[Trusted Types] Remove TrustedURL.

The current Trusted Types spec no longer supports TrustedURL. This CL adapts
to the spec.

Bug: 1002555
Change-Id: I35c6d8a257046558f155b9f38289457b14dcb1d2

interfaces/trusted-types.tentative.idl

@@ -3,7 +3,6 @@
 typedef (DOMString or TrustedHTML) HTMLString;
 typedef (DOMString or TrustedScript) ScriptString;
 typedef (DOMString or TrustedScriptURL) ScriptURLString;
-typedef (USVString or TrustedURL) URLString;
 
 [Exposed=(Window, Worker)]
 interface TrustedHTML {
@@ -20,11 +19,6 @@ interface TrustedScriptURL {
     stringifier;
 };
 
-[Exposed=(Window, Worker)]
-interface TrustedURL {
-    stringifier;
-};
-
 [Exposed=(Window, Worker)]
 interface TrustedTypePolicyFactory {
     [Unforgeable] TrustedTypePolicy createPolicy(DOMString policyName, TrustedTypePolicyOptions policyOptions);
@@ -38,14 +32,12 @@ interface TrustedTypePolicy {
     [Unforgeable] TrustedHTML createHTML(DOMString input);
     [Unforgeable] TrustedScript createScript(DOMString input);
     [Unforgeable] TrustedScriptURL createScriptURL(DOMString input);
-    [Unforgeable] TrustedURL createURL(DOMString input);
 };
 
 dictionary TrustedTypePolicyOptions {
    CreateHTMLCallback createHTML;
    CreateScriptCallback createScript;
    CreateURLCallback createScriptURL;
-   CreateURLCallback createURL;
 };
 
 callback CreateHTMLCallback = DOMString (DOMString input);

trusted-types/Element-setAttribute.tentative.html

@@ -6,29 +6,6 @@
 </head>
 <body>
 <script>
-  // TrustedURL Assignments
-  let testCases = [
-    [ 'a', 'href' ],
-    [ 'area', 'href' ],
-    [ 'base', 'href' ],
-    [ 'frame', 'src' ],
-    [ 'iframe', 'src' ],
-    [ 'img', 'src' ],
-    [ 'input', 'src' ],
-    [ 'link', 'href' ],
-    [ 'video', 'src' ],
-    [ 'object', 'data' ],
-    [ 'object', 'codeBase' ],
-    [ 'source', 'src' ],
-    [ 'track', 'src' ]
-  ];
-
-  testCases.forEach(c => {
-    test(t => {
-      assert_element_accepts_trusted_url_explicit_set(window, c, t, c[0], c[1], RESULTS.URL);
-    }, c[0] + "." + c[1] + " assigned via policy (successful URL transformation)");
-  });
-
   // TrustedScriptURL Assignments
   let scriptTestCases = [
     [ 'embed', 'src' ],
@@ -54,8 +31,8 @@
 
   // Other attributes can be assigned with TrustedTypes or strings or null values
   test(t => {
-    assert_element_accepts_trusted_url_explicit_set(window, 'arel', t, 'a', 'rel', RESULTS.URL);
-  }, "a.rel assigned via policy (successful URL transformation)");
+    assert_element_accepts_trusted_script_url_explicit_set(window, 'scriptsrc1', t, 'script', 'src', RESULTS.SCRIPTURL);
+  }, "script.src assigned via policy (successful script transformation)");
 
   test(t => {
     assert_element_accepts_non_trusted_type_explicit_set('a', 'rel', 'A string', 'A string');

trusted-types/Element-setAttributeNS.tentative.html

@@ -18,10 +18,8 @@
       assert_element_accepts_trusted_script_url_set_ns(window, '2', t, 'a', 'b', RESULTS.SCRIPTURL);
     }, "Element.setAttributeNS assigned via policy (successful ScriptURL transformation)");
 
-    test(t => {
-      assert_element_accepts_trusted_url_set_ns(window, '3', t, 'a', 'b', RESULTS.URL);
-    }, "Element.setAttributeNS assigned via policy (successful URL transformation)");
-
+// TODO: Is there any non-URL, namespaced accessor left?
+/*
     test(t => {
       let p = createURL_policy(window, '5');
       let url = p.createURL(INPUTS.URL);
@@ -31,5 +29,6 @@
       let attr_node = elem.getAttributeNodeNS("http://www.w3.org/1999/xlink", "href");
       assert_equals(attr_node.value + "", RESULTS.URL);
     }, "Element.setAttributeNS accepts a URL on <svg:image xlink:href/>");
+*/
 
