From a0499ba024fcdc529da278ee346466a7c4819ec9 Mon Sep 17 00:00:00 2001
From: Francois Lecroart <peernohell@gmail.com>
Date: Wed, 2 Sep 2020 19:58:39 +0200
Subject: [PATCH] Update jsdom to version 16.x.x

replace call of jsdom.env by instance of new jsdom.JSDOM
create dom element to inject jquery script [took from this so answer](https://stackoverflow.com/a/56760403/958898)
---
 package.json                 |  2 +-
 test/bootstrap-test-suite.js | 59 +++++++++++++++---------------
 test/jsdom-node.js           | 69 +++++++++++++++---------------------
 3 files changed, 59 insertions(+), 71 deletions(-)

diff --git a/package.json b/package.json
index 85182533..33df96ed 100644
--- a/package.json
+++ b/package.json
@@ -69,7 +69,7 @@
     "eslint-plugin-prettier": "^3.1.3",
     "he": "^1.2.0",
     "jquery": "^3.5.0",
-    "jsdom": "8.x.x",
+    "jsdom": "16.x.x",
     "karma": "^5.1.0",
     "karma-browserstack-launcher": "^1.5.1",
     "karma-chrome-launcher": "^2.2.0",
diff --git a/test/bootstrap-test-suite.js b/test/bootstrap-test-suite.js
index 5bc89e49..7ede6463 100644
--- a/test/bootstrap-test-suite.js
+++ b/test/bootstrap-test-suite.js
@@ -1,4 +1,6 @@
-module.exports = function (jsdom) {
+const fs = require('fs');
+
+module.exports = function (JSDOM) {
   class StringWrapper {
     constructor(s) {
       this.s = s;
@@ -9,32 +11,31 @@ module.exports = function (jsdom) {
     }
   }
 
-  function loadDOMPurify(assert, head, setup, onload) {
+  function loadDOMPurify(assert, addScriptAttribute, setup, onload) {
     const testDone = assert.async();
-    jsdom.env({
-      html: '<head>' + head + '</head>',
-      features: {
-        FetchExternalResources: ['script'],
-        ProcessExternalResources: ['script'],
-      },
-      created(err, window) {
-        if (setup) {
-          setup(window);
-        }
-      },
-      done(err, window) {
-        assert.ok(window.DOMPurify.sanitize);
-        // Sanity check
-        assert.equal(
-          window.DOMPurify.sanitize('<img src=x onerror=alert(1)>'),
-          '<img src="x">'
-        );
-        if (onload) {
-          onload(window);
-        }
-        testDone();
-      },
-    });
+    const { window } = new JSDOM('<head></head>', { runScripts: "dangerously" });
+    require('jquery')(window);
+    if (setup) {
+      setup(window);
+    }
+
+    const myLibrary = fs.readFileSync('dist/purify.js', { encoding: "utf-8" });
+    const scriptEl = window.document.createElement("script");
+    if (addScriptAttribute) scriptEl.setAttribute('data-tt-policy-suffix', 'suffix');
+
+    scriptEl.textContent = myLibrary;
+    window.document.body.appendChild(scriptEl);
+
+    assert.ok(window.DOMPurify.sanitize);
+    // Sanity check
+    assert.equal(
+      window.DOMPurify.sanitize('<img src=x onerror=alert(1)>'),
+      '<img src="x">'
+    );
+    if (onload) {
+      onload(window);
+    }
+    testDone();
   }
 
   QUnit.test('works in a non-Trusted Type environment', function (assert) {
@@ -42,7 +43,7 @@ module.exports = function (jsdom) {
 
     loadDOMPurify(
       assert,
-      '<script src="dist/purify.js"></script>',
+      false,
       function setup(window) {
         delete window.trustedTypes;
       },
@@ -58,7 +59,7 @@ module.exports = function (jsdom) {
 
     loadDOMPurify(
       assert,
-      '<script src="dist/purify.js"></script>',
+      false,
       function setup(window) {
         window.trustedTypes = {
           createPolicy(name, rules) {
@@ -89,7 +90,7 @@ module.exports = function (jsdom) {
 
       loadDOMPurify(
         assert,
-        '<script data-tt-policy-suffix="suffix" src="dist/purify.js"></script>',
+        true,
         function setup(window) {
           window.trustedTypes = {
             createPolicy(name, rules) {
diff --git a/test/jsdom-node.js b/test/jsdom-node.js
index 594eec88..4e5c40c2 100644
--- a/test/jsdom-node.js
+++ b/test/jsdom-node.js
@@ -5,6 +5,10 @@
 // Test DOMPurify + jsdom using Node.js (version 8 and up)
 const createDOMPurify = require('../dist/purify.cjs');
 const jsdom = require('jsdom');
+const { JSDOM } = jsdom;
+const { window } = new JSDOM(`<html><head></head><body><div id="qunit-fixture"></div></body></html>`, { runScripts: "dangerously" });
+require('jquery')(window);
+
 const sanitizeTestSuite = require('./test-suite');
 const bootstrapTestSuite = require('./bootstrap-test-suite');
 const tests = require('./fixtures/expect');
@@ -19,44 +23,27 @@ QUnit.assert.contains = function (needle, haystack, message) {
 
 QUnit.config.autostart = false;
 
-QUnit.module('DOMPurify - bootstrap', bootstrapTestSuite(jsdom));
-
-jsdom.env({
-  html: `<html><head></head><body><div id="qunit-fixture"></div></body></html>`,
-  scripts: ['node_modules/jquery/dist/jquery.js'],
-  features: {
-    ProcessExternalResources: ['script'], // needed for firing the onload event for about:blank iframes
-  },
-  done(err, window) {
-    QUnit.module('DOMPurify in jsdom');
-    if (err) {
-      console.error(
-        'Unexpected error returned by jsdom.env():',
-        err,
-        err.stack
-      );
-      process.exit(1);
-    }
-
-    if (!window.jQuery) {
-      console.warn('Unable to load jQuery');
-    }
-
-    const DOMPurify = createDOMPurify(window);
-    if (!DOMPurify.isSupported) {
-      console.error(
-        'Unexpected error returned by jsdom.env():',
-        err,
-        err.stack
-      );
-      process.exit(1);
-    }
-
-    window.alert = () => {
-      window.xssed = true;
-    };
-
-    sanitizeTestSuite(DOMPurify, window, tests, xssTests);
-    QUnit.start();
-  },
-});
+QUnit.module('DOMPurify - bootstrap', bootstrapTestSuite(JSDOM));
+
+QUnit.module('DOMPurify in jsdom');
+
+if (!window.jQuery) {
+  console.warn('Unable to load jQuery');
+}
+
+const DOMPurify = createDOMPurify(window);
+if (!DOMPurify.isSupported) {
+  console.error(
+    'Unexpected error returned by jsdom.env():',
+    err,
+    err.stack
+  );
+  process.exit(1);
+}
+
+window.alert = () => {
+  window.xssed = true;
+};
+
+sanitizeTestSuite(DOMPurify, window, tests, xssTests);
+QUnit.start();