test_sanitizer_style.js (3978B)
1 const { AppConstants } = ChromeUtils.importESModule( 2 "resource://gre/modules/AppConstants.sys.mjs" 3 ); 4 5 if (AppConstants.platform != "android") { 6 // We load HTML documents, which try to track link state, which requires 7 // the history service, which requires a profile. 8 do_get_profile(); 9 } 10 11 const kTestCases = [ 12 { 13 // bug 1602843 14 data: `@font-face { font-family: 'ab<\\/style><img src onerror=alert(1)>'}`, 15 sanitized: `@font-face { font-family: 'ab<\\/style><img src onerror=alert(1)>'}`, 16 }, 17 { 18 // bug 1680084 19 data: `<!-- 20 /* Font Definitions */ 21 @font-face 22 {font-family:"Cambria Math"; 23 panose-1:2 4 5 3 5 4 6 3 2 4;} 24 @font-face 25 {font-family:"Yu Gothic"; 26 panose-1:2 11 4 0 0 0 0 0 0 0;} 27 @font-face 28 {font-family:"Yu Gothic"; 29 panose-1:2 11 4 0 0 0 0 0 0 0;} 30 /* Style Definitions */ 31 p.MsoNormal, li.MsoNormal, div.MsoNormal 32 {margin:0mm; 33 text-align:justify; 34 text-justify:inter-ideograph; 35 font-size:10.5pt; 36 font-family:"Yu Gothic";} 37 span.17 38 {mso-style-type:personal-compose; 39 font-family:"Yu Gothic"; 40 color:windowtext;} 41 .MsoChpDefault 42 {mso-style-type:export-only; 43 font-family:"Yu Gothic";} 44 /* Page Definitions */ 45 @page WordSection1 46 {size:612.0pt 792.0pt; 47 margin:99.25pt 30.0mm 30.0mm 30.0mm;} 48 div.WordSection1 49 {page:WordSection1} 50 -->`, 51 sanitized: `@font-face 52 {font-family:"Cambria Math"; 53 panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face 54 {font-family:"Yu Gothic"; 55 panose-1:2 11 4 0 0 0 0 0 0 0;}@font-face 56 {font-family:"Yu Gothic"; 57 panose-1:2 11 4 0 0 0 0 0 0 0;}p.MsoNormal, li.MsoNormal, div.MsoNormal 58 {margin:0mm; 59 text-align:justify; 60 text-justify:inter-ideograph; 61 font-size:10.5pt; 62 font-family:"Yu Gothic";}.MsoChpDefault 63 {mso-style-type:export-only; 64 font-family:"Yu Gothic";}div.WordSection1 65 {page:WordSection1}`, 66 }, 67 ]; 68 69 const kConditionalCSSTestCases = [ 70 { 71 data: `#foo { display: none } @media (min-width: 300px) { #bar { display: none } }`, 72 sanitized: `#foo { display: none }`, 73 }, 74 { 75 data: `@media (min-width: 300px) { #bar { display: none } }`, 76 sanitized: ``, 77 }, 78 ]; 79 80 function run_test() { 81 if (AppConstants.platform != "android") { 82 // xpcshell tests are weird. They fake shutdown after the test finishes. This upsets this test 83 // because it will try to create the history service to check for visited state on the links 84 // we're parsing. 85 // Creating the history service midway through shutdown breaks. 86 // We can't catch this in the history component because we're not *actually* shutting down, 87 // and so the app startup's service's `shuttingDown` bool is false, even though normally that 88 // is set to true *before* profile-change-teardown notifications are fired. 89 // To work around this, just force the history service to be created earlier: 90 91 let { PlacesUtils } = ChromeUtils.importESModule( 92 "resource://gre/modules/PlacesUtils.sys.mjs" 93 ); 94 Assert.lessOrEqual( 95 PlacesUtils.history.databaseStatus, 96 1, 97 "ensure places database is successfully initialized." 98 ); 99 } 100 101 var ParserUtils = Cc["@mozilla.org/parserutils;1"].getService( 102 Ci.nsIParserUtils 103 ); 104 var sanitizeFlags = 105 ParserUtils.SanitizerDropForms | 106 ParserUtils.SanitizerDropNonCSSPresentation | 107 ParserUtils.SanitizerAllowStyle; 108 109 for (let { data, sanitized } of kTestCases) { 110 let out = ParserUtils.sanitize(`<style>${data}</style>`, sanitizeFlags); 111 info(out); 112 Assert.equal( 113 `<html><head><style>${sanitized}</style></head><body></body></html>`, 114 out 115 ); 116 } 117 118 for (let { data, sanitized } of kConditionalCSSTestCases) { 119 let out = ParserUtils.removeConditionalCSS(`<style>${data}</style>`); 120 info(out); 121 Assert.equal( 122 `<html><head><style>${sanitized}</style></head><body></body></html>`, 123 out 124 ); 125 } 126 }