onerror',
- validator,
- '<img src="/foo.jpg" onerror="something"/>',
- '<img src="/foo.jpg"/>');
+ testHtml('blocks onerror', validator,
+ '<img src="/foo.jpg" onerror="something"/>', '<img src="/foo.jpg"/>');
- testHtml('enforces same-origin',
- validator,
- '<img src="http://example.com/foo.jpg"/>',
- '<img/>');
+ testHtml('enforces same-origin', validator,
+ '<img src="http://example.com/foo.jpg"/>', '<img/>');
});
group('allowCustomElement', () {
var validator = new NodeValidatorBuilder()
- ..allowCustomElement(
- 'x-foo',
- attributes: ['bar'],
- uriAttributes: ['baz'])
+ ..allowCustomElement('x-foo', attributes: ['bar'], uriAttributes: ['baz'])
..allowHtml5();
- testHtml('allows custom elements',
- validator,
+ testHtml('allows custom elements', validator,
'<x-foo bar="something" baz="/foo.jpg"></x-foo>');
+ testHtml('validates custom tag URIs', validator,
+ '<x-foo baz="http://example.com/foo.jpg"></x-foo>', '<x-foo></x-foo>');
- testHtml('validates custom tag URIs',
- validator,
- '<x-foo baz="http://example.com/foo.jpg"></x-foo>',
- '<x-foo></x-foo>');
+ testHtml('blocks type extensions', validator, '<div is="x-foo"></div>', '');
- testHtml('blocks type extensions',
- validator,
- '<div is="x-foo"></div>',
- '');
-
- testHtml('blocks tags on non-matching elements',
- validator,
- '<div bar="foo"></div>',
- '<div></div>');
+ testHtml('blocks tags on non-matching elements', validator,
+ '<div bar="foo"></div>', '<div></div>');
});
group('identify Uri attributes listed as attributes', () {
var validator = new NodeValidatorBuilder()
- ..allowElement(
- 'a',
- attributes: ['href']);
+ ..allowElement('a', attributes: ['href']);
- testHtml('reject different-origin link',
- validator,
+ testHtml(
+ 'reject different-origin link',
+ validator,
'<a href="http://www.google.com/foo">Google-Foo</a>',
'<a>Google-Foo</a>');
});
group('allowTagExtension', () {
- var validator = new NodeValidatorBuilder()
- ..allowTagExtension(
- 'x-foo',
- 'div',
- attributes: ['bar'],
- uriAttributes: ['baz'])
+ var validator = new NodeValidatorBuilder()
+ ..allowTagExtension('x-foo', 'div',
+ attributes: ['bar'], uriAttributes: ['baz'])
..allowHtml5();
- testHtml('allows tag extensions',
- validator,
+ testHtml('allows tag extensions', validator,
'<div is="x-foo" bar="something" baz="/foo.jpg"></div>');
- testHtml('blocks custom elements',
- validator,
- '<x-foo></x-foo>',
- '');
+ testHtml('blocks custom elements', validator, '<x-foo></x-foo>', '');
- testHtml('validates tag extension URIs',
+ testHtml(
+ 'validates tag extension URIs',
validator,
'<div is="x-foo" baz="http://example.com/foo.jpg"></div>',
'<div is="x-foo"></div>');
- testHtml('blocks tags on non-matching elements',
- validator,
- '<div bar="foo"></div>',
- '<div></div>');
+ testHtml('blocks tags on non-matching elements', validator,
+ '<div bar="foo"></div>', '<div></div>');
- testHtml('blocks non-matching tags',
- validator,
- '<span is="x-foo">something</span>',
- '');
+ testHtml('blocks non-matching tags', validator,
+ '<span is="x-foo">something</span>', '');
validator = new NodeValidatorBuilder()
- ..allowTagExtension(
- 'x-foo',
- 'div',
- attributes: ['bar'],
- uriAttributes: ['baz'])
- ..allowTagExtension(
- 'x-else',
- 'div');
-
- testHtml('blocks tags on non-matching custom elements',
- validator,
- '<div bar="foo" is="x-else"></div>',
- '<div is="x-else"></div>');
+ ..allowTagExtension('x-foo', 'div',
+ attributes: ['bar'], uriAttributes: ['baz'])
+ ..allowTagExtension('x-else', 'div');
+
+ testHtml('blocks tags on non-matching custom elements', validator,
+ '<div bar="foo" is="x-else"></div>', '<div is="x-else"></div>');
});
group('allowTemplating', () {
@@ -359,22 +273,17 @@ main() {
..allowTemplating()
..allowHtml5();
