diff --git a/integration/ivy-trusted-types/e2e/src/app.e2e-spec.ts b/integration/ivy-trusted-types/e2e/src/app.e2e-spec.ts index a082fedcbc..e3fe4bf722 100644 --- a/integration/ivy-trusted-types/e2e/src/app.e2e-spec.ts +++ b/integration/ivy-trusted-types/e2e/src/app.e2e-spec.ts @@ -1,5 +1,5 @@ -import { AppPage } from './app.po'; -import { browser, logging } from 'protractor'; +import {browser, logging} from 'protractor'; +import {AppPage} from './app.po'; describe('workspace-project App', () => { let page: AppPage; @@ -13,7 +13,49 @@ describe('workspace-project App', () => { expect(await page.getTitleText()).toEqual('ivy-trusted-types app is running!'); }); + it('should sanitize and inject bound innerHTML', async () => { + await page.navigateTo(); + expect(await page.getBoundHtmlText()).toEqual('Hello from bound HTML'); + expect(await page.boundHtmlIframeIsPresent()).toBe(false); + }); + + it('should directly inject SafeHtml bound to innerHTML', async () => { + await page.navigateTo(); + expect(await page.getBoundSafeHtmlText()).toEqual('Hello from bound SafeHtml'); + expect(await page.boundSafeHtmlIframeIsPresent()).toBe(true); + }); + + it('should replace element with outerHTML contents', async () => { + await page.navigateTo(); + expect(await page.getOuterHTMLText()).toBe('Hello from second outerHTML'); + }); + + it('should load iframe', async () => { + await page.navigateTo(); + await browser.waitForAngularEnabled(false); + await page.switchToIframe(); + expect(await page.getHeaderText()).toEqual('Hello from iframe'); + }); + + it('should load embed', async () => { + await page.navigateTo(); + await browser.waitForAngularEnabled(false); + await page.switchToEmbed(); + expect(await page.getHeaderText()).toEqual('Hello from embed'); + }); + + it('should load object', async () => { + await page.navigateTo(); + await browser.waitForAngularEnabled(false); + await page.switchToObject(); + expect(await page.getHeaderText()).toEqual('Hello from object'); + }); + afterEach(async () => { + // Re-enable waiting for Angular in case we disabled it to navigate to a + // non-Angular page + await browser.waitForAngularEnabled(true); + // Assert that there are no errors emitted from the browser const logs = await browser.manage().logs().get(logging.Type.BROWSER); expect(logs).not.toContain(jasmine.objectContaining({ diff --git a/integration/ivy-trusted-types/e2e/src/app.po.ts b/integration/ivy-trusted-types/e2e/src/app.po.ts index c9c85ab9a2..d85d7f246b 100644 --- a/integration/ivy-trusted-types/e2e/src/app.po.ts +++ b/integration/ivy-trusted-types/e2e/src/app.po.ts @@ -5,7 +5,43 @@ export class AppPage { return browser.get(browser.baseUrl); } + async switchToIframe(): Promise { + return browser.switchTo().frame(await element(by.id('trusted-types-iframe')).getWebElement()); + } + + async switchToObject(): Promise { + return browser.switchTo().frame(await element(by.id('trusted-types-object')).getWebElement()); + } + + async switchToEmbed(): Promise { + return browser.switchTo().frame(await element(by.id('trusted-types-embed')).getWebElement()); + } + async getTitleText(): Promise { return element(by.css('app-root .content span')).getText(); } + + async getBoundHtmlText(): Promise { + return element(by.css('#bound-html span')).getText(); + } + + async getBoundSafeHtmlText(): Promise { + return element(by.css('#bound-safehtml span')).getText(); + } + + async getOuterHTMLText(): Promise { + return element(by.id('outerhtml')).getText(); + } + + async boundHtmlIframeIsPresent(): Promise { + return element(by.id('bound-html-iframe')).isPresent(); + } + + async boundSafeHtmlIframeIsPresent(): Promise { + return element(by.id('bound-safehtml-iframe')).isPresent(); + } + + async getHeaderText(): Promise { + return element(by.css('h1')).getText(); + } } diff --git a/integration/ivy-trusted-types/src/app/app.component.html b/integration/ivy-trusted-types/src/app/app.component.html index e48d8c109d..55cf73d056 100644 --- a/integration/ivy-trusted-types/src/app/app.component.html +++ b/integration/ivy-trusted-types/src/app/app.component.html @@ -530,5 +530,18 @@ +
+

Trusted Types tests

- \ No newline at end of file +
+
+
+ Hello from first outerHTML +
+ + + + +
+ + diff --git a/integration/ivy-trusted-types/src/app/app.component.ts b/integration/ivy-trusted-types/src/app/app.component.ts index 314ee773df..f4dd761a03 100644 --- a/integration/ivy-trusted-types/src/app/app.component.ts +++ b/integration/ivy-trusted-types/src/app/app.component.ts @@ -1,4 +1,5 @@ -import { Component } from '@angular/core'; +import {Component} from '@angular/core'; +import {DomSanitizer, SafeHtml, SafeResourceUrl} from '@angular/platform-browser'; @Component({ selector: 'app-root', @@ -7,4 +8,16 @@ import { Component } from '@angular/core'; }) export class AppComponent { title = 'ivy-trusted-types'; + html = `Hello from bound HTML`; + iframeHtml = `

Hello from iframe

`; + replace = `Hello from second outerHTML`; + safeHtml: SafeHtml; + safeResourceUrl: SafeResourceUrl; + + constructor(sanitizer: DomSanitizer) { + this.safeHtml = sanitizer.bypassSecurityTrustHtml( + `Hello from bound SafeHtml`); + this.safeResourceUrl = sanitizer.bypassSecurityTrustResourceUrl( + `data:text/html,

Hello from object

`); + } }