 </script>

trusted-types/HTMLElement-generic.tentative.html

@@ -7,28 +7,6 @@
 <body>
 <script>
   var testnb = 0;
-  // TrustedURL Assignments
-  const URLTestCases = [
-    [ 'a', 'href' ],
-    [ 'area', 'href' ],
-    [ 'base', 'href' ],
-    [ 'frame', 'src' ],
-    [ 'iframe', 'src' ],
-    [ 'img', 'src' ],
-    [ 'input', 'src' ],
-    [ 'link', 'href' ],
-    [ 'video', 'src' ],
-    [ 'object', 'data' ],
-    [ 'object', 'codeBase' ],
-    [ 'source', 'src' ],
-    [ 'track', 'src' ]
-  ];
-
-  URLTestCases.forEach(c => {
-    test(t => {
-      assert_element_accepts_trusted_url(window, ++testnb, t, c[0], c[1], RESULTS.URL);
-    }, c[0] + "." + c[1] + " assigned via policy (successful URL transformation)");
-  });
 
   // TrustedScriptURL Assignments
   const scriptURLTestCases = [

trusted-types/TrustedTypePolicy-createXXX.tentative.html

@@ -12,10 +12,8 @@
       createScript: s => s
     });
     assert_throws(new TypeError(), _ => { p1.createScriptURL("foo"); });
-    assert_throws(new TypeError(), _ => { p1.createURL("foo"); });
 
     const p2 = trustedTypes.createPolicy("policyURLAndScriptURL", {
-      createURL: s => s,
       createScriptURL: s => s
     });
     assert_throws(new TypeError(), _ => { p2.createHTML("foo"); });
@@ -26,23 +24,18 @@
     const noopPolicy = {
       createHTML: (s) => s,
       createScriptURL: (s) => s,
-      createURL: (s) => s,
       createScript: (s) => s,
     };
     policy = trustedTypes.createPolicy(Math.random(), noopPolicy, true);
     let el = document.createElement("div");
 
-    el.title = policy.createHTML(INPUTS.URL);
-    assert_equals(el.title, INPUTS.URL);
-
-    el.title = policy.createURL(INPUTS.HTML);
-    assert_equals(el.title, INPUTS.HTML);
+    el.title = policy.createHTML(INPUTS.SCRIPTURL);
+    assert_equals(el.title, INPUTS.SCRIPTURL);
   }, "Attributes without type constraints will work as before.");
 
   test(t => {
     const policy = trustedTypes.createPolicy("nullpolicy", null);
     assert_throws(new TypeError(), _ => { policy.createScriptURL("foo"); });
-    assert_throws(new TypeError(), _ => { policy.createURL("foo"); });
     assert_throws(new TypeError(), _ => { policy.createHTML("foo"); });
     assert_throws(new TypeError(), _ => { policy.createScript("foo"); });
   }, "trustedTypes.createPolicy(.., null) creates empty policy.");
@@ -95,7 +88,6 @@
   const testCases = [
     [TrustedHTML, "createHTML", "whatever", stringTestCases],
     [TrustedScript, "createScript", "whatever", stringTestCases],
-    [TrustedURL, "createURL", INPUTS.SCRIPTURL, urlTestCases],
     [TrustedScriptURL, "createScriptURL", INPUTS.SCRIPTURL, urlTestCases],
   ];
 

trusted-types/TrustedTypePolicyFactory-createPolicy-createXYZTests.tentative.html