- testHtml('allows templates',
- validator,
- '<template bind="{{a}}"></template>');
+ testHtml(
+ 'allows templates', validator, '<template bind="{{a}}"></template>');
- testHtml('allows template attributes',
- validator,
+ testHtml('allows template attributes', validator,
'<template bind="{{a}}" ref="foo" repeat="{{}}" if="{{}}" syntax="foo"></template>');
- testHtml('allows template attribute',
- validator,
+ testHtml('allows template attribute', validator,
'<div template repeat="{{}}"></div>');
- testHtml('blocks illegal template attribute',
- validator,
- '<div template="foo" repeat="{{}}"></div>',
- '<div></div>');
+ testHtml('blocks illegal template attribute', validator,
+ '<div template="foo" repeat="{{}}"></div>', '<div></div>');
});
group('allowSvg', () {
@@ -382,81 +291,80 @@ main() {
..allowSvg()
..allowTextElements();
- testHtml('allows basic SVG',
- validator,
- '<svg xmlns="http://www.w3.org/2000/svg'
- 'xmlns:xlink="http://www.w3.org/1999/xlink">'
+ testHtml(
+ 'allows basic SVG',
+ validator,
+ '<svg xmlns="http://www.w3.org/2000/svg'
+ 'xmlns:xlink="http://www.w3.org/1999/xlink">'
'<image xlink:href="foo" data-foo="bar"/>'
- '</svg>');
+ '</svg>');
- testHtml('blocks script elements',
- validator,
- '<svg xmlns="http://www.w3.org/2000/svg>'
+ testHtml(
+ 'blocks script elements',
+ validator,
+ '<svg xmlns="http://www.w3.org/2000/svg>'
'<script></script>'
- '</svg>',
- '');
+ '</svg>',
+ '');
- testHtml('blocks script elements but allows other',
- validator,
- '<svg xmlns="http://www.w3.org/2000/svg>'
+ testHtml(
+ 'blocks script elements but allows other',
+ validator,
+ '<svg xmlns="http://www.w3.org/2000/svg>'
'<script></script><ellipse cx="200" cy="80" rx="100" ry="50"></ellipse>'
- '</svg>',
- '<svg xmlns="http://www.w3.org/2000/svg>'
+ '</svg>',
+ '<svg xmlns="http://www.w3.org/2000/svg>'
'<ellipse cx="200" cy="80" rx="100" ry="50"></ellipse>'
- '</svg>');
+ '</svg>');
- testHtml('blocks script handlers',
- validator,
- '<svg xmlns="http://www.w3.org/2000/svg'
- 'xmlns:xlink="http://www.w3.org/1999/xlink">'
+ testHtml(
+ 'blocks script handlers',
+ validator,
+ '<svg xmlns="http://www.w3.org/2000/svg'
+ 'xmlns:xlink="http://www.w3.org/1999/xlink">'
'<image xlink:href="foo" onerror="something"/>'
- '</svg>',
- '<svg xmlns="http://www.w3.org/2000/svg'
- 'xmlns:xlink="http://www.w3.org/1999/xlink">'
+ '</svg>',
+ '<svg xmlns="http://www.w3.org/2000/svg'
+ 'xmlns:xlink="http://www.w3.org/1999/xlink">'
'<image xlink:href="foo"/>'
- '</svg>');
+ '</svg>');
- testHtml('blocks foreignObject content',
- validator,
- '<svg xmlns="http://www.w3.org/2000/svg">'
+ testHtml(
+ 'blocks foreignObject content',
+ validator,
+ '<svg xmlns="http://www.w3.org/2000/svg">'
'<foreignobject width="100" height="150">'
- '<body xmlns="http://www.w3.org/1999/xhtml">'
- '<div>Some content</div>'
- '</body>'
+ '<body xmlns="http://www.w3.org/1999/xhtml">'
+ '<div>Some content</div>'
+ '</body>'
'</foreignobject>'
'<b>42</b>'
- '</svg>',
- '<svg xmlns="http://www.w3.org/2000/svg">'
+ '</svg>',
+ '<svg xmlns="http://www.w3.org/2000/svg">'
'<b>42</b>'
- '</svg>');
+ '</svg>');
});
group('allowInlineStyles', () {
var validator = new NodeValidatorBuilder()
- ..allowTextElements()
- ..allowInlineStyles();
+ ..allowTextElements()
+ ..allowInlineStyles();
- testHtml('allows inline styles',
- validator,
+ testHtml('allows inline styles', validator,
'<span style="background-color:red">text</span>');
- testHtml('blocks other attributes',
- validator,
- '<span class="red-span"></span>',
- '<span></span>');
+ testHtml('blocks other attributes', validator,
+ '<span class="red-span"></span>', '<span></span>');
validator = new NodeValidatorBuilder()
- ..allowTextElements()
- ..allowInlineStyles(tagName: 'span');
