Remove the [SecureContext] restriction from Trusted Types.

While it's reasonable to exclude new APIs from non-secure contexts, the ancestry requirements allow attackers to disable restricted APIs from embedded contexts. This is usually excellent, as it means that data won't leak from secure to non-secure contexts. For security features, on the other hand, this gives the attacker some advantage with regard to embedded contexts' mitigtions. This is unfortunate, and this patch removes the restriction to ensure that embedded contexts can continue to mitigate the effect of XSS attack by reverting https://crrev.com/c/2093214 and https://crrev.com/c/2098076. Bug: 1059554 Change-Id: Ib948437310509f1d29cacff1e6c74ab7cbc30d11 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2195965 Commit-Queue: Mike West <mkwst@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#767894}
web-platform-tests · May 12, 2020 · 094353f · 094353f
1 parent 14bbee9
commit 094353f
Show file tree

Hide file tree

Showing 88 changed files with 2 additions and 27 deletions.
diff --git a/lint.ignore b/lint.ignore
@@ -201,8 +201,8 @@ SET TIMEOUT: service-workers/service-worker/resources/resource-timing-worker.js
 SET TIMEOUT: shadow-dom/Document-prototype-currentScript.html
 SET TIMEOUT: shadow-dom/scroll-to-the-fragment-in-shadow-tree.html
 SET TIMEOUT: shadow-dom/slotchange-event.html
-SET TIMEOUT: trusted-types/block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.tentative.https.html
-SET TIMEOUT: trusted-types/DOMWindowTimers-setTimeout-setInterval.tentative.https.html
+SET TIMEOUT: trusted-types/block-string-assignment-to-DOMWindowTimers-setTimeout-setInterval.tentative.html
+SET TIMEOUT: trusted-types/DOMWindowTimers-setTimeout-setInterval.tentative.html
 SET TIMEOUT: user-timing/*
 SET TIMEOUT: web-animations/timing-model/animations/*
 SET TIMEOUT: webaudio/the-audio-api/the-mediaelementaudiosourcenode-interface/mediaElementAudioSourceToScriptProcessorTest.html

diff --git a/...romString-regression.tentative.https.html → ...parseFromString-regression.tentative.html b/...romString-regression.tentative.https.html → ...parseFromString-regression.tentative.html
diff --git a/...rser-parseFromString.tentative.https.html → .../DOMParser-parseFromString.tentative.html b/...rser-parseFromString.tentative.https.html → .../DOMParser-parseFromString.tentative.html
diff --git a/...tTimeout-setInterval.tentative.https.html → ...ers-setTimeout-setInterval.tentative.html b/...tTimeout-setInterval.tentative.https.html → ...ers-setTimeout-setInterval.tentative.html
diff --git a/...types/Document-write.tentative.https.html → trusted-types/Document-write.tentative.html b/...types/Document-write.tentative.https.html → trusted-types/Document-write.tentative.html
diff --git a/...t-insertAdjacentHTML.tentative.https.html → ...Element-insertAdjacentHTML.tentative.html b/...t-insertAdjacentHTML.tentative.https.html → ...Element-insertAdjacentHTML.tentative.html
diff --git a/...t-insertAdjacentText.tentative.https.html → ...Element-insertAdjacentText.tentative.html b/...t-insertAdjacentText.tentative.https.html → ...Element-insertAdjacentText.tentative.html
diff --git a/...es/Element-outerHTML.tentative.https.html → ...ed-types/Element-outerHTML.tentative.html b/...es/Element-outerHTML.tentative.https.html → ...ed-types/Element-outerHTML.tentative.html
diff --git a/...Element-setAttribute.tentative.https.html → ...types/Element-setAttribute.tentative.html b/...Element-setAttribute.tentative.https.html → ...types/Element-setAttribute.tentative.html
diff --git a/...ement-setAttributeNS.tentative.https.html → ...pes/Element-setAttributeNS.tentative.html b/...ement-setAttributeNS.tentative.https.html → ...pes/Element-setAttributeNS.tentative.html
