From e67df65f9ab5affbbd5bfda175bd4de6edb79c6d Mon Sep 17 00:00:00 2001 From: Youssef Attia Date: Tue, 6 Jun 2023 15:13:37 +0000 Subject: [PATCH 1/4] Add config options to purifier & fix TT violation --- extensions/amp-mustache/0.1/amp-mustache.js | 5 +++-- src/purifier/index.d.ts | 3 ++- src/purifier/index.js | 5 +++-- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/extensions/amp-mustache/0.1/amp-mustache.js b/extensions/amp-mustache/0.1/amp-mustache.js index 47e9ac2201ab..3a191dd0a0f3 100644 --- a/extensions/amp-mustache/0.1/amp-mustache.js +++ b/extensions/amp-mustache/0.1/amp-mustache.js @@ -9,6 +9,7 @@ import { sanitizeHtml, sanitizeTagsForTripleMustache, } from '../../../src/sanitizer'; +import {Purifier} from '#purifier'; const TAG = 'amp-mustache'; @@ -143,8 +144,8 @@ export class AmpMustache extends BaseTemplate { serializeHtml_(html) { const doc = this.win.document; const root = doc.createElement('div'); - const sanitized = sanitizeHtml(html, doc); - root./*OK*/ innerHTML = sanitized; + const purifier = new Purifier(doc, {'RETURN_DOM': false,'RETURN_TRUSTED_TYPE':true}, null, false); + root./*OK*/ innerHTML = purifier.purifyHtml(html); return this.tryUnwrap(root); } } diff --git a/src/purifier/index.d.ts b/src/purifier/index.d.ts index d33bdbc39200..54428d00b017 100644 --- a/src/purifier/index.d.ts +++ b/src/purifier/index.d.ts @@ -8,7 +8,8 @@ export class Purifier { constructor( doc: Document, opt_config?: DOMPurify.Config, - opt_attrRewrite?: AttributeRewriterDef + opt_attrRewrite?: AttributeRewriterDef, + opt_useStandardConfig?: boolean ); purifyHtml(dirty: string): HTMLElement; diff --git a/src/purifier/index.js b/src/purifier/index.js index 485fcc96346e..2738c6c54b13 100644 --- a/src/purifier/index.js +++ b/src/purifier/index.js @@ -56,8 +56,9 @@ export class Purifier { * @param {!Document} doc * @param {!JsonObject=} opt_config * @param {!AttributeRewriterDef=} opt_attrRewrite + * @param {bool} opt_useStandardConfig */ - constructor(doc, opt_config, opt_attrRewrite) { + constructor(doc, opt_config, opt_attrRewrite, useStandardConfig = true) { /** @private {!Document} */ this.doc_ = doc; @@ -73,7 +74,7 @@ export class Purifier { /** @private {!DomPurifyDef} */ this.domPurifyTriple_ = purify(self); - const config = Object.assign(opt_config || {}, standardPurifyConfig()); + const config = useStandardConfig ? Object.assign(opt_config || {}, standardPurifyConfig()): opt_config; this.domPurify_.setConfig(config); this.addPurifyHooks_(this.domPurify_, opt_attrRewrite); From 0544cc1432ed34dd2fa2068701a3d29490386648 Mon Sep 17 00:00:00 2001 From: Youssef Attia Date: Fri, 9 Jun 2023 17:01:13 +0000 Subject: [PATCH 2/4] Added TT policy for extension-script cdn urls --- src/service/extension-script.js | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/service/extension-script.js b/src/service/extension-script.js index 45bfbb304fe4..fc087b0be1c3 100644 --- a/src/service/extension-script.js +++ b/src/service/extension-script.js @@ -154,8 +154,27 @@ export function createExtensionScript(win, extensionId, version) { extensionId, version, getMode(win).localDev - ); - scriptElement.src = scriptSrc; + ); + + if (self.trustedTypes && self.trustedTypes.createPolicy) { + const policy = self.trustedTypes.createPolicy( + 'validator-integration#loadScript', + { + createScriptURL: function (url) { + // Only allow trusted URLs + const urlObject = new URL(url); + if (urlObject.host === 'cdn.ampproject.org') { + return url; + } else { + return ''; + } + }, + } + ); + scriptElement.src = policy.createScriptURL(scriptSrc); + } else { + scriptElement.src = scriptSrc; + } return scriptElement; } From d0f504356022a5980e0597093f0032388d422e71 Mon Sep 17 00:00:00 2001 From: Youssef Attia Date: Fri, 9 Jun 2023 17:19:01 +0000 Subject: [PATCH 3/4] Added TT policy for extension-script cdn urls --- extensions/amp-mustache/0.1/amp-mustache.js | 5 ++--- src/purifier/index.d.ts | 3 +-- src/purifier/index.js | 5 ++--- src/service/extension-script.js | 23 +++++++++++++++++++-- 4 files changed, 26 insertions(+), 10 deletions(-) diff --git a/extensions/amp-mustache/0.1/amp-mustache.js b/extensions/amp-mustache/0.1/amp-mustache.js index 3a191dd0a0f3..47e9ac2201ab 100644 --- a/extensions/amp-mustache/0.1/amp-mustache.js +++ b/extensions/amp-mustache/0.1/amp-mustache.js @@ -9,7 +9,6 @@ import { sanitizeHtml, sanitizeTagsForTripleMustache, } from '../../../src/sanitizer'; -import {Purifier} from '#purifier'; const TAG = 'amp-mustache'; @@ -144,8 +143,8 @@ export class AmpMustache extends BaseTemplate { serializeHtml_(html) { const doc = this.win.document; const root = doc.createElement('div'); - const purifier = new Purifier(doc, {'RETURN_DOM': false,'RETURN_TRUSTED_TYPE':true}, null, false); - root./*OK*/ innerHTML = purifier.purifyHtml(html); + const sanitized = sanitizeHtml(html, doc); + root./*OK*/ innerHTML = sanitized; return this.tryUnwrap(root); } } diff --git a/src/purifier/index.d.ts b/src/purifier/index.d.ts index 54428d00b017..d33bdbc39200 100644 --- a/src/purifier/index.d.ts +++ b/src/purifier/index.d.ts @@ -8,8 +8,7 @@ export class Purifier { constructor( doc: Document, opt_config?: DOMPurify.Config, - opt_attrRewrite?: AttributeRewriterDef, - opt_useStandardConfig?: boolean + opt_attrRewrite?: AttributeRewriterDef ); purifyHtml(dirty: string): HTMLElement; diff --git a/src/purifier/index.js b/src/purifier/index.js index 2738c6c54b13..485fcc96346e 100644 --- a/src/purifier/index.js +++ b/src/purifier/index.js @@ -56,9 +56,8 @@ export class Purifier { * @param {!Document} doc * @param {!JsonObject=} opt_config * @param {!AttributeRewriterDef=} opt_attrRewrite - * @param {bool} opt_useStandardConfig */ - constructor(doc, opt_config, opt_attrRewrite, useStandardConfig = true) { + constructor(doc, opt_config, opt_attrRewrite) { /** @private {!Document} */ this.doc_ = doc; @@ -74,7 +73,7 @@ export class Purifier { /** @private {!DomPurifyDef} */ this.domPurifyTriple_ = purify(self); - const config = useStandardConfig ? Object.assign(opt_config || {}, standardPurifyConfig()): opt_config; + const config = Object.assign(opt_config || {}, standardPurifyConfig()); this.domPurify_.setConfig(config); this.addPurifyHooks_(this.domPurify_, opt_attrRewrite); diff --git a/src/service/extension-script.js b/src/service/extension-script.js index 45bfbb304fe4..fc087b0be1c3 100644 --- a/src/service/extension-script.js +++ b/src/service/extension-script.js @@ -154,8 +154,27 @@ export function createExtensionScript(win, extensionId, version) { extensionId, version, getMode(win).localDev - ); - scriptElement.src = scriptSrc; + ); + + if (self.trustedTypes && self.trustedTypes.createPolicy) { + const policy = self.trustedTypes.createPolicy( + 'validator-integration#loadScript', + { + createScriptURL: function (url) { + // Only allow trusted URLs + const urlObject = new URL(url); + if (urlObject.host === 'cdn.ampproject.org') { + return url; + } else { + return ''; + } + }, + } + ); + scriptElement.src = policy.createScriptURL(scriptSrc); + } else { + scriptElement.src = scriptSrc; + } return scriptElement; } From 4e07ca7442be0859de75b28c4ca1d4ca5f619bef Mon Sep 17 00:00:00 2001 From: Youssef Attia Date: Mon, 12 Jun 2023 18:45:31 +0000 Subject: [PATCH 4/4] update policy name --- src/service/extension-script.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/service/extension-script.js b/src/service/extension-script.js index fc087b0be1c3..bb8312105625 100644 --- a/src/service/extension-script.js +++ b/src/service/extension-script.js @@ -158,7 +158,7 @@ export function createExtensionScript(win, extensionId, version) { if (self.trustedTypes && self.trustedTypes.createPolicy) { const policy = self.trustedTypes.createPolicy( - 'validator-integration#loadScript', + 'extension-script#createExtensionScript', { createScriptURL: function (url) { // Only allow trusted URLs