+ ..allowTextElements()
+ ..allowInlineStyles(tagName: 'span');
- testHtml('scoped allows inline styles on spans',
- validator,
+ testHtml('scoped allows inline styles on spans', validator,
'<span style="background-color:red">text</span>');
- testHtml('scoped blocks inline styles on LIs',
- validator,
- '<li style="background-color:red">text</li>',
- '<li>text</li>');
+ testHtml('scoped blocks inline styles on LIs', validator,
+ '<li style="background-color:red">text</li>', '<li>text</li>');
});
group('throws', () {
@@ -478,8 +386,8 @@ main() {
test('throws on invalid attributes', () {
expect(() {
- document.body.createFragment('<div foo="bar"></div>',
- validator: validator);
+ document.body
+ .createFragment('<div foo="bar"></div>', validator: validator);
}, validationError);
});
@@ -493,11 +401,10 @@ main() {
group('svg', () {
test('parsing', () {
- var svgText =
- '<svg xmlns="http://www.w3.org/2000/svg'
- 'xmlns:xlink="http://www.w3.org/1999/xlink">'
+ var svgText = '<svg xmlns="http://www.w3.org/2000/svg'
+ 'xmlns:xlink="http://www.w3.org/1999/xlink">'
'<image xlink:href="foo" data-foo="bar"/>'
- '</svg>';
+ '</svg>';
var fragment = new DocumentFragment.svg(svgText);
var element = fragment.nodes.first as Element;
@@ -509,34 +416,36 @@ main() {
group('dom_clobbering', () {
var validator = new NodeValidatorBuilder.common();
- testHtml('DOM clobbering of attributes with single node',
- validator,
- "<form id='single_node_clobbering' onmouseover='alert(1)'><input name='attributes'>",
- "");
-
- testHtml('DOM clobbering of attributes with multiple nodes',
- validator,
- "<form onmouseover='alert(1)'><input name='attributes'>"
- "<input name='attributes'>",
- "");
-
- testHtml('DOM clobbering of lastChild',
- validator,
- "<form><input name='lastChild'><input onmouseover='alert(1)'>",
- "");
-
- testHtml('DOM clobbering of both children and lastChild',
- validator,
- "<form><input name='lastChild'><input name='children'>"
- "<input id='children'><input onmouseover='alert(1)'>",
- "");
-
- testHtml('DOM clobbering of both children and lastChild, different order',
- validator,
- "<form><input name='children'><input name='children'>"
- "<input id='children' name='lastChild'>"
- "<input id='bad' onmouseover='alert(1)'>",
- "");
+ testHtml(
+ 'DOM clobbering of attributes with single node',
+ validator,
+ "<form id='single_node_clobbering' onmouseover='alert(1)'><input name='attributes'>",
+ "");
+
+ testHtml(
+ 'DOM clobbering of attributes with multiple nodes',
+ validator,
+ "<form onmouseover='alert(1)'><input name='attributes'>"
+ "<input name='attributes'>",
+ "");
+
+ testHtml('DOM clobbering of lastChild', validator,
+ "<form><input name='lastChild'><input onmouseover='alert(1)'>", "");
+
+ testHtml(
+ 'DOM clobbering of both children and lastChild',
+ validator,
+ "<form><input name='lastChild'><input name='children'>"
+ "<input id='children'><input onmouseover='alert(1)'>",
+ "");
+
+ testHtml(
+ 'DOM clobbering of both children and lastChild, different order',
+ validator,
+ "<form><input name='children'><input name='children'>"
+ "<input id='children' name='lastChild'>"
+ "<input id='bad' onmouseover='alert(1)'>",
+ "");
test('tagName makes containing form invalid', () {
var fragment = document.body.createFragment(
@@ -554,9 +463,8 @@ main() {
});
test('tagName without mouseover', () {
- var fragment = document.body.createFragment(
- "<form><input name='tagName'>",
- validator: validator);
+ var fragment = document.body
+ .createFragment("<form><input name='tagName'>", validator: validator);
var form = fragment.lastChild as FormElement;
// If the tagName was clobbered, the sanitizer should have removed
// the whole thing and form is null.

Powered by Google App Engine
This is Rietveld 408576698