diff --git a/...ventHandlers-onclick.tentative.https.html → ...lobalEventHandlers-onclick.tentative.html b/...ventHandlers-onclick.tentative.https.html → ...lobalEventHandlers-onclick.tentative.html
diff --git a/.../HTMLElement-generic.tentative.https.html → ...-types/HTMLElement-generic.tentative.html b/.../HTMLElement-generic.tentative.https.html → ...-types/HTMLElement-generic.tentative.html
diff --git a/...lement-internal-slot.tentative.https.html → ...criptElement-internal-slot.tentative.html b/...lement-internal-slot.tentative.https.html → ...criptElement-internal-slot.tentative.html
diff --git a/...e-multiple-arguments.tentative.https.html → ...es/Node-multiple-arguments.tentative.html b/...e-multiple-arguments.tentative.https.html → ...es/Node-multiple-arguments.tentative.html
diff --git a/...teContextualFragment.tentative.https.html → ...e-createContextualFragment.tentative.html b/...teContextualFragment.tentative.https.html → ...e-createContextualFragment.tentative.html
diff --git a/...dType-AttributeNodes.tentative.https.html → ...TrustedType-AttributeNodes.tentative.html b/...dType-AttributeNodes.tentative.https.html → ...TrustedType-AttributeNodes.tentative.html
diff --git a/...pePolicy-CSP-no-name.tentative.https.html → ...stedTypePolicy-CSP-no-name.tentative.html b/...pePolicy-CSP-no-name.tentative.https.html → ...stedTypePolicy-CSP-no-name.tentative.html
diff --git a/...ePolicy-CSP-wildcard.tentative.https.html → ...tedTypePolicy-CSP-wildcard.tentative.html b/...ePolicy-CSP-wildcard.tentative.https.html → ...tedTypePolicy-CSP-wildcard.tentative.html
diff --git a/...TypePolicy-createXXX.tentative.https.html → ...rustedTypePolicy-createXXX.tentative.html b/...TypePolicy-createXXX.tentative.https.html → ...rustedTypePolicy-createXXX.tentative.html
diff --git a/...icyFactory-constants.tentative.https.html → ...ypePolicyFactory-constants.tentative.html b/...icyFactory-constants.tentative.https.html → ...ypePolicyFactory-constants.tentative.html
diff --git a/...olicy-createXYZTests.tentative.https.html → ...reatePolicy-createXYZTests.tentative.html b/...olicy-createXYZTests.tentative.https.html → ...reatePolicy-createXYZTests.tentative.html
diff --git a/...spTests-noNamesGiven.tentative.https.html → ...licy-cspTests-noNamesGiven.tentative.html b/...spTests-noNamesGiven.tentative.https.html → ...licy-cspTests-noNamesGiven.tentative.html
diff --git a/...cy-cspTests-wildcard.tentative.https.html → ...tePolicy-cspTests-wildcard.tentative.html b/...cy-cspTests-wildcard.tentative.https.html → ...tePolicy-cspTests-wildcard.tentative.html
diff --git a/...reatePolicy-cspTests.tentative.https.html → ...tory-createPolicy-cspTests.tentative.html b/...reatePolicy-cspTests.tentative.https.html → ...tory-createPolicy-cspTests.tentative.html
diff --git a/...eatePolicy-nameTests.tentative.https.html → ...ory-createPolicy-nameTests.tentative.html b/...eatePolicy-nameTests.tentative.https.html → ...ory-createPolicy-nameTests.tentative.html
diff --git a/...atePolicy-unenforced.tentative.https.html → ...ry-createPolicy-unenforced.tentative.html b/...atePolicy-unenforced.tentative.https.html → ...ry-createPolicy-unenforced.tentative.html
diff --git a/...actory-defaultPolicy.tentative.https.html → ...olicyFactory-defaultPolicy.tentative.html b/...actory-defaultPolicy.tentative.https.html → ...olicyFactory-defaultPolicy.tentative.html
diff --git a/...tory-getPropertyType.tentative.https.html → ...icyFactory-getPropertyType.tentative.html b/...tory-getPropertyType.tentative.https.html → ...icyFactory-getPropertyType.tentative.html
diff --git a/...ePolicyFactory-isXXX.tentative.https.html → ...tedTypePolicyFactory-isXXX.tentative.html b/...ePolicyFactory-isXXX.tentative.https.html → ...tedTypePolicyFactory-isXXX.tentative.html
diff --git a/...licyFactory-metadata.tentative.https.html → ...TypePolicyFactory-metadata.tentative.html b/...licyFactory-metadata.tentative.https.html → ...TypePolicyFactory-metadata.tentative.html
