Source code
Revision control
Copy as Markdown
Other Tools
Test Info:
- This WPT test may be referenced by the following Test IDs:
- /sanitizer-api/sethtml-context.tentative.html - WPT Dashboard Interop Dashboard
<!DOCTYPE html>
<html>
<head>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
</head>
<body>
<script>
// Test setHTML / setHTMLUnsafe behaviour with unsafe context.
// Specifically, test step 1 of:
test(_ => {
let context = document.createElement("div");
context.setHTML("abc");
assert_equals(context.innerHTML, "abc");
}, "setHTML with benign context.");
test(_ => {
let context = document.createElement("div");
context.setHTML("abc");
assert_equals(context.innerHTML, "abc");
}, "setHTMLUnsafe with benign context.");
test(_ => {
let context = document.createElement("script");
context.setHTML("abc");
assert_equals(context.innerHTML, "");
}, "setHTML with script context.");
test(_ => {
let context = document.createElement("script");
context.setHTMLUnsafe("abc");
assert_equals(context.innerHTML, "abc");
}, "setHTMLUnsafe with script context.");
test(_ => {
context.setHTML("abc");
assert_equals(context.innerHTML, "");
}, "setHTML with svg:script context.");
test(_ => {
context.setHTMLUnsafe("abc");
assert_equals(context.innerHTML, "abc");
}, "setHTMLUnsafe with svg:script context.");
test(_ => {
context.setHTML("abc");
assert_equals(context.innerHTML, "");
}, "setHTML with script with prefix context.");
test(_ => {
context.setHTMLUnsafe("abc");
assert_equals(context.innerHTML, "abc");
}, "setHTMLUnsafe with script with prefix context.");
test(_ => {
context.setHTML("abc");
assert_equals(context.innerHTML, "");
}, "setHTML with svg:script with prefix context.");
test(_ => {
context.setHTMLUnsafe("abc");
assert_equals(context.innerHTML, "abc");
}, "setHTMLUnsafe with svg:script with prefix context.");
</script>
</body>
</html>