Skip to content

Assert that the config is valid #350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
evilpie merged 1 commit into from
Nov 5, 2025
Merged

Assert that the config is valid #350

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions index.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -312,6 +312,7 @@ By explicitly sorting the result of this method, we give implementations the opp
</div>

1. Let |config| be [=this=]'s [=Sanitizer/configuration=].
1. [=Assert=]: |config| is [=SanitizerConfig/valid=].
1. If |config|["{{SanitizerConfig/elements}}"] [=map/exists=]:
1. [=list/iterate|For any=] |element| of |config|["{{SanitizerConfig/elements}}"]:
1. If |element|["{{SanitizerElementNamespaceWithAttributes/attributes}}"] [=map/exists=]:
Expand Down Expand Up @@ -351,6 +352,7 @@ allow- or remove-lists for attributes. This requires that we distinguish 4 cases
</div>

1. Let |configuration| be [=this=]'s [=Sanitizer/configuration=].
1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. Set |element| to the result of [=canonicalize a sanitizer element with attributes=] with
|element|.
1. If |configuration|["{{SanitizerConfig/elements}}"] [=map/exists=]:
Expand Down Expand Up @@ -437,6 +439,7 @@ to [=remove an element=] with |element| and [=this=]'s [=Sanitizer/configuration
The <dfn for="Sanitizer" method export>replaceElementWithChildren(|element|)</dfn> method steps are:

1. Let |configuration| be [=this=]'s [=Sanitizer/configuration=].
1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. Set |element| to the result of [=canonicalize a sanitizer element=] with |element|.
1. If |configuration|["{{SanitizerConfig/replaceWithChildrenElements}}"] [=map/contains=] |element|:
1. Return false.
Expand All @@ -457,6 +460,7 @@ up per-element allow- or remove-lists to maintain our validity criteria.
</div>

1. Let |configuration| be [=this=]'s [=Sanitizer/configuration=].
1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. Set |attribute| to the result of [=canonicalize a sanitizer attribute=] with |attribute|.
1. If |configuration|["{{SanitizerConfig/attributes}}"] [=map/exists=]:
1. [=Comment=]: If we have a global allow-list, we need to add |attribute|.
Expand Down Expand Up @@ -495,6 +499,7 @@ The <dfn for="Sanitizer" method export>removeAttribute(|attribute|)</dfn> method
The <dfn for="Sanitizer" method export>setComments(|allow|)</dfn> method steps are:

1. Let |configuration| be [=this=]'s [=Sanitizer/configuration=].
1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. If |configuration|["{{SanitizerConfig/comments}}"] [=map/exists=] and
|configuration|["{{SanitizerConfig/comments}}"] equals |allow|, then return false;
1. Set |configuration|["{{SanitizerConfig/comments}}"] to |allow|.
Expand All @@ -506,6 +511,7 @@ The <dfn for="Sanitizer" method export>setComments(|allow|)</dfn> method steps a
The <dfn for="Sanitizer" method export>setDataAttributes(|allow|)</dfn> method steps are:

1. Let |configuration| be [=this=]'s [=Sanitizer/configuration=].
1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. If |configuration|["{{SanitizerConfig/attributes}}"] does not [=map/exist=], then return false.
1. If |configuration|["{{SanitizerConfig/dataAttributes}}"] equals |allow|, then return false.
1. If |allow| is true:
Expand Down Expand Up @@ -835,6 +841,7 @@ For the main <dfn>sanitize</dfn> operation, using a {{ParentNode}} |node|, a
{{Sanitizer}} |sanitizer|, and a [=boolean=] |safe|, run these steps:

1. Let |configuration| be the value of |sanitizer|'s [=Sanitizer/configuration=].
1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. If |safe| is true, then set |configuration| to the result of calling [=remove unsafe=] on |configuration|.
1. Call [=sanitize core=] on |node|, |configuration|, and with [=handleJavascriptNavigationUrls=] set to |safe|.

Expand Down Expand Up @@ -1000,6 +1007,7 @@ This method requires that we distinguish 4 cases:

</div>

1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. Set |element| to the result of [=canonicalize a sanitizer element=] with |element|.
1. Set |modified| to the result of
[=SanitizerConfig/remove=] |element| from
Expand Down Expand Up @@ -1031,6 +1039,7 @@ remove-list. If we add |attribute| to the global remove-list, we may need to do
to fix up per-element allow- or remove-lists to maintain our validity criteria. If we remove
|attribute| from a global allow-list, we may also have to remove it from local remove-lists.

1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. Set |attribute| to the result of [=canonicalize a sanitizer attribute=] with |attribute|.
1. If |configuration|["{{SanitizerConfig/attributes}}"] [=map/exists=]:
1. [=Comment=]: If we have a global allow-list, we need to add |attribute|.
Expand Down Expand Up @@ -1078,6 +1087,7 @@ Note: While this algorithm is called [=remove unsafe=], we use
1. [=Assert=]: The [=map/get the keys|key set=] of [=built-in safe baseline configuration=]
[=set/equals=]
&laquo;[ "{{SanitizerConfig/removeElements}}", "{{SanitizerConfig/removeAttributes}}" ] &raquo;.
1. [=Assert=]: |configuration| is [=SanitizerConfig/valid=].
1. Let |result| be false.
1. [=list/For each=] |element| in
[=built-in safe baseline configuration=][{{SanitizerConfig/removeElements}}]:
Expand Down