@@ -224,79 +224,4 @@
       p.createURL(INPUTS.URL);
     });
   }, "createScriptURL defined - calling undefined callbacks throws");
-
-
-  //URL tests
-  function createURLTest(policyName, policy, expectedURL, t) {
-    let p = window.trustedTypes.createPolicy(policyName, policy);
-    let url = p.createURL(INPUTS.URL);
-    assert_true(url instanceof TrustedURL);
-    assert_true(trustedTypes.isURL(url));
-    assert_equals(url + "", expectedURL);
-  }
-
-  test(t => {
-    createURLTest('TestPolicyURL1', { createURL: s => s }, INPUTS.URL, t);
-  }, "url = identity function");
-
-  test(t => {
-    createURLTest('TestPolicyURL2', { createURL: s => null }, "", t);
-  }, "url = null");
-
-  var URLstr = '#x';
-  test(t => {
-    createURLTest('TestPolicyURL3', { createURL: s => s + URLstr }, INPUTS.URL + URLstr, t);
-  }, "url = string + global string");
-
-  var URLx = 'global';
-  test(t => {
-    createURLTest('TestPolicyURL4', { createURL: s => { URLx = s; return s; } }, INPUTS.URL, t);
-    assert_equals(URLx, INPUTS.URL);
-  }, "url = identity function, global string changed");
-
-  test(t => {
-    let p = window.trustedTypes.createPolicy('TestPolicyURL5', {
-      createURL: s => { throw new Error(); }
-    });
-    assert_throws(new Error(), _ => {
-      p.createURL(INPUTS.URL);
-    });
-  }, "url = callback that throws");
-
-  function getURL(s) {
-    return s + this.bar;
-  }
-
-  var obj = {
-    "bar": "#x"
-  }
-
-  test(t => {
-    createURLTest('TestPolicyURL6', { createURL: getURL.bind(obj) }, INPUTS.URL + "#x", t);
-  }, "url = this bound to an object");
-
-  var bar = "#x";
-  test(t => {
-    createURLTest('TestPolicyURL7', { createURL: s => getURL(s) }, INPUTS.URL + bar, t);
-  }, "url = this without bind");
-
-  test(t => {
-    let p = window.trustedTypes.createPolicy('TestPolicyURL8', null);
-    assert_throws(new TypeError(), _ => {
-      p.createURL(INPUTS.URL);
-    });
-  }, "url - calling undefined callback throws");
-
-  test(t => {
-    let p = window.trustedTypes.createPolicy('TestPolicyURL9', { createURL: createURLJS });
-    assert_throws(new TypeError(), _ => {
-      p.createHTML(INPUTS.HTML);
-    });
-    assert_throws(new TypeError(), _ => {
-      p.createScript(INPUTS.SCRIPT);
-    });
-    assert_throws(new TypeError(), _ => {
-      p.createScriptURL(INPUTS.SCRIPTURL);
-    });
-  }, "createURL defined - calling undefined callbacks throws");
 </script>

trusted-types/TrustedTypePolicyFactory-getPropertyType.tentative.html

@@ -8,10 +8,11 @@
 <div id="target"></div>
 <script>
   test(t => {
-    assert_equals(trustedTypes.getPropertyType("a", "href"), "TrustedURL");
-    assert_equals(trustedTypes.getPropertyType("a", "id"), null);
-    assert_equals(trustedTypes.getPropertyType("a", "b"), null);
-  }, "sanity check trustedTypes.getPropertyType for the HTML a element.");
+    assert_equals(trustedTypes.getPropertyType("script", "text"), "TrustedScript");
+    assert_equals(trustedTypes.getPropertyType("script", "src"), "TrustedScriptURL");
+    assert_equals(trustedTypes.getPropertyType("script", "id"), null);
+    assert_equals(trustedTypes.getPropertyType("script", "b"), null);
+  }, "sanity check trustedTypes.getPropertyType for the HTML script element.");
 
   test(t => {
     assert_equals(trustedTypes.getAttributeType("img", "onerror"), "TrustedScript");
@@ -28,11 +29,9 @@
   test(t => {
     // returns the proper type for attribute-related properties
     assert_equals(trustedTypes.getPropertyType("script", "src"), "TrustedScriptURL");
-    assert_equals(trustedTypes.getPropertyType("img", "src"), "TrustedURL");
 
     // is case insensitive for tag names
     assert_equals(trustedTypes.getPropertyType("SCRIPT", "src"), "TrustedScriptURL");
-    assert_equals(trustedTypes.getPropertyType("ImG", "src"), "TrustedURL");
 
     // is case sensitive for property names
     assert_equals(trustedTypes.getPropertyType("script", "sRc"), null);
@@ -53,19 +52,16 @@
   test(t => {
     // returns the proper type
     assert_equals(trustedTypes.getAttributeType('script', 'src'), 'TrustedScriptURL');
-    assert_equals(trustedTypes.getAttributeType('img', 'src'), 'TrustedURL');
 
     // ignores attributes from unknown namespaces
     assert_equals(trustedTypes.getAttributeType(
           'a', 'href', '', 'http://foo.bar'), null);
 
     // is case insensitive for element names
     assert_equals(trustedTypes.getAttributeType('SCRIPT', 'src'), 'TrustedScriptURL');
-    assert_equals(trustedTypes.getAttributeType('imG', 'src'), 'TrustedURL');
 
     // is case insensitive for the attribute names
     assert_equals(trustedTypes.getAttributeType('script', 'SRC'), 'TrustedScriptURL');
-    assert_equals(trustedTypes.getAttributeType('imG', 'srC'), 'TrustedURL');
 
     // supports the inline event handlers
     assert_equals(trustedTypes.getAttributeType('img', 'onerror'), 'TrustedScript');
@@ -82,7 +78,6 @@
 
     // Spot testing some values.
     assert_equals(map["script"].attributes.src, "TrustedScriptURL");
-    assert_equals(map["img"].attributes.src, "TrustedURL");
     assert_equals(map["*"].properties.innerHTML, "TrustedHTML");
     assert_equals(map["foo"], undefined);