diff --git a/explainer.md b/explainer.md index 7ae7f84..f0ebe54 100644 --- a/explainer.md +++ b/explainer.md @@ -213,26 +213,6 @@ trustedTypes.createPolicy('default', { This mechanism complements CSP's `'unsafe-inline'`, allowing the authors to enable strong security controls in their application even if it occasionally uses `javascript:` URLs for legitimate purposes. -### Source Literals - -XSS is an unintended modification of a site's source code. Wrapping literals -from the original JavaScript resource - which by definition aren't XSS - can be -cumbersome. Trusted Types provides a way to easily wrap source literals in -Trusted Types by using the tagged template syntax and the `fromLiteral` methods, -in a way that cannot be spoofed at runtime: - -``` javascript -const value = TrustedHTML.fromLiteral`Hello there.`; -``` - -Note that template literals are passed as arrays of strings to the tag functions. -`fromLiteral` checks that a passed-in value is actually a template literal -and not dynamically constructed. - -``` javascript -TrustedHTML.fromLiteral(["Hello there."]); // Throws. -``` - ### DOM Sinks * **HTML Contexts**: Given something like `typedef (DOMString or TrustedHTML) HTMLString`, we'd diff --git a/spec/index.bs b/spec/index.bs index 1d5c4cc..98c341c 100644 --- a/spec/index.bs +++ b/spec/index.bs @@ -284,7 +284,6 @@ wrappers around a string, constructed via a {{TrustedTypePolicy}}'s interface TrustedHTML { stringifier; DOMString toJSON(); - static TrustedHTML fromLiteral(object templateStringsArray); }; @@ -297,9 +296,6 @@ will never change during its lifetime. TrustedHTML object are to return the value from its `[[Data]]` internal slot. -The fromLiteral(object templateStringsArray) method, when invoked, returns the result of executing a [$Create a Trusted Type from literal$] algorithm, -with {{TrustedHTML}} as |type| and |templateStringsArray| as |template|. - ### TrustedScript ### {#trusted-script} The TrustedScript interface represents a string with an uncompiled @@ -314,7 +310,6 @@ around a string, constructed via a {{TrustedTypePolicy}}'s interface TrustedScript { stringifier; DOMString toJSON(); - static TrustedScript fromLiteral(object templateStringsArray); }; @@ -327,9 +322,6 @@ will never change during its lifetime. TrustedScript object are to return the value from its `[[Data]]` internal slot. -The fromLiteral(object templateStringsArray) method, when invoked, returns the result of executing a [$Create a Trusted Type from literal$] algorithm, -with {{TrustedScript}} as |type| and |templateStringsArray| as |template|. - ### TrustedScriptURL ### {#trused-script-url} The TrustedScriptURL interface represents a string that a developer @@ -344,7 +336,6 @@ string, constructed via a {{TrustedTypePolicy}}'s interface TrustedScriptURL { stringifier; USVString toJSON(); - static TrustedScriptURL fromLiteral(object templateStringsArray); }; @@ -357,9 +348,6 @@ will never change during its lifetime. TrustedScriptURL object are to return the value from its `[[Data]]` internal slot. -The fromLiteral(object templateStringsArray) method, when invoked, returns the result of executing a [$Create a Trusted Type from literal$] algorithm, -with {{TrustedScriptURL}} as |type| and |templateStringsArray| as |template|. - ## Policies ## {#policies-hdr} Trusted Types can only be created via user-defined @@ -925,29 +913,6 @@ a string |value| and a list |arguments|, execute the following steps: Note: This adds an integration point with [dynamic-code-brand-checks proposal](https://tc39.es/proposal-dynamic-code-brand-checks/). 1. Return |trustedObject|. -## Create a Trusted Type from literal ## {#create-a-trusted-type-from-literal-algorithm} - -Given a {{TrustedType}} type |type| and an object |template|, execute the following steps: - -1. If [$check templatedness$] of |template| returns false, throw a {{TypeError}}. -1. If [$Get$](|template|, "length") is not equal to 1, throw a {{TypeError}}. -1. Let |templatedValue| be the result of [$Get$](|template|, 0). -1. If |type| is {{TrustedHTML}}, perform the following steps: - 1. Let |templateNode| be the results of [=create an element|creating an element=] given "template", the [=HTML namespace=] and [=current global object=]'s [=associated Document=]. - 1. Assert: |templateNode| is {{HTMLTemplateElement}}. - 1. Let |fragment| be the result of invoking [$fragment parsing algorithm$], with |templatedValue| as markup, and |templateNode| as a context element. - 1. Set |templatedValue| to be the result of invoking [=HTML fragment serialization algorithm=], with |fragment| as the node. - -1. Return a new instance of an interface |type|, with its `[[Data]]` internal slot value set to |templatedValue|. - -## Check templatedness of an object ## {#check-templatedness-algorithm} - -To check templatedness of an object |value|, perform the following steps. They return a boolean value: - -1. Let |realm| be the current Realm Record. -1. For each |item| of |realm|.\[[TemplateMap]], if |item|.\[[Array]] is |value|, return true. -1. Return false. - ## Get Trusted Type compliant string ## {#get-trusted-type-compliant-string-algorithm} This algorithm will return a string that can be used with an diff --git a/src/trustedtypes.js b/src/trustedtypes.js index fdd3646..9495820 100644 --- a/src/trustedtypes.js +++ b/src/trustedtypes.js @@ -202,30 +202,6 @@ export const trustedTypesBuilderTestOnly = function() { } } - /** - * @template T - * @this {T} - * @param {!ITemplateArray} template - * @return {T} - */ - function fromLiteral(template) { - if (!isFrozen(template) - || !isFrozen(template.raw) - || template.length !== 1) { - // Not a template object. - throw new TypeError('Invalid input'); - } - let allowedValue = raw(template); - if (this === TrustedHTML) { - const tplEl = createElement.call(null, 'template'); - tplEl.innerHTML = allowedValue; - allowedValue = tplEl.innerHTML; - } - const o = freeze((new this(creatorSymbol, 'fromLiteral'))); - privates(o)['v'] = allowedValue; - return o; - } - /** * @param {function(new:TrustedType, symbol, string)} SubClass * @param {string} canonName The class name which should be independent of @@ -235,9 +211,6 @@ export const trustedTypesBuilderTestOnly = function() { function lockdownTrustedType(SubClass, canonName) { freeze(SubClass.prototype); delete SubClass.name; - defineProperty(SubClass, 'fromLiteral', {value: - fromLiteral.bind(SubClass), - }); defineProperty(SubClass, 'name', {value: canonName}); } diff --git a/tests/trustedtypes_test.js b/tests/trustedtypes_test.js index dcfd6b2..b3820c5 100644 --- a/tests/trustedtypes_test.js +++ b/tests/trustedtypes_test.js @@ -623,52 +623,4 @@ describe('TrustedTypes', () => { expect(eval(TrustedTypes.emptyScript)).toBeTruthy(); }); }); - - describe('fromLiteral', () => { - it('creates a TrustedScript', () => { - const script = TrustedTypes.TrustedScript.fromLiteral`alert(1)`; - - expect(TrustedTypes.isScript(script)).toBe(true); - expect('' + script).toEqual('alert(1)'); - }); - - it('creates a TrustedScriptURL', () => { - const scriptURL = TrustedTypes.TrustedScriptURL.fromLiteral`https://foo.example`; - - expect(TrustedTypes.isScriptURL(scriptURL)).toBe(true); - expect('' + scriptURL).toEqual('https://foo.example'); - }); - - it('creates a TrustedHTML', () => { - const html = TrustedTypes.TrustedHTML.fromLiteral`