Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Assert that goog.dom.safe wrappers for setting href and src propertie…
…s from TrustedResourceUrl are correctly invoked on an object of the declared type. Type-correct invocation of these wrappers is not security-critical, because they require the assigned URL to have the strongest possible security contract (TrustedResourceUrl). However, for consistency with wrappers where type-correct usage is security-critical (e.g. setImageSrc not being invoked on a HTMLScriptElement), we ensure correct usage here as well. The constraint is enforced using goog.asserts, i.e. only when assertions are enabled. Furthermore, the assertion accepts values that are not of type Element or Location at all, to permit the use of mock objects in tests. Tested: Global presubmit. RELNOTES[INC]: Assert that goog.dom.safe wrappers for setting href and src properties from TrustedResourceUrl are correctly invoked on an object of the declared type. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=130644937
- Loading branch information
1 parent
a5e6a3b
commit 0c3a918
Showing
2 changed files
with
114 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters