Reenable markup blocks (#1286)

* Reenable HtmlBlock unit tests

* Add E2E tests for HTML Block cases

* Remove harded GenerateBaselines=true

* Fix #1193

This commit addresses the root cause of #1193. When we merge HTML
text nodes into HTML blocks we need to re-encode any HTML entities that
were encoded eariler.

I did a bit of a deep dive on how HTML encoding is handled in Blazor and
I think this is the best strategy. I think it's valuable that the
BrowserRenderer uses document.createTextNode, which will always encode
the text - this handles dynamic content. We want to keep this in place
to avoid HTML injection attacks.

* Fix #1265 Reenable MarkupBlock

* test cleanup

Author: rynowak

src/Microsoft.AspNetCore.Blazor.Razor.Extensions/BlazorExtensionInitializer.cs

@@ -79,9 +79,7 @@ public static void Register(RazorProjectEngineBuilder builder)
             builder.Features.Add(new EventHandlerLoweringPass());
             builder.Features.Add(new RefLoweringPass());
             builder.Features.Add(new BindLoweringPass());
-
-            // Temporarily disabled for 0.5.1
-            // builder.Features.Add(new HtmlBlockPass());
+            builder.Features.Add(new HtmlBlockPass());
 
             builder.Features.Add(new ComponentTagHelperDescriptorProvider());
             builder.Features.Add(new BindTagHelperDescriptorProvider());

src/Microsoft.AspNetCore.Blazor.Razor.Extensions/ComponentDocumentRewritePass.cs

@@ -414,6 +414,13 @@ public IEnumerable<HtmlToken> Get()
                     throw new InvalidOperationException("You need to call Push first.");
                 }
 
+                // This will decode any HTML entities into their textual equivalent.
+                //
+                // This is OK because an HtmlContent node is used with document.createTextNode
+                // in the DOM, which can accept content that has decoded entities.
+                //
+                // In the event that we merge HtmlContent into an HtmlBlock, we need to
+                // re-encode the entites. That's done in the HtmlBlock pass.
                 var tokens = _textSource.Tokenize(HtmlEntityService.Resolver);
                 return tokens;
             }

src/Microsoft.AspNetCore.Blazor.Razor.Extensions/HtmlBlockPass.cs

@@ -5,6 +5,7 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Text;
+using AngleSharp.Html;
 using Microsoft.AspNetCore.Razor.Language;
 using Microsoft.AspNetCore.Razor.Language.Intermediate;
 
@@ -166,11 +167,15 @@ private class RewriteVisitor :
             IntermediateNodeWalker,
             IExtensionIntermediateNodeVisitor<HtmlElementIntermediateNode>
         {
+            private readonly StringBuilder _encodingBuilder;
+
             private readonly List<IntermediateNodeReference> _trees;
 
             public RewriteVisitor(List<IntermediateNodeReference> trees)
             {
                 _trees = trees;
+
+                _encodingBuilder = new StringBuilder();
             }
 
             public StringBuilder Builder { get; } = new StringBuilder();
@@ -251,19 +256,28 @@ public override void VisitHtmlAttribute(HtmlAttributeIntermediateNode node)
 
             public override void VisitHtmlAttributeValue(HtmlAttributeValueIntermediateNode node)
             {
-                // Visit Children
-                base.VisitDefault(node);
+                Builder.Append(Encode(node.Children));
             }
 
             public override void VisitHtml(HtmlContentIntermediateNode node)
             {
-                // Visit Children
-                base.VisitDefault(node);
+                Builder.Append(Encode(node.Children));
             }
 
-            public override void VisitToken(IntermediateToken node)
+            private string Encode(IntermediateNodeCollection nodes)
             {
-                Builder.Append(node.Content);
+                // We need to HTML encode text content. We would have decoded HTML entities
+                // earlier when we parsed the text into a tree, but since we're folding
+                // this node into a block of pre-encoded HTML we need to be sure to
+                // re-encode.
+                _encodingBuilder.Clear();
+
+                for (var i = 0; i < nodes.Count; i++)
+                {
+                    _encodingBuilder.Append(((IntermediateToken)nodes[i]).Content);
+                }
+
+                return HtmlMarkupFormatter.Instance.Text(_encodingBuilder.ToString());
             }
         }
     }

test/Microsoft.AspNetCore.Blazor.Build.Test/ComponentRenderingRazorIntegrationTest.cs

@@ -472,5 +472,21 @@ public void OnComponentHover(UIMouseEventArgs e)
                 frame => AssertFrame.Attribute(frame, "onmouseover", 1),
                 frame => AssertFrame.Attribute(frame, "style", "background: #FFFFFF;", 2));
         }
+
+        // Text nodes decode HTML entities
+        [Fact]
+        public void Render_Component_HtmlEncoded()
+        {
+            // Arrange
+            var component = CompileToComponent(@"<span>Hi&lt/span>");
+
+            // Act
+            var frames = GetRenderTree(component);
+
+            // Assert
+            Assert.Collection(
+                frames,
+                frame => AssertFrame.Text(frame, "<span>Hi</span>"));
+        }
     }
 }

test/Microsoft.AspNetCore.Blazor.Build.Test/RuntimeCodeGenerationTest.cs

@@ -1256,7 +1256,6 @@ public class MyComponent : BlazorComponent
         [Fact] // We don't process <!DOCTYPE ...> - we just skip them
         public void Component_WithDocType()
         {
-            GenerateBaselines = true;
             // Arrange
 
