From aee73c479bd3f156b1468f3fd7e34811263f9e1a Mon Sep 17 00:00:00 2001
From: Damien Engels <45879223+engelsdamien@users.noreply.github.com>
Date: Wed, 2 Oct 2019 18:59:59 +0200
Subject: [PATCH] Updates the way the trustedTypes policy factory is exposed.
 (#38812)

Since Chrome is still shipping the API using `TrustedTypes` (capitalized),
we need to keep it exposed.

We expose both `window.trustedTypes` & `window.TrustedTypes` as optionals
since either of them could be undefined.

Also cleans up the formatting & comments.
---
 types/trusted-types/index.d.ts             | 29 ++++++++++++++--------
 types/trusted-types/trusted-types-tests.ts | 26 +++++++++++--------
 2 files changed, 34 insertions(+), 21 deletions(-)

diff --git a/types/trusted-types/index.d.ts b/types/trusted-types/index.d.ts
index dc2da3d51c..062e8fb77d 100644
--- a/types/trusted-types/index.d.ts
+++ b/types/trusted-types/index.d.ts
@@ -15,23 +15,23 @@ declare global {
     }
 
     class TrustedHTML {
-        private constructor(); // to prevent instantiting with 'new'.
-        private _brand: true; // To prevent structural typing.
+        private constructor(); // To prevent instantiting with 'new'.
+        private brand: true; // To prevent structural typing.
     }
 
     class TrustedScript {
-        private constructor(); // to prevent instantiting with 'new'.
-        private _brand: true; // To prevent structural typing.
+        private constructor(); // To prevent instantiting with 'new'.
+        private brand: true; // To prevent structural typing.
     }
 
     class TrustedScriptURL {
-        private constructor(); // to prevent instantiting with 'new'.
-        private _brand: true; // To prevent structural typing.
+        private constructor(); // To prevent instantiting with 'new'.
+        private brand: true; // To prevent structural typing.
     }
 
     class TrustedURL {
-        private constructor(); // to prevent instantiting with 'new'.
-        private _brand: true; // To prevent structural typing.
+        private constructor(); // To prevent instantiting with 'new'.
+        private brand: true; // To prevent structural typing.
     }
 
     interface TrustedTypePolicy {
@@ -47,7 +47,7 @@ declare global {
             name: string,
             policyOptions: Pick<TrustedTypePolicyOptions, Keys>,
             expose?: boolean,
-            ): Pick<TrustedTypePolicy, 'name'|Keys>;
+        ): Pick<TrustedTypePolicy, 'name' | Keys>;
         getPolicyNames(): string[];
         isHTML(value: any): value is TrustedHTML;
         isScript(value: any): value is TrustedScript;
@@ -60,7 +60,13 @@ declare global {
     }
 
     interface Window {
-        trustedTypes: TrustedTypePolicyFactory;
+        // NOTE: This is needed while the implementation in Chrome still relies
+        // on the old uppercase name, either of the values below could be
+        // undefined.
+        // See https://github.com/w3c/webappsec-trusted-types/issues/177
+        trustedTypes?: TrustedTypePolicyFactory;
+        /** @deprecated Prefer the lowercase version. */
+        TrustedTypes?: TrustedTypePolicyFactory;
         TrustedHTML: TrustedHTML;
         TrustedScript: TrustedScript;
         TrustedScriptURL: TrustedScriptURL;
@@ -70,7 +76,8 @@ declare global {
     }
 }
 
-// this is not available in global scope. It's only used for the export.
+// This is not available in global scope. It's only used for the export. This is
+// necessary to be able to use these types from nodejs (for SSR).
 declare const trustedTypes: TrustedTypePolicyFactory;
 
 export default trustedTypes;
diff --git a/types/trusted-types/trusted-types-tests.ts b/types/trusted-types/trusted-types-tests.ts
index ae3d8d3b04..44df9a5ff4 100644
--- a/types/trusted-types/trusted-types-tests.ts
+++ b/types/trusted-types/trusted-types-tests.ts
@@ -6,6 +6,12 @@ TT;
 // $ExpectError
 trustedTypes;
 
+// $ExpectType TrustedTypePolicyFactory | undefined
+window.trustedTypes;
+
+// $ExpectType TrustedTypePolicyFactory | undefined
+window.TrustedTypes;
+
 const rules = {
     createHTML: (s: string) => s,
     createScript: (s: string) => s,
@@ -14,10 +20,10 @@ const rules = {
 };
 
 // $ExpectType string[]
-window.trustedTypes.getPolicyNames();
-window.trustedTypes.createPolicy('default', rules, true);
+TT.getPolicyNames();
+TT.createPolicy('default', rules, true);
 
-const policy = window.trustedTypes.createPolicy('test', rules);
+const policy = TT.createPolicy('test', rules);
 
 // $ExpectType string
 policy.name;
@@ -30,7 +36,7 @@ policy.createScriptURL('');
 // $ExpectType TrustedURL
 policy.createURL('');
 
-const htmlOnlyPolicy = window.trustedTypes.createPolicy('htmlOnly', {
+const htmlOnlyPolicy = TT.createPolicy('htmlOnly', {
     createHTML: (html: string) => {
         return html;
     },
@@ -44,16 +50,16 @@ const html = htmlOnlyPolicy.createHTML('');
 htmlOnlyPolicy.createScript('');
 
 // $ExpectType boolean
-window.trustedTypes.isHTML(html);
+TT.isHTML(html);
 // $ExpectType boolean
-window.trustedTypes.isScript(html);
+TT.isScript(html);
 // $ExpectType boolean
-window.trustedTypes.isScriptURL(html);
+TT.isScriptURL(html);
 // $ExpectType boolean
-window.trustedTypes.isURL(html);
+TT.isURL(html);
 
-// test that types are globaly available
-const trustedHTML: TrustedHTML = null as any;
+// Ensure the types are globaly available
+let trustedHTML: TrustedHTML = null as any;
 const trustedScript: TrustedScript = null as any;
 
 // $ExpectError