Emdash source with visual editor image upload fix
Fixes: 1. media.ts: wrap placeholder generation in try-catch 2. toolbar.ts: check r.ok, display error message in popover
This commit is contained in:
@@ -0,0 +1,71 @@
|
||||
import { describe, it, expect } from "vitest";
|
||||
|
||||
/**
|
||||
* Tests for the sandbox boundary enforcement of page contribution hooks.
|
||||
*
|
||||
* page:metadata is sandbox-safe.
|
||||
* page:fragments is trusted-only but valid in manifests (enforcement happens
|
||||
* at runtime via capability checks and at bundle time via CLI warnings).
|
||||
*
|
||||
* The enforcement happens at multiple layers:
|
||||
* 1. Manifest schema: HOOK_NAMES includes both page:metadata and page:fragments
|
||||
* 2. Capability enforcement: page:fragments requires page:inject capability
|
||||
* 3. Bundle CLI: warns when page:fragments is declared in a sandbox-targeted plugin
|
||||
* 4. Fragment collector: never invokes sandboxed plugins for page:fragments
|
||||
*/
|
||||
|
||||
describe("page contribution sandbox boundary", () => {
|
||||
describe("manifest schema validation", () => {
|
||||
it("should accept page:metadata in manifests", async () => {
|
||||
const { pluginManifestSchema } = await import("../../../src/plugins/manifest-schema.js");
|
||||
|
||||
const manifest = {
|
||||
id: "test-plugin",
|
||||
version: "1.0.0",
|
||||
capabilities: [],
|
||||
allowedHosts: [],
|
||||
storage: {},
|
||||
hooks: [{ name: "page:metadata" }],
|
||||
routes: [],
|
||||
admin: { pages: [], widgets: [] },
|
||||
};
|
||||
|
||||
const result = pluginManifestSchema.safeParse(manifest);
|
||||
expect(result.success).toBe(true);
|
||||
});
|
||||
|
||||
it("should accept page:fragments in manifests (enforcement is at runtime)", async () => {
|
||||
const { pluginManifestSchema } = await import("../../../src/plugins/manifest-schema.js");
|
||||
|
||||
const manifest = {
|
||||
id: "test-plugin",
|
||||
version: "1.0.0",
|
||||
capabilities: [],
|
||||
allowedHosts: [],
|
||||
storage: {},
|
||||
hooks: [{ name: "page:fragments" }],
|
||||
routes: [],
|
||||
admin: { pages: [], widgets: [] },
|
||||
};
|
||||
|
||||
// Manifest validation accepts page:fragments — trusted-only enforcement
|
||||
// happens via capability checks (requires page:inject) and the bundle CLI
|
||||
// warns when this hook is used in a sandbox-targeted plugin.
|
||||
const result = pluginManifestSchema.safeParse(manifest);
|
||||
expect(result.success).toBe(true);
|
||||
});
|
||||
});
|
||||
|
||||
describe("fragment collector defense-in-depth", () => {
|
||||
it("resolveFragments only processes contributions it receives", async () => {
|
||||
// The fragment collector in page/fragments.ts is a pure function that
|
||||
// processes whatever contributions are passed to it. The defense-in-depth
|
||||
// is that the runtime never passes sandboxed plugin contributions to it.
|
||||
// This test verifies the pure function works correctly.
|
||||
const { resolveFragments } = await import("../../../src/page/fragments.js");
|
||||
|
||||
const result = resolveFragments([], "head");
|
||||
expect(result).toEqual([]);
|
||||
});
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user