diff --git a/.../Window-TrustedTypes.tentative.https.html → ...-types/Window-TrustedTypes.tentative.html b/.../Window-TrustedTypes.tentative.https.html → ...-types/Window-TrustedTypes.tentative.html
diff --git a/...orkerGlobalScope-importScripts.https.html → ...ypes/WorkerGlobalScope-importScripts.html b/...orkerGlobalScope-importScripts.https.html → ...ypes/WorkerGlobalScope-importScripts.html
diff --git a/...e-multiple-arguments.tentative.https.html → ...ck-Node-multiple-arguments.tentative.html b/...e-multiple-arguments.tentative.https.html → ...ck-Node-multiple-arguments.tentative.html
diff --git a/...rser-parseFromString.tentative.https.html → ...-DOMParser-parseFromString.tentative.html b/...rser-parseFromString.tentative.https.html → ...-DOMParser-parseFromString.tentative.html
diff --git a/...tTimeout-setInterval.tentative.https.html → ...ers-setTimeout-setInterval.tentative.html b/...tTimeout-setInterval.tentative.https.html → ...ers-setTimeout-setInterval.tentative.html
diff --git a/...nt-to-Document-write.tentative.https.html → ...signment-to-Document-write.tentative.html b/...nt-to-Document-write.tentative.https.html → ...signment-to-Document-write.tentative.html
diff --git a/...t-insertAdjacentHTML.tentative.https.html → ...Element-insertAdjacentHTML.tentative.html b/...t-insertAdjacentHTML.tentative.https.html → ...Element-insertAdjacentHTML.tentative.html
diff --git a/...to-Element-outerHTML.tentative.https.html → ...nment-to-Element-outerHTML.tentative.html b/...to-Element-outerHTML.tentative.https.html → ...nment-to-Element-outerHTML.tentative.html
diff --git a/...Element-setAttribute.tentative.https.html → ...nt-to-Element-setAttribute.tentative.html b/...Element-setAttribute.tentative.https.html → ...nt-to-Element-setAttribute.tentative.html
diff --git a/...ement-setAttributeNS.tentative.https.html → ...-to-Element-setAttributeNS.tentative.html b/...ement-setAttributeNS.tentative.https.html → ...-to-Element-setAttributeNS.tentative.html
diff --git a/...-HTMLElement-generic.tentative.https.html → ...ent-to-HTMLElement-generic.tentative.html b/...-HTMLElement-generic.tentative.https.html → ...ent-to-HTMLElement-generic.tentative.html
diff --git a/...teContextualFragment.tentative.https.html → ...e-createContextualFragment.tentative.html b/...teContextualFragment.tentative.https.html → ...e-createContextualFragment.tentative.html
diff --git a/...-into-script-element.tentative.https.html → ...ertion-into-script-element.tentative.html b/...-into-script-element.tentative.https.html → ...ertion-into-script-element.tentative.html
diff --git a/...types/csp-block-eval.tentative.https.html → trusted-types/csp-block-eval.tentative.html b/...types/csp-block-eval.tentative.https.html → trusted-types/csp-block-eval.tentative.html
diff --git a/...y-callback-arguments.tentative.https.html → ...-policy-callback-arguments.tentative.html b/...y-callback-arguments.tentative.https.html → ...-policy-callback-arguments.tentative.html
diff --git a/...t-policy-report-only.tentative.https.html → ...default-policy-report-only.tentative.html b/...t-policy-report-only.tentative.https.html → ...default-policy-report-only.tentative.html
diff --git a/...-report-only.tentative.https.html.headers → ...policy-report-only.tentative.html.headers b/...-report-only.tentative.https.html.headers → ...policy-report-only.tentative.html.headers
diff --git a/...types/default-policy.tentative.https.html → trusted-types/default-policy.tentative.html b/...types/default-policy.tentative.https.html → trusted-types/default-policy.tentative.html
diff --git a/...fault-policy.tentative.https.html.headers → ...pes/default-policy.tentative.html.headers b/...fault-policy.tentative.https.html.headers → ...pes/default-policy.tentative.html.headers
