first commit
This commit is contained in:
166
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/FormsTest.php
Executable file
166
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/FormsTest.php
Executable file
@ -0,0 +1,166 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_FormsTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.Trusted', true);
|
||||
$this->config->set('Attr.EnableID', true);
|
||||
}
|
||||
|
||||
public function testBasicUse()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult( // need support for label for later
|
||||
'
|
||||
<form action="http://somesite.com/prog/adduser" method="post">
|
||||
<p>
|
||||
<label>First name: </label>
|
||||
<input type="text" id="firstname" /><br />
|
||||
<label>Last name: </label>
|
||||
<input type="text" id="lastname" /><br />
|
||||
<label>email: </label>
|
||||
<input type="text" id="email" /><br />
|
||||
<input type="radio" name="sex" value="Male" /> Male<br />
|
||||
<input type="radio" name="sex" value="Female" /> Female<br />
|
||||
<input type="submit" value="Send" /> <input type="reset" />
|
||||
</p>
|
||||
</form>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testSelectOption()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult('
|
||||
<form action="http://somesite.com/prog/component-select" method="post">
|
||||
<p>
|
||||
<select multiple="multiple" size="4" name="component-select">
|
||||
<option selected="selected" value="Component_1_a">Component_1</option>
|
||||
<option selected="selected" value="Component_1_b">Component_2</option>
|
||||
<option>Component_3</option>
|
||||
<option>Component_4</option>
|
||||
<option>Component_5</option>
|
||||
<option>Component_6</option>
|
||||
<option>Component_7</option>
|
||||
</select>
|
||||
<input type="submit" value="Send" /><input type="reset" />
|
||||
</p>
|
||||
</form>
|
||||
');
|
||||
}
|
||||
|
||||
public function testSelectOptgroup()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult('
|
||||
<form action="http://somesite.com/prog/someprog" method="post">
|
||||
<p>
|
||||
<select name="ComOS">
|
||||
<option selected="selected" label="none" value="none">None</option>
|
||||
<optgroup label="PortMaster 3">
|
||||
<option label="3.7.1" value="pm3_3.7.1">PortMaster 3 with ComOS 3.7.1</option>
|
||||
<option label="3.7" value="pm3_3.7">PortMaster 3 with ComOS 3.7</option>
|
||||
<option label="3.5" value="pm3_3.5">PortMaster 3 with ComOS 3.5</option>
|
||||
</optgroup>
|
||||
<optgroup label="PortMaster 2">
|
||||
<option label="3.7" value="pm2_3.7">PortMaster 2 with ComOS 3.7</option>
|
||||
<option label="3.5" value="pm2_3.5">PortMaster 2 with ComOS 3.5</option>
|
||||
</optgroup>
|
||||
<optgroup label="IRX">
|
||||
<option label="3.7R" value="IRX_3.7R">IRX with ComOS 3.7R</option>
|
||||
<option label="3.5R" value="IRX_3.5R">IRX with ComOS 3.5R</option>
|
||||
</optgroup>
|
||||
</select>
|
||||
</p>
|
||||
</form>
|
||||
');
|
||||
}
|
||||
|
||||
public function testTextarea()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult('
|
||||
<form action="http://somesite.com/prog/text-read" method="post">
|
||||
<p>
|
||||
<textarea name="thetext" rows="20" cols="80">
|
||||
First line of initial text.
|
||||
Second line of initial text.
|
||||
</textarea>
|
||||
<input type="submit" value="Send" /><input type="reset" />
|
||||
</p>
|
||||
</form>
|
||||
');
|
||||
}
|
||||
|
||||
// label tests omitted
|
||||
|
||||
public function testFieldset()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult('
|
||||
<form action="..." method="post">
|
||||
<fieldset>
|
||||
<legend>Personal Information</legend>
|
||||
Last Name: <input name="personal_lastname" type="text" tabindex="1" />
|
||||
First Name: <input name="personal_firstname" type="text" tabindex="2" />
|
||||
Address: <input name="personal_address" type="text" tabindex="3" />
|
||||
...more personal information...
