mirror of
https://github.com/dart-lang/sdk
synced 2024-10-04 17:04:56 +00:00
[dart:html] Update Trusted Types APIs
Closes b/195948578 Modifies Trusted Types APIs to be compliant with the spec in https://w3c.github.io/webappsec-trusted-types/dist/spec/. Change-Id: I65d52ace12342ce777ab596a9dd2e9a3f74b2f05 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/212270 Commit-Queue: Srujan Gaddam <srujzs@google.com> Reviewed-by: Riley Porter <rileyporter@google.com>
This commit is contained in:
parent
b3cb952a69
commit
bda31c2c13
14
CHANGELOG.md
14
CHANGELOG.md
|
@ -78,6 +78,20 @@
|
|||
- The experimental `waitFor` functionality, and the library containing only that
|
||||
function, are now deprecated.
|
||||
|
||||
#### `dart:html`
|
||||
|
||||
- **Breaking Change**: Trusted Types APIs have been updated to comply to the
|
||||
latest [W3C spec]. This includes adding `TrustedScript`, `TrustedScriptURL`,
|
||||
`TrustedTypePolicy`, and `TrustedTypePolicyFactory`, as well as modifying the
|
||||
methods within the types, like removing the now deprecated `escape` and
|
||||
and `unsafelyCreate` methods. These deprecated methods are already unsupported
|
||||
on most modern browsers, so this would simply make them static failures now.
|
||||
Users of the old API are encouraged to use the `TrustedTypePolicy` to create
|
||||
Trusted Types. Please see the [MDN Web Docs] for examples.
|
||||
|
||||
[W3C spec]: https://w3c.github.io/webappsec-trusted-types/dist/spec/
|
||||
[MDN Web Docs]: https://developer.mozilla.org/en-US/docs/Web/API/Trusted_Types_API#interfaces
|
||||
|
||||
### Tools
|
||||
|
||||
#### Dart command line
|
||||
|
|
|
@ -3285,6 +3285,45 @@ class Coordinates extends Interceptor {
|
|||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
// BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
// WARNING: Do not edit - generated code.
|
||||
|
||||
typedef void CreateHtmlCallback(String input,
|
||||
[Object? arg1,
|
||||
Object? arg2,
|
||||
Object? arg3,
|
||||
Object? arg4,
|
||||
Object? arg5,
|
||||
Object? arg6]);
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
// BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
// WARNING: Do not edit - generated code.
|
||||
|
||||
typedef void CreateScriptCallback(String input,
|
||||
[Object? arg1,
|
||||
Object? arg2,
|
||||
Object? arg3,
|
||||
Object? arg4,
|
||||
Object? arg5,
|
||||
Object? arg6]);
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
// BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
// WARNING: Do not edit - generated code.
|
||||
|
||||
typedef void CreateScriptUrlCallback(String input,
|
||||
[Object? arg1,
|
||||
Object? arg2,
|
||||
Object? arg3,
|
||||
Object? arg4,
|
||||
Object? arg5,
|
||||
Object? arg6]);
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
// BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
@Native("Credential")
|
||||
class Credential extends Interceptor {
|
||||
// To suppress missing implicit constructor warnings.
|
||||
|
@ -30691,9 +30730,26 @@ class TrustedHtml extends Interceptor {
|
|||
throw new UnsupportedError("Not supported");
|
||||
}
|
||||
|
||||
static TrustedHtml escape(String html) native;
|
||||
@JSName('toJSON')
|
||||
String toJson() native;
|
||||
|
||||
static TrustedHtml unsafelyCreate(String html) native;
|
||||
String toString() native;
|
||||
}
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
// BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
@Native("TrustedScript")
|
||||
class TrustedScript extends Interceptor {
|
||||
// To suppress missing implicit constructor warnings.
|
||||
factory TrustedScript._() {
|
||||
throw new UnsupportedError("Not supported");
|
||||
}
|
||||
|
||||
@JSName('toJSON')
|
||||
String toJson() native;
|
||||
|
||||
String toString() native;
|
||||
}
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
|
@ -30706,7 +30762,94 @@ class TrustedScriptUrl extends Interceptor {
|
|||
throw new UnsupportedError("Not supported");
|
||||
}
|
||||
|
||||
static TrustedScriptUrl unsafelyCreate(String url) native;
|
||||
@JSName('toJSON')
|
||||
String toJson() native;
|
||||
|
||||
String toString() native;
|
||||
}
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
// BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
@Native("TrustedTypePolicy")
|
||||
class TrustedTypePolicy extends Interceptor {
|
||||
// To suppress missing implicit constructor warnings.