diff --git a/...t-policy-report-only.tentative.https.html → ...default-policy-report-only.tentative.html b/...t-policy-report-only.tentative.https.html → ...default-policy-report-only.tentative.html
diff --git a/...-report-only.tentative.https.html.headers → ...policy-report-only.tentative.html.headers b/...-report-only.tentative.https.html.headers → ...policy-report-only.tentative.html.headers
diff --git a/...empty-default-policy.tentative.https.html → ...types/empty-default-policy.tentative.html b/...empty-default-policy.tentative.https.html → ...types/empty-default-policy.tentative.html
diff --git a/...fault-policy.tentative.https.html.headers → ...pty-default-policy.tentative.html.headers b/...fault-policy.tentative.https.html.headers → ...pty-default-policy.tentative.html.headers
diff --git a/...types/eval-csp-no-tt.tentative.https.html → trusted-types/eval-csp-no-tt.tentative.html b/...types/eval-csp-no-tt.tentative.https.html → trusted-types/eval-csp-no-tt.tentative.html
diff --git a/...sp-tt-default-policy.tentative.https.html → ...eval-csp-tt-default-policy.tentative.html b/...sp-tt-default-policy.tentative.https.html → ...eval-csp-tt-default-policy.tentative.html
diff --git a/...tt-no-default-policy.tentative.https.html → ...l-csp-tt-no-default-policy.tentative.html b/...tt-no-default-policy.tentative.https.html → ...l-csp-tt-no-default-policy.tentative.html
diff --git a/...no-tt-default-policy.tentative.https.html → ...o-csp-no-tt-default-policy.tentative.html b/...no-tt-default-policy.tentative.https.html → ...o-csp-no-tt-default-policy.tentative.html
diff --git a/...es/eval-no-csp-no-tt.tentative.https.html → ...ed-types/eval-no-csp-no-tt.tentative.html b/...es/eval-no-csp-no-tt.tentative.https.html → ...ed-types/eval-no-csp-no-tt.tentative.html
diff --git a/...-with-permissive-csp.tentative.https.html → ...s/eval-with-permissive-csp.tentative.html b/...-with-permissive-csp.tentative.https.html → ...s/eval-with-permissive-csp.tentative.html
diff --git a/...ypes/idlharness.tentative.https.window.js → trusted-types/idlharness.tentative.window.js b/...ypes/idlharness.tentative.https.window.js → trusted-types/idlharness.tentative.window.js
diff --git a/...ypes-for-report-only.tentative.https.html → ...sted-types-for-report-only.tentative.html b/...ypes-for-report-only.tentative.https.html → ...sted-types-for-report-only.tentative.html
diff --git a/...-report-only.tentative.https.html.headers → ...es-for-report-only.tentative.html.headers b/...-report-only.tentative.https.html.headers → ...es-for-report-only.tentative.html.headers
diff --git a/...re-trusted-types-for.tentative.https.html → ...-require-trusted-types-for.tentative.html b/...re-trusted-types-for.tentative.https.html → ...-require-trusted-types-for.tentative.html
diff --git a/trusted-types/nonsecure-require-trusted-types-for.tentative.html b/trusted-types/nonsecure-require-trusted-types-for.tentative.html
diff --git a/trusted-types/nonsecure-require-trusted-types-for.tentative.html.headers b/trusted-types/nonsecure-require-trusted-types-for.tentative.html.headers
diff --git a/...ypes-for-report-only.tentative.https.html → ...sted-types-for-report-only.tentative.html b/...ypes-for-report-only.tentative.https.html → ...sted-types-for-report-only.tentative.html
diff --git a/...-report-only.tentative.https.html.headers → ...es-for-report-only.tentative.html.headers b/...-report-only.tentative.https.html.headers → ...es-for-report-only.tentative.html.headers
diff --git a/...re-trusted-types-for.tentative.https.html → .../require-trusted-types-for.tentative.html b/...re-trusted-types-for.tentative.https.html → .../require-trusted-types-for.tentative.html
diff --git a/...s-createHTMLDocument.tentative.https.html → ...d-types-createHTMLDocument.tentative.html b/...s-createHTMLDocument.tentative.https.html → ...d-types-createHTMLDocument.tentative.html
diff --git a/...mes-list-report-only.tentative.https.html → ...ate-names-list-report-only.tentative.html b/...mes-list-report-only.tentative.https.html → ...ate-names-list-report-only.tentative.html
diff --git a/...-report-only.tentative.https.html.headers → ...s-list-report-only.tentative.html.headers b/...-report-only.tentative.https.html.headers → ...s-list-report-only.tentative.html.headers
diff --git a/...duplicate-names-list.tentative.https.html → ...types-duplicate-names-list.tentative.html b/...duplicate-names-list.tentative.https.html → ...types-duplicate-names-list.tentative.html
diff --git a/...ypes-duplicate-names.tentative.https.html → ...sted-types-duplicate-names.tentative.html b/...ypes-duplicate-names.tentative.https.html → ...sted-types-duplicate-names.tentative.html
diff --git a/...rting-no-unsafe-eval.tentative.https.html → ...l-reporting-no-unsafe-eval.tentative.html b/...rting-no-unsafe-eval.tentative.https.html → ...l-reporting-no-unsafe-eval.tentative.html
diff --git a/...-unsafe-eval.tentative.https.html.headers → ...ing-no-unsafe-eval.tentative.html.headers b/...-unsafe-eval.tentative.https.html.headers → ...ing-no-unsafe-eval.tentative.html.headers
diff --git a/...eporting-report-only.tentative.https.html → ...eval-reporting-report-only.tentative.html b/...eporting-report-only.tentative.https.html → ...eval-reporting-report-only.tentative.html
diff --git a/...-report-only.tentative.https.html.headers → ...orting-report-only.tentative.html.headers b/...-report-only.tentative.https.html.headers → ...orting-report-only.tentative.html.headers
diff --git a/...types-eval-reporting.tentative.https.html → ...usted-types-eval-reporting.tentative.html b/...types-eval-reporting.tentative.https.html → ...usted-types-eval-reporting.tentative.html
diff --git a/...al-reporting.tentative.https.html.headers → ...pes-eval-reporting.tentative.html.headers b/...al-reporting.tentative.https.html.headers → ...pes-eval-reporting.tentative.html.headers
diff --git a/...ted-types-navigation.tentative.https.html → ...s/trusted-types-navigation.tentative.html b/...ted-types-navigation.tentative.https.html → ...s/trusted-types-navigation.tentative.html
diff --git a/...ed-types-report-only.tentative.https.html → .../trusted-types-report-only.tentative.html b/...ed-types-report-only.tentative.https.html → .../trusted-types-report-only.tentative.html
diff --git a/...-report-only.tentative.https.html.headers → ...-types-report-only.tentative.html.headers b/...-report-only.tentative.https.html.headers → ...-types-report-only.tentative.html.headers
diff --git a/...d-types-reporting-check-report.https.html → ...trusted-types-reporting-check-report.html b/...d-types-reporting-check-report.https.html → ...trusted-types-reporting-check-report.html
diff --git a/...rting-check-report.https.html.sub.headers → ...s-reporting-check-report.html.sub.headers b/...rting-check-report.https.html.sub.headers → ...s-reporting-check-report.html.sub.headers
diff --git a/...sted-types-reporting.tentative.https.html → ...es/trusted-types-reporting.tentative.html b/...sted-types-reporting.tentative.https.html → ...es/trusted-types-reporting.tentative.html
diff --git a/...es-reporting.tentative.https.html.headers → ...ed-types-reporting.tentative.html.headers b/...es-reporting.tentative.https.html.headers → ...ed-types-reporting.tentative.html.headers
diff --git a/...ted-types-svg-script.tentative.https.html → ...s/trusted-types-svg-script.tentative.html b/...ted-types-svg-script.tentative.https.html → ...s/trusted-types-svg-script.tentative.html
diff --git a/...-types/tt-block-eval.tentative.https.html → trusted-types/tt-block-eval.tentative.html b/...-types/tt-block-eval.tentative.https.html → trusted-types/tt-block-eval.tentative.html