|
||||
</fieldset>
|
||||
<fieldset>
|
||||
<legend>Medical History</legend>
|
||||
<input name="history_illness" type="checkbox" value="Smallpox" tabindex="20" />Smallpox
|
||||
<input name="history_illness" type="checkbox" value="Mumps" tabindex="21" /> Mumps
|
||||
<input name="history_illness" type="checkbox" value="Dizziness" tabindex="22" /> Dizziness
|
||||
<input name="history_illness" type="checkbox" value="Sneezing" tabindex="23" /> Sneezing
|
||||
...more medical history...
|
||||
</fieldset>
|
||||
<fieldset>
|
||||
<legend>Current Medication</legend>
|
||||
Are you currently taking any medication?
|
||||
<input name="medication_now" type="radio" value="Yes" tabindex="35" />Yes
|
||||
<input name="medication_now" type="radio" value="No" tabindex="35" />No
|
||||
|
||||
If you are currently taking medication, please indicate
|
||||
it in the space below:
|
||||
<textarea name="current_medication" rows="20" cols="50" tabindex="40"></textarea>
|
||||
</fieldset>
|
||||
</form>
|
||||
');
|
||||
}
|
||||
|
||||
public function testInputTransform()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'XHTML 1.0 Strict');
|
||||
$this->assertResult('<input type="checkbox" />', '<input type="checkbox" value="" />');
|
||||
}
|
||||
|
||||
public function testTextareaTransform()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult('<textarea></textarea>', '<textarea cols="22" rows="3"></textarea>');
|
||||
}
|
||||
|
||||
public function testTextInFieldset()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult('<fieldset> <legend></legend>foo</fieldset>');
|
||||
}
|
||||
|
||||
public function testStrict()
|
||||
{
|
||||
$this->config->set('HTML.Doctype', 'HTML 4.01 Strict');
|
||||
$this->assertResult('<form action=""></form>', '');
|
||||
}
|
||||
|
||||
public function testLegacy()
|
||||
{
|
||||
$this->assertResult('<form action=""></form>');
|
||||
$this->assertResult('<form action=""><input align="left" /></form>');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
61
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ImageTest.php
Executable file
61
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ImageTest.php
Executable file
@ -0,0 +1,61 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_ImageTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
|
||||
public function testNormal()
|
||||
{
|
||||
$this->assertResult('<img height="40" width="40" src="" alt="" />');
|
||||
}
|
||||
|
||||
public function testLengthTooLarge()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<img height="40000" width="40000" src="" alt="" />',
|
||||
'<img height="1200" width="1200" src="" alt="" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testLengthPercentage()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<img height="100%" width="100%" src="" alt="" />',
|
||||
'<img src="" alt="" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testLengthCustomMax()
|
||||
{
|
||||
$this->config->set('HTML.MaxImgLength', 20);
|
||||
$this->assertResult(
|
||||
'<img height="30" width="30" src="" alt="" />',
|
||||
'<img height="20" width="20" src="" alt="" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testLengthCrashFixDisabled()
|
||||
{
|
||||
$this->config->set('HTML.MaxImgLength', null);
|
||||
$this->assertResult(
|
||||
'<img height="100%" width="100%" src="" alt="" />'
|
||||
);
|
||||
$this->assertResult(
|
||||
'<img height="40000" width="40000" src="" alt="" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testLengthTrusted()
|
||||
{
|
||||
$this->config->set('HTML.Trusted', true);
|
||||
$this->assertResult(
|
||||
'<img height="100%" width="100%" src="" alt="" />'
|
||||
);
|
||||
$this->assertResult(
|
||||
'<img height="40000" width="40000" src="" alt="" />'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
36
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/NameTest.php
Executable file
36
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/NameTest.php
Executable file
@ -0,0 +1,36 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_NameTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
}
|
||||
|
||||
public function testBasicUse()
|
||||
{
|
||||
$this->config->set('Attr.EnableID', true);
|
||||
$this->assertResult(
|
||||
'<a name="foo">bar</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testCDATA()
|
||||
{
|
||||
$this->config->set('HTML.Attr.Name.UseCDATA', true);
|
||||
$this->assertResult(
|
||||
'<a name="2">Baz</a><a name="2">Bar</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testCDATAWithHeavyTidy()
|
||||
{
|
||||
$this->config->set('HTML.Attr.Name.UseCDATA', true);
|
||||
$this->config->set('HTML.TidyLevel', 'heavy');
|
||||
$this->assertResult('<a name="2">Baz</a>');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
30
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/NofollowTest.php
Executable file
30
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/NofollowTest.php
Executable file
