tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

Sanitizer.webidl (2691B)

      1 /* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* This Source Code Form is subject to the terms of the Mozilla Public
      3 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      4 * You can obtain one at http://mozilla.org/MPL/2.0/.
      5 *
      6 * The origin of this IDL file is
      7 * https://wicg.github.io/sanitizer-api/#idl-index
      8 *
      9 * Copyright © 2020 the Contributors to the HTML Sanitizer API Specification,
     10 * published by the Web Platform Incubator Community Group under the W3C Community Contributor License Agreement (CLA).
     11 */
     12 
     13 enum SanitizerPresets { "default" };
     14 dictionary SetHTMLOptions {
     15  (Sanitizer or SanitizerConfig or SanitizerPresets) sanitizer = "default";
     16 };
     17 dictionary SetHTMLUnsafeOptions {
     18  // TODO: = {}; (Using optional to easily detect a missing sanitizer)
     19  [Pref="dom.security.sanitizer.enabled"]
     20  (Sanitizer or SanitizerConfig or SanitizerPresets) sanitizer;
     21 };
     22 
     23 dictionary SanitizerElementNamespace {
     24  required DOMString name;
     25  DOMString? _namespace = "http://www.w3.org/1999/xhtml";
     26 };
     27 
     28 // Used by "elements"
     29 dictionary SanitizerElementNamespaceWithAttributes : SanitizerElementNamespace {
     30  sequence<SanitizerAttribute> attributes;
     31  sequence<SanitizerAttribute> removeAttributes;
     32 };
     33 
     34 typedef (DOMString or SanitizerElementNamespace) SanitizerElement;
     35 typedef (DOMString or SanitizerElementNamespaceWithAttributes) SanitizerElementWithAttributes;
     36 
     37 dictionary SanitizerAttributeNamespace {
     38  required DOMString name;
     39  DOMString? _namespace = null;
     40 };
     41 typedef (DOMString or SanitizerAttributeNamespace) SanitizerAttribute;
     42 
     43 dictionary SanitizerConfig {
     44  sequence<SanitizerElementWithAttributes> elements;
     45  sequence<SanitizerElement> removeElements;
     46  sequence<SanitizerElement> replaceWithChildrenElements;
     47 
     48  sequence<SanitizerAttribute> attributes;
     49  sequence<SanitizerAttribute> removeAttributes;
     50 
     51  boolean comments;
     52  boolean dataAttributes;
     53 };
     54 
     55 [Exposed=Window, Pref="dom.security.sanitizer.enabled"]
     56 interface Sanitizer {
     57  [Throws, UseCounter]
     58  constructor(optional (SanitizerConfig or SanitizerPresets) configuration = "default");
     59 
     60  // Query configuration:
     61  SanitizerConfig get();
     62 
     63  // Modify a Sanitizer’s lists and fields:
     64  boolean allowElement(SanitizerElementWithAttributes element);
     65  boolean removeElement(SanitizerElement element);
     66  boolean replaceElementWithChildren(SanitizerElement element);
     67  boolean allowAttribute(SanitizerAttribute attribute);
     68  boolean removeAttribute(SanitizerAttribute attribute);
     69  boolean setComments(boolean allow);
     70  boolean setDataAttributes(boolean allow);
     71 
     72  // Remove markup that executes script. May modify multiple lists:
     73  boolean removeUnsafe();
     74 };