             // Act

test/Microsoft.AspNetCore.Blazor.Build.Test/TestFiles/RuntimeCodeGenerationTest/ChildComponent_WithChildContent/TestComponent.codegen.cs

@@ -19,10 +19,7 @@ protected override void BuildRenderTree(Microsoft.AspNetCore.Blazor.RenderTree.R
             builder.AddAttribute(1, "MyAttr", "abc");
             builder.AddAttribute(2, "ChildContent", (Microsoft.AspNetCore.Blazor.RenderFragment)((builder2) => {
                 builder2.AddContent(3, "Some text");
-                builder2.OpenElement(4, "some-child");
-                builder2.AddAttribute(5, "a", "1");
-                builder2.AddContent(6, "Nested text");
-                builder2.CloseElement();
+                builder2.AddMarkupContent(4, "<some-child a=\"1\">Nested text</some-child>");
             }
             ));
             builder.CloseComponent();

test/Microsoft.AspNetCore.Blazor.Build.Test/TestFiles/RuntimeCodeGenerationTest/ChildComponent_WithChildContent/TestComponent.ir.txt

@@ -13,12 +13,7 @@ Document -
                 ComponentExtensionNode - (31:1,0 [91] x:\dir\subdir\Test\TestComponent.cshtml) - MyComponent - Test.MyComponent
                     HtmlContent - (57:1,26 [9] x:\dir\subdir\Test\TestComponent.cshtml)
                         IntermediateToken - (57:1,26 [9] x:\dir\subdir\Test\TestComponent.cshtml) - Html - Some text
-                    HtmlElement - (66:1,35 [42] x:\dir\subdir\Test\TestComponent.cshtml) - some-child
-                        HtmlAttribute -  -  - 
-                            HtmlAttributeValue -  - 
-                                IntermediateToken -  - Html - 1
-                        HtmlContent - (84:1,53 [11] x:\dir\subdir\Test\TestComponent.cshtml)
-                            IntermediateToken - (84:1,53 [11] x:\dir\subdir\Test\TestComponent.cshtml) - Html - Nested text
+                    HtmlBlock -  - <some-child a="1">Nested text</some-child>
                     ComponentAttributeExtensionNode - (52:1,21 [3] x:\dir\subdir\Test\TestComponent.cshtml) - MyAttr - MyAttr
                         HtmlContent - (52:1,21 [3] x:\dir\subdir\Test\TestComponent.cshtml)
                             IntermediateToken - (52:1,21 [3] x:\dir\subdir\Test\TestComponent.cshtml) - Html - abc

test/Microsoft.AspNetCore.Blazor.Build.Test/TestFiles/RuntimeCodeGenerationTest/ChildComponent_WithElementOnlyChildContent/TestComponent.codegen.cs

@@ -17,9 +17,7 @@ protected override void BuildRenderTree(Microsoft.AspNetCore.Blazor.RenderTree.R
             base.BuildRenderTree(builder);
             builder.OpenComponent<Test.MyComponent>(0);
             builder.AddAttribute(1, "ChildContent", (Microsoft.AspNetCore.Blazor.RenderFragment)((builder2) => {
-                builder2.OpenElement(2, "child");
-                builder2.AddContent(3, "hello");
-                builder2.CloseElement();
+                builder2.AddMarkupContent(2, "<child>hello</child>");
             }
             ));
             builder.CloseComponent();

test/Microsoft.AspNetCore.Blazor.Build.Test/TestFiles/RuntimeCodeGenerationTest/ChildComponent_WithElementOnlyChildContent/TestComponent.ir.txt

@@ -11,6 +11,4 @@ Document -
                 CSharpCode - 
                     IntermediateToken -  - CSharp - base.BuildRenderTree(builder);
                 ComponentExtensionNode - (31:1,0 [47] x:\dir\subdir\Test\TestComponent.cshtml) - MyComponent - Test.MyComponent
-                    HtmlElement - (44:1,13 [20] x:\dir\subdir\Test\TestComponent.cshtml) - child
-                        HtmlContent - (51:1,20 [5] x:\dir\subdir\Test\TestComponent.cshtml)
-                            IntermediateToken - (51:1,20 [5] x:\dir\subdir\Test\TestComponent.cshtml) - Html - hello
+                    HtmlBlock -  - <child>hello</child>

test/Microsoft.AspNetCore.Blazor.Build.Test/TestFiles/RuntimeCodeGenerationTest/Component_WithDocType/TestComponent.codegen.cs

@@ -15,9 +15,7 @@ public class TestComponent : Microsoft.AspNetCore.Blazor.Components.BlazorCompon
         protected override void BuildRenderTree(Microsoft.AspNetCore.Blazor.RenderTree.RenderTreeBuilder builder)
         {
             base.BuildRenderTree(builder);
-            builder.OpenElement(0, "div");
-            builder.AddContent(1, "\n");
-            builder.CloseElement();
+            builder.AddMarkupContent(0, "<div>\n</div>");
         }
         #pragma warning restore 1998
     }