@ -0,0 +1,30 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_NofollowTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.Nofollow', true);
|
||||
$this->config->set('Attr.AllowedRel', array("nofollow", "blah"));
|
||||
}
|
||||
|
||||
public function testNofollow()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com">x</a><a href="http://google.com" rel="blah">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>',
|
||||
'<a href="http://google.com" rel="nofollow">x</a><a href="http://google.com" rel="blah nofollow">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testNofollowDupe()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com" rel="nofollow">x</a><a href="http://google.com" rel="blah nofollow">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
42
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ObjectTest.php
Executable file
42
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ObjectTest.php
Executable file
@ -0,0 +1,42 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_ObjectTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.Trusted', true);
|
||||
}
|
||||
|
||||
public function testDefaultRemoval()
|
||||
{
|
||||
$this->config->set('HTML.Trusted', false);
|
||||
$this->assertResult(
|
||||
'<object></object>', ''
|
||||
);
|
||||
}
|
||||
|
||||
public function testMinimal()
|
||||
{
|
||||
$this->assertResult('<object></object>');
|
||||
}
|
||||
|
||||
public function testStandardUseCase()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<object type="video/x-ms-wmv" data="http://domain.com/video.wmv" width="320" height="256">
|
||||
<param name="src" value="http://domain.com/video.wmv" />
|
||||
<param name="autostart" value="false" />
|
||||
<param name="controller" value="true" />
|
||||
<param name="pluginurl" value="http://www.microsoft.com/Windows/MediaPlayer/" />
|
||||
<a href="http://www.microsoft.com/Windows/MediaPlayer/">Windows Media player required</a>
|
||||
</object>'
|
||||
);
|
||||
}
|
||||
|
||||
// more test-cases?
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
32
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ProprietaryTest.php
Executable file
32
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ProprietaryTest.php
Executable file
@ -0,0 +1,32 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_ProprietaryTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.Proprietary', true);
|
||||
}
|
||||
|
||||
public function testMarquee()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<span><marquee
|
||||
width="20%"
|
||||
height="34"
|
||||
direction="left"
|
||||
behavior="alternate"
|
||||
scrolldelay="3"
|
||||
scrollamount="5"
|
||||
loop="4"
|
||||
bgcolor="#FF0000"
|
||||
hspace="5"
|
||||
vspace="3"
|
||||
><div>Block</div><span>Inline</span>Text</marquee></span>'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
60
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/RubyTest.php
Executable file
60
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/RubyTest.php
Executable file
@ -0,0 +1,60 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_RubyTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.Doctype', 'XHTML 1.1');
|
||||
}
|
||||
|
||||
public function testBasicUse()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<ruby><rb>WWW</rb><rt>World Wide Web</rt></ruby>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testRPUse()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<ruby><rb>WWW</rb><rp>(</rp><rt>World Wide Web</rt><rp>)</rp></ruby>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testComplexUse()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<ruby>
|
||||
<rbc>
|
||||
<rb>10</rb>
|
||||
<rb>31</rb>
|
||||
<rb>2002</rb>
|
||||
</rbc>
|
||||
<rtc>
|
||||
<rt>Month</rt>
|
||||
<rt>Day</rt>
|
||||
<rt>Year</rt>
|
||||
</rtc>
|
||||
<rtc>
|
||||
<rt rbspan="3">Expiration Date</rt>
|
||||
</rtc>
|
||||
</ruby>'
|
||||
);
|
||||
|
||||
/* not implemented
|
||||
function testBackwardsCompat()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<ruby>A<rp>(</rp><rt>aaa</rt><rp>)</rp></ruby>',
|
||||
'<ruby><rb>A</rb><rp>(</rp><rt>aaa</rt><rp>)</rp></ruby>'
|
||||
);
|
||||
}
|
||||
*/
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
46
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/SafeEmbedTest.php
Executable file
46
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/SafeEmbedTest.php
Executable file
@ -0,0 +1,46 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_SafeEmbedTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$def = $this->config->getHTMLDefinition(true);
|
||||
$def->manager->addModule('SafeEmbed');
|
||||
}
|
||||
|
||||
public function testMinimal()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<embed src="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" />',
|
||||
'<embed src="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" allowscriptaccess="never" allownetworking="internal" type="application/x-shockwave-flash" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testYouTube()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<embed src="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" type="application/x-shockwave-flash" width="425" height="344"></embed>',
