fix(ivy): sanitization for Host Bindings (#27939)

This commit adds sanitization for `elementProperty` and `elementAttribute` instructions used in `hostBindings` function, similar to what we already have in the `template` function. Main difference is the fact that for some attributes (like "href" and "src") we can't define which SecurityContext they belong to (URL vs RESOURCE_URL) in Compiler, since information in Directive selector may not be enough to calculate it. In order to resolve the problem, Compiler injects slightly different sanitization function which detects proper Security Context at runtime. PR Close #27939
2019-01-03 10:04:06 -08:00
parent 1de4031d9c
commit c3aa24c3f9
14 changed files with 430 additions and 48 deletions
--- a/packages/core/test/linker/security_integration_spec.ts
+++ b/packages/core/test/linker/security_integration_spec.ts
@ -171,39 +171,37 @@ function declareTests(config?: {useJit: boolean}) {
        checkEscapeOfHrefProperty(fixture, true);
      });

-      fixmeIvy('FW-785: Host bindings are not sanitised')
-          .it('should escape unsafe properties if they are used in host bindings', () => {
-            @Directive({selector: '[dirHref]'})
-            class HrefDirective {
-              // TODO(issue/24571): remove '!'.
-              @HostBinding('href') @Input()
-              dirHref !: string;
-            }
+      it('should escape unsafe properties if they are used in host bindings', () => {
+        @Directive({selector: '[dirHref]'})
+        class HrefDirective {
+          // TODO(issue/24571): remove '!'.
+          @HostBinding('href') @Input()
+          dirHref !: string;
+        }

-            const template = `<a [dirHref]="ctxProp">Link Title</a>`;
-            TestBed.configureTestingModule({declarations: [HrefDirective]});
-            TestBed.overrideComponent(SecuredComponent, {set: {template}});
-            const fixture = TestBed.createComponent(SecuredComponent);
+        const template = `<a [dirHref]="ctxProp">Link Title</a>`;
+        TestBed.configureTestingModule({declarations: [HrefDirective]});
+        TestBed.overrideComponent(SecuredComponent, {set: {template}});
+        const fixture = TestBed.createComponent(SecuredComponent);

-            checkEscapeOfHrefProperty(fixture, false);
-          });
+        checkEscapeOfHrefProperty(fixture, false);
+      });

-      fixmeIvy('FW-785: Host bindings are not sanitised')
-          .it('should escape unsafe attributes if they are used in host bindings', () => {
-            @Directive({selector: '[dirHref]'})
-            class HrefDirective {
-              // TODO(issue/24571): remove '!'.
-              @HostBinding('attr.href') @Input()
-              dirHref !: string;
-            }
+      it('should escape unsafe attributes if they are used in host bindings', () => {
+        @Directive({selector: '[dirHref]'})
+        class HrefDirective {
+          // TODO(issue/24571): remove '!'.
+          @HostBinding('attr.href') @Input()
+          dirHref !: string;
+        }

-            const template = `<a [dirHref]="ctxProp">Link Title</a>`;
-            TestBed.configureTestingModule({declarations: [HrefDirective]});
-            TestBed.overrideComponent(SecuredComponent, {set: {template}});
-            const fixture = TestBed.createComponent(SecuredComponent);
+        const template = `<a [dirHref]="ctxProp">Link Title</a>`;
+        TestBed.configureTestingModule({declarations: [HrefDirective]});
+        TestBed.overrideComponent(SecuredComponent, {set: {template}});
+        const fixture = TestBed.createComponent(SecuredComponent);

-            checkEscapeOfHrefProperty(fixture, true);
-          });
+        checkEscapeOfHrefProperty(fixture, true);
+      });

      it('should escape unsafe style values', () => {
        const template = `<div [style.background]="ctxProp">Text</div>`;