From a1e1d1b8b61948bce3be39e7e748dbbfd4c3c0c1 Mon Sep 17 00:00:00 2001 From: Guillaume Weghsteen Date: Wed, 18 Dec 2024 01:15:57 -0800 Subject: [PATCH] No public description PiperOrigin-RevId: 707444715 --- VERSION | 1 + fixup.sh | 16 +- integration_tests/basic_import/package.json | 3 - integration_tests/jest/package.json | 1 - package.json | 2 +- .../html_sanitizer/html_sanitizer_test.ts | 49 +- test/testing/testvectors/html_test_vectors.ts | 24485 ---------------- 7 files changed, 51 insertions(+), 24506 deletions(-) create mode 100644 VERSION delete mode 100644 test/testing/testvectors/html_test_vectors.ts diff --git a/VERSION b/VERSION new file mode 100644 index 00000000..afaf360d --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +1.0.0 \ No newline at end of file diff --git a/fixup.sh b/fixup.sh index 8299d8c5..b370311b 100755 --- a/fixup.sh +++ b/fixup.sh @@ -1,13 +1,17 @@ #!/bin/bash # Adds package.json files to cjs/mjs subtrees -echo '{ - "type": "commonjs" -}' > dist/cjs/package.json +VERSION=$(cat VERSION) -echo '{ - "type": "module" -}' > dist/mjs/package.json +echo "{ + \"type\": \"commonjs\", + \"version\": \"${VERSION}\" +}" > dist/cjs/package.json + +echo "{ + \"type\": \"module\", + \"version\": \"${VERSION}\" +}" > dist/mjs/package.json rm -rf dist/mjs/test mv dist/mjs/src/* dist/mjs diff --git a/integration_tests/basic_import/package.json b/integration_tests/basic_import/package.json index 7f1181db..b02845c8 100644 --- a/integration_tests/basic_import/package.json +++ b/integration_tests/basic_import/package.json @@ -29,8 +29,5 @@ "karma-typescript": "^5.2.0", "typescript": "^4.1.2", "karma-typescript-es6-transform": "*" - }, - "dependencies": { - "safevalues": "^0.3.1" } } diff --git a/integration_tests/jest/package.json b/integration_tests/jest/package.json index 0ce962a6..4c3eda38 100644 --- a/integration_tests/jest/package.json +++ b/integration_tests/jest/package.json @@ -27,7 +27,6 @@ "@types/jest": "^27.0.0", "babel-jest": "^27.0.6", "jest": "^27.0.0", - "safevalues": "^0.3.1", "ts-jest": "^27.0.0", "typescript": "^3.9.10" } diff --git a/package.json b/package.json index a4bac441..09732498 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "safevalues", - "version": "1.0.0-rc.1", + "version": "1.0.0", "description": "Safe builders for Trusted Types values", "repository": "https://github.com/google/safevalues", "author": "ISE Web Hardening Team", diff --git a/test/builders/html_sanitizer/html_sanitizer_test.ts b/test/builders/html_sanitizer/html_sanitizer_test.ts index b6ca4254..4fd66597 100644 --- a/test/builders/html_sanitizer/html_sanitizer_test.ts +++ b/test/builders/html_sanitizer/html_sanitizer_test.ts @@ -5,7 +5,6 @@ */ import {secretToken} from '../../../src/internals/secrets'; -import {HTML_TEST_VECTORS} from '../../testing/testvectors/html_test_vectors'; import { CssSanitizationFn, @@ -51,16 +50,46 @@ function sanitizeAssertUnchanged(table: SanitizerTable, html: string): string { .toString(); } -describe('HtmlSanitizer', () => { - describe('using test vectors', () => { - for (const v of HTML_TEST_VECTORS) { - it(`passes testVector[${v.name}]`, () => { - const sanitized = sanitizeHtml(v.input).toString(); - expect(v.acceptable).toContain(sanitized); - }); - } - }); +describe('sanitizeHtml', () => { + interface TestCase { + html: string; + expected: string; + } + const testCases: TestCase[] = [ + { + html: '', + expected: '', + }, + { + html: 'abcd', + expected: 'abcd', + }, + { + html: 'abcd', + expected: 'abcd', + }, + { + html: '', + expected: '', + }, + { + html: '', + expected: '', + }, + { + html: '', + expected: '', + }, + ]; + for (const testCase of testCases) { + it(`sanitizes ${JSON.stringify(testCase.html)} correctly`, () => { + const sanitized = sanitizeHtml(testCase.html).toString(); + expect(sanitized).toEqual(testCase.expected); + }); + } +}); +describe('HtmlSanitizer', () => { it('drops unknown elements', () => { const emptyTable = new SanitizerTable( new Set(), diff --git a/test/testing/testvectors/html_test_vectors.ts b/test/testing/testvectors/html_test_vectors.ts deleted file mode 100644 index 76c6e633..00000000 --- a/test/testing/testvectors/html_test_vectors.ts +++ /dev/null @@ -1,24485 +0,0 @@ -/** - * @license - * Copyright Google LLC - * SPDX-License-Identifier: Apache-2.0 - */ - -interface TestVector { - readonly input: string; - readonly acceptable: string[]; - readonly name: string; -} - -/** - * AUTOGENERATED. DO NOT EDIT. - * Test vectors for HTML sanitizer. - */ -export const HTML_TEST_VECTORS: TestVector[] = [ - { - input: 'foo', - acceptable: [ - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - ], - name: 'a', - }, - { - input: 'foo', - acceptable: [ - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - ], - name: 'a_quot', - }, - { - input: 'foo', - acceptable: [ - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - 'foo', - ], - name: 'a_tab', - }, - {input: "", acceptable: [''], name: 'body_onload'}, - { - input: '
', - acceptable: ['', '
', '
'], - name: 'clobbering_children', - }, - { - input: '
', - acceptable: ['', '
', '
'], - name: 'clobbering_firstchild', - }, - { - input: '
', - acceptable: ['', '
', '
'], - name: 'clobbering_proto', - }, - { - input: '
', - acceptable: ['', '
'], - name: 'clobbering_tagname', - }, - { - input: '
', - acceptable: [ - '', - '
', - '
', - '
', - '
', - '
', - ], - name: 'details', - }, - { - input: '', '', '', '', - acceptable: [ - '', - '', - '', - '', - '', - '', - '', - ], - name: 'contract_iframe_action', - }, - { - input: '', - '
', - '', - '', - '', - '', - ], - name: 'contract_iframe_method', - }, - { - input: '', - '
', - '', - '', - '', - '', - ], - name: 'contract_iframe_formaction', - }, - { - input: '', - '
', - '', - '', - '', - '', - ], - name: 'contract_iframe_formmethod', - }, - { - input: '', - '
', - '', - '', - '', - '', - ], - name: 'contract_iframe_pattern', - }, - { - input: '', - '
', - '', - '', - '', - '', - ], - name: 'contract_iframe_readonly', - }, - { - input: '', - '
', - '', - '', - '', - '', - ], - name: 'contract_iframe_accept', - }, - { - input: '', - '
', - '', - '', - '', - '', - ], - name: 'contract_iframe_defer', - }, - { - input: '', - acceptable: ['', '', ''], - name: 'contract_embed_plain', - }, - { - input: '', - acceptable: ['', '', ''], - name: 'contract_embed_scriptinside', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_srcdoc', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_action', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_method', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_formaction', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_formmethod', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_pattern', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_readonly', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_accept', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_embed_defer', - }, - { - input: '', - acceptable: ['', '', ''], - name: 'contract_object_plain', - }, - { - input: '', - acceptable: ['', '', ''], - name: 'contract_object_scriptinside', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_srcdoc', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_action', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_method', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_formaction', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_formmethod', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_pattern', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_readonly', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_accept', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_object_defer', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '', - '', - '
', - '', - '', - '', - ], - name: 'contract_param_plain', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '', - '', - '
', - '', - '', - '', - '
', - ], - name: 'contract_param_scriptinside', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_srcdoc', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_action', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_method', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_formaction', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_formmethod', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_pattern', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_readonly', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_accept', - }, - { - input: '', - acceptable: [ - '', - '', - '', - '', - '
', - '
', - '', - '', - '', - '', - '', - ], - name: 'contract_param_defer', - }, - { - input: '', - acceptable: [ - '