|
||||
'<embed src="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" type="application/x-shockwave-flash" width="425" height="344" allowscriptaccess="never" allownetworking="internal" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testMalicious()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<embed src="http://example.com/bad.swf" type="application/x-shockwave-flash" width="9999999" height="3499994" allowscriptaccess="always" allownetworking="always" />',
|
||||
'<embed src="http://example.com/bad.swf" type="application/x-shockwave-flash" width="1200" height="1200" allowscriptaccess="never" allownetworking="internal" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testFull()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<b><embed src="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" type="application/x-shockwave-flash" width="24" height="23" allowscriptaccess="never" allownetworking="internal" wmode="window" /></b>'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
55
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/SafeObjectTest.php
Executable file
55
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/SafeObjectTest.php
Executable file
@ -0,0 +1,55 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_SafeObjectTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.DefinitionID', 'HTMLPurifier_HTMLModule_SafeObjectTest');
|
||||
$this->config->set('HTML.SafeObject', true);
|
||||
}
|
||||
|
||||
public function testMinimal()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<object></object>',
|
||||
'<object type="application/x-shockwave-flash"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testYouTube()
|
||||
{
|
||||
// embed is purposely removed
|
||||
$this->assertResult(
|
||||
'<object width="425" height="344"><param name="movie" value="http://www.youtube.com/v/RVtEQxH7PWA&hl=en"></param><embed src="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" type="application/x-shockwave-flash" width="425" height="344"></embed></object>',
|
||||
'<object width="425" height="344" data="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" type="application/x-shockwave-flash"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="movie" value="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" /></object>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testMalicious()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<object width="9999999" height="9999999"><param name="allowScriptAccess" value="always" /><param name="movie" value="http://example.com/attack.swf" /></object>',
|
||||
'<object width="1200" height="1200" data="http://example.com/attack.swf" type="application/x-shockwave-flash"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="movie" value="http://example.com/attack.swf" /></object>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testFull()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<b><object width="425" height="344" type="application/x-shockwave-flash" data="Foobar"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="flashvars" value="foobarbaz=bally" /><param name="movie" value="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" /><param name="wmode" value="window" /></object></b>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testFullScreen()
|
||||
{
|
||||
$this->config->set('HTML.FlashAllowFullScreen', true);
|
||||
$this->assertResult(
|
||||
'<b><object width="425" height="344" type="application/x-shockwave-flash" data="Foobar"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="flashvars" value="foobarbaz=bally" /><param name="movie" value="http://www.youtube.com/v/RVtEQxH7PWA&hl=en" /><param name="wmode" value="window" /><param name="allowFullScreen" value="true" /></object></b>'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
37
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/SafeScriptingTest.php
Executable file
37
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/SafeScriptingTest.php
Executable file
@ -0,0 +1,37 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_SafeScriptingTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.SafeScripting', array('http://localhost/foo.js'));
|
||||
}
|
||||
|
||||
public function testMinimal()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<script></script>',
|
||||
''
|
||||
);
|
||||
}
|
||||
|
||||
public function testGood()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript" src="http://localhost/foo.js" />'
|
||||
);
|
||||
}
|
||||
|
||||
public function testBad()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript" src="http://localhost/foobar.js" />',
|
||||
''
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
61
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ScriptingTest.php
Executable file
61
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/ScriptingTest.php
Executable file
@ -0,