|
||||
factory TrustedTypePolicy._() {
|
||||
throw new UnsupportedError("Not supported");
|
||||
}
|
||||
|
||||
String? get name native;
|
||||
|
||||
@JSName('createHTML')
|
||||
TrustedHtml createHtml(String input,
|
||||
[Object? arg1,
|
||||
Object? arg2,
|
||||
Object? arg3,
|
||||
Object? arg4,
|
||||
Object? arg5,
|
||||
Object? arg6]) native;
|
||||
|
||||
TrustedScript createScript(String input,
|
||||
[Object? arg1,
|
||||
Object? arg2,
|
||||
Object? arg3,
|
||||
Object? arg4,
|
||||
Object? arg5,
|
||||
Object? arg6]) native;
|
||||
|
||||
@JSName('createScriptURL')
|
||||
TrustedScriptUrl createScriptUrl(String input,
|
||||
[Object? arg1,
|
||||
Object? arg2,
|
||||
Object? arg3,
|
||||
Object? arg4,
|
||||
Object? arg5,
|
||||
Object? arg6]) native;
|
||||
}
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
// BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
@Native("TrustedTypePolicyFactory")
|
||||
class TrustedTypePolicyFactory extends Interceptor {
|
||||
// To suppress missing implicit constructor warnings.
|
||||
factory TrustedTypePolicyFactory._() {
|
||||
throw new UnsupportedError("Not supported");
|
||||
}
|
||||
|
||||
TrustedTypePolicy? get defaultPolicy native;
|
||||
|
||||
@JSName('emptyHTML')
|
||||
TrustedHtml? get emptyHtml native;
|
||||
|
||||
TrustedScript? get emptyScript native;
|
||||
|
||||
TrustedTypePolicy createPolicy(String policyName, [Map? policyOptions]) {
|
||||
if (policyOptions != null) {
|
||||
var policyOptions_1 = convertDartToNative_Dictionary(policyOptions);
|
||||
return _createPolicy_1(policyName, policyOptions_1);
|
||||
}
|
||||
return _createPolicy_2(policyName);
|
||||
}
|
||||
|
||||
@JSName('createPolicy')
|
||||
TrustedTypePolicy _createPolicy_1(policyName, policyOptions) native;
|
||||
@JSName('createPolicy')
|
||||
TrustedTypePolicy _createPolicy_2(policyName) native;
|
||||
|
||||
String? getAttributeType(String tagName, String attribute,
|
||||
[String? elementNs, String? attrNs]) native;
|
||||
|
||||
String? getPropertyType(String tagName, String property, [String? elementNs])
|
||||
native;
|
||||
|
||||
@JSName('isHTML')
|
||||
bool isHtml(Object value) native;
|
||||
|
||||
bool isScript(Object value) native;
|
||||
|
||||
@JSName('isScriptURL')
|
||||
bool isScriptUrl(Object value) native;
|
||||
}
|
||||
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
|
||||
// for details. All rights reserved. Use of this source code is governed by a
|
||||
|
@ -32839,6 +32982,8 @@ class Window extends EventTarget
|
|||
@Returns('Window|=Object')
|
||||
dynamic get _get_top native;
|
||||
|
||||
TrustedTypePolicyFactory? get trustedTypes native;
|
||||
|
||||
VisualViewport? get visualViewport native;
|
||||
|
||||
/**
|
||||
|
|
|
@ -5133,6 +5133,18 @@
|
|||
},
|
||||
"support_level": "deprecated"
|
||||
},
|
||||
"CreateHTMLCallback": {
|
||||
"members": {},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"CreateScriptCallback": {
|
||||
"members": {},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"CreateScriptURLCallback": {
|
||||
"members": {},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"Credential": {
|
||||
"members": {
|
||||
"avatarURL": {
|
||||
|
@ -22486,20 +22498,92 @@
|
|||
"escape": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"toJSON": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"toString": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"unsafelyCreate": {
|
||||
"support_level": "untriaged"
|
||||
}
|
||||
},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"TrustedScript": {
|
||||
"members": {
|
||||
"toJSON": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"toString": {
|
||||
"support_level": "untriaged"
|
||||
}
|
||||
},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"TrustedScriptURL": {
|
||||
"members": {
|
||||
"toJSON": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"toString": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"unsafelyCreate": {
|
||||
"support_level": "untriaged"
|
||||
}
|
||||
},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"TrustedTypePolicy": {
|
||||
"members": {
|
||||
"createHTML": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"createScript": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"createScriptURL": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"name": {
|
||||
"support_level": "untriaged"
|
||||
}
|
||||
},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"TrustedTypePolicyFactory": {
|
||||
"members": {
|
||||
"createPolicy": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"defaultPolicy": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"emptyHTML": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"emptyScript": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"getAttributeType": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"getPropertyType": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"isHTML": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"isScript": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"isScriptURL": {
|
||||
"support_level": "untriaged"
|
||||
}
|
||||
},
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"TrustedURL": {
|
||||
"members": {
|
||||
"create": {
|
||||
|
@ -30731,6 +30815,9 @@
|
|||
"toString": {},
|
||||
"toolbar": {},
|
||||
"top": {},
|
||||
"trustedTypes": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
"visualViewport": {
|
||||
"support_level": "untriaged"
|
||||
},
|
||||
|
|
|
@ -425,6 +425,8 @@ interface Window : EventTarget {
|
|||
|
||||
[RuntimeEnabled=VisualViewportAPI, Replaceable, SameObject, DartSuppress] readonly attribute VisualViewport visualViewport;
|
||||
[RuntimeEnabled=VisualViewportAPI, Replaceable, SameObject] readonly attribute VisualViewport? visualViewport;
|
||||
|
||||
readonly attribute TrustedTypePolicyFactory trustedTypes;
|
||||
};
|
||||
|
||||
[DartSupplemental]
|
||||
|
@ -652,3 +654,109 @@ interface NoncedElement {
|
|||
// PositionCallback can be used on a deprecated Position object,
|
||||
// a GeolocationPosition object, or a Firefox-specific object.
|
||||
callback PositionCallback = void(object position);
|
||||
|
||||
interface TrustedHTML {
|
||||
DOMString toString();
|
||||
DOMString toJSON();
|
||||
|
||||
// Deprecated methods.
|
||||
[DartSuppress] static TrustedHTML escape(DOMString html);
|
||||
[DartSuppress] static TrustedHTML unsafelyCreate(DOMString html);
|
||||
};
|
||||
|
||||
interface TrustedScript {
|
||||
DOMString toString();
|
||||
DOMString toJSON();
|
||||
};
|
||||
|
||||
interface TrustedScriptURL {
|
||||
USVString toString();
|
||||
USVString toJSON();
|
||||
|
||||
// Deprecated methods.
|
||||
[DartSuppress] static TrustedScriptURL unsafelyCreate(DOMString url);
|
||||
};
|
||||
|
||||
[Exposed=(Window,Worker)]
|
||||
interface TrustedTypePolicyFactory {
|
||||
TrustedTypePolicy createPolicy(
|
||||
DOMString policyName, optional TrustedTypePolicyOptions policyOptions);
|
||||
boolean isHTML(any value);
|
||||
boolean isScript(any value);
|
||||
boolean isScriptURL(any value);
|
||||
readonly attribute TrustedHTML emptyHTML;
|
||||
readonly attribute TrustedScript emptyScript;
|
||||
DOMString? getAttributeType(
|
||||
DOMString tagName,
|
||||
DOMString attribute,
|
||||
optional DOMString elementNs = "",
|
||||
optional DOMString attrNs = "");
|
||||
DOMString? getPropertyType(
|
||||
DOMString tagName,
|
||||
DOMString property,
|
||||
optional DOMString elementNs = "");
|
||||
readonly attribute TrustedTypePolicy? defaultPolicy;
|
||||
};
|
||||
|
||||
dictionary TrustedTypePolicyOptions {
|
||||
CreateHTMLCallback? createHTML;
|
||||
CreateScriptCallback? createScript;
|
||||
CreateScriptURLCallback? createScriptURL;
|
||||
};
|
||||
|
||||
interface TrustedTypePolicy {
|
||||
readonly attribute DOMString name;
|
||||
// Dart doesn't support variadic arguments, so support up to 6 args.
|
||||
// The alternative would be to use a list, which supports an arbitrary amount
|
||||
// of args, but only works if the callback this policy was instantiated with
|
||||
// accepts a list instead of a number of args.
|
||||
TrustedHTML createHTML(
|
||||
DOMString input,
|
||||
optional any arg1,
|
||||
optional any arg2,
|
||||
optional any arg3,
|
||||
optional any arg4,
|
||||
optional any arg5,
|
||||
optional any arg6);
|
||||
TrustedScript createScript(
|
||||
DOMString input,
|
||||
optional any arg1,
|
||||
optional any arg2,
|
||||
optional any arg3,
|
||||
optional any arg4,
|
||||
optional any arg5,
|
||||
optional any arg6);
|
||||
TrustedScriptURL createScriptURL(
|
||||
DOMString input,
|
||||
optional any arg1,
|
||||
optional any arg2,
|
||||
optional any arg3,
|
||||
optional any arg4,
|
||||
optional any arg5,
|
||||
optional any arg6);
|
||||
};
|
||||
|
||||
callback CreateHTMLCallback = DOMString (
|
||||
DOMString input,
|
||||
optional any arg1,
|
||||
optional any arg2,
|
||||
optional any arg3,
|
||||
optional any arg4,
|
||||
optional any arg5,
|
||||
optional any arg6);
|
||||
callback CreateScriptCallback = DOMString (
|
||||
DOMString input,
|
||||
optional any arg1,
|
||||
optional any arg2,
|
||||
optional any arg3,
|
||||
optional any arg4,
|
||||
optional any arg5,
|
||||
optional any arg6);
|
||||
callback CreateScriptURLCallback = USVString (
|
||||
DOMString input,
|
||||
optional any arg1,
|
||||
optional any arg2,
|
||||
optional any arg3,
|
||||
optional any arg4,
|
||||
optional any arg5,
|
||||
optional any arg6);
|
||||
|
|
Loading…
Reference in a new issue