1 files changed, 42 insertions, 49 deletions
diff --git a/chromium/third_party/blink/renderer/core/trustedtypes/trusted_types_util.h b/chromium/third_party/blink/renderer/core/trustedtypes/trusted_types_util.h
index c4eb1122397..2169c32ba87 100644
--- a/chromium/third_party/blink/renderer/core/trustedtypes/trusted_types_util.h
+++ b/chromium/third_party/blink/renderer/core/trustedtypes/trusted_types_util.h
@@ -6,6 +6,7 @@
 #define THIRD_PARTY_BLINK_RENDERER_CORE_TRUSTEDTYPES_TRUSTED_TYPES_UTIL_H_
 
 #include "third_party/blink/renderer/core/core_export.h"
+#include "third_party/blink/renderer/core/script/script_element_base.h"
 #include "third_party/blink/renderer/platform/wtf/text/wtf_string.h"
 
 namespace blink {
@@ -13,69 +14,61 @@ namespace blink {
 class Document;
 class ExecutionContext;
 class ExceptionState;
-class Node;
-class StringOrTrustedHTML;
 class StringOrTrustedHTMLOrTrustedScriptOrTrustedScriptURL;
 class StringOrTrustedScript;
-class StringOrTrustedScriptURL;
 
 enum class SpecificTrustedType {
   kNone,
-  kTrustedHTML,
-  kTrustedScript,
-  kTrustedScriptURL,
+  kHTML,
+  kScript,
+  kScriptURL,
 };
 
-String CORE_EXPORT GetStringFromTrustedType(
-    const StringOrTrustedHTMLOrTrustedScriptOrTrustedScriptURL&,
-    const ExecutionContext*,
-    ExceptionState&);
-
-String CORE_EXPORT GetStringFromTrustedTypeWithoutCheck(
-    const StringOrTrustedHTMLOrTrustedScriptOrTrustedScriptURL&);
+// TODO(crbug.com/1029822): Temporary helpers to ease migrating ExecutionContext
+// to LocalDOMWindow.
+CORE_EXPORT String TrustedTypesCheckForHTML(const String&,
+                                            const Document*,
+                                            ExceptionState&);
 
-String CORE_EXPORT GetStringFromSpecificTrustedType(
-    const StringOrTrustedHTMLOrTrustedScriptOrTrustedScriptURL&,
+// Perform Trusted Type checks, with the IDL union types as input. All of these
+// will call String& versions below to do the heavy lifting.
+CORE_EXPORT String TrustedTypesCheckFor(
     SpecificTrustedType,
+    const StringOrTrustedHTMLOrTrustedScriptOrTrustedScriptURL&,
     const ExecutionContext*,
-    ExceptionState&);
-
-String CORE_EXPORT GetStringFromSpecificTrustedType(const String&,
-                                                    SpecificTrustedType,
-                                                    const ExecutionContext*,
-                                                    ExceptionState&);
-
-String CORE_EXPORT GetStringFromTrustedHTML(StringOrTrustedHTML,
+    ExceptionState&) WARN_UNUSED_RESULT;
+CORE_EXPORT String TrustedTypesCheckForScript(StringOrTrustedScript,
+                                              const ExecutionContext*,
+                                              ExceptionState&)
+    WARN_UNUSED_RESULT;
+
+// Perform Trusted Type checks, for a dynamically or statically determined
+// type.
+// Returns the effective value (which may have been modified by the "default"
+// policy. We use WARN_UNUSED_RESULT to prevent erroneous usage.
+String TrustedTypesCheckFor(SpecificTrustedType,
+                            const String&,
+                            const ExecutionContext*,
+                            ExceptionState&) WARN_UNUSED_RESULT;
+CORE_EXPORT String TrustedTypesCheckForHTML(const String&,
                                             const ExecutionContext*,
-                                            ExceptionState&);
-
-String GetStringFromTrustedHTML(const String&,
-                                const ExecutionContext*,
-                                ExceptionState&);
-
-String CORE_EXPORT GetStringFromTrustedScript(StringOrTrustedScript,
+                                            ExceptionState&) WARN_UNUSED_RESULT;
+CORE_EXPORT String TrustedTypesCheckForScript(const String&,
                                               const ExecutionContext*,
-                                              ExceptionState&);
-
-String GetStringFromTrustedScript(const String&,
-                                  const ExecutionContext*,
-                                  ExceptionState&);
-
-String CORE_EXPORT GetStringFromTrustedScriptURL(StringOrTrustedScriptURL,
+                                              ExceptionState&)
+    WARN_UNUSED_RESULT;
+CORE_EXPORT String TrustedTypesCheckForScriptURL(const String&,
                                                  const ExecutionContext*,
-                                                 ExceptionState&);
-
-// For <script> elements, we need to treat insertion of DOM text nodes
-// as equivalent to string assignment. This checks the child-node to be
-// inserted and runs all of the Trusted Types checks if it's a text node.
-//
-// Returns nullptr if the check failed, or the node to use (possibly child)
-//         if they succeeded.
-Node* TrustedTypesCheckForHTMLScriptElement(Node* child,
-                                            Document*,
-                                            ExceptionState&);
+                                                 ExceptionState&)
+    WARN_UNUSED_RESULT;
 
+// Functionally equivalent to TrustedTypesCheckForScript(const String&, ...),
+// but with setup & error handling suitable for the asynchronous execution
+// cases.
 String TrustedTypesCheckForJavascriptURLinNavigation(const String&, Document*);
+CORE_EXPORT String GetStringForScriptExecution(const String&,
+                                               ScriptElementBase::Type,
+                                               Document*);
 
 // Determine whether a Trusted Types check is needed in this execution context.
 //
@@ -84,7 +77,7 @@ String TrustedTypesCheckForJavascriptURLinNavigation(const String&, Document*);
 // immediately imply "okay" this method can be used.
 // Example: To determine whether 'eval' may pass, one needs to also take CSP
 // into account.
-bool CORE_EXPORT RequireTrustedTypesCheck(const ExecutionContext*);
+CORE_EXPORT bool RequireTrustedTypesCheck(const ExecutionContext*);
 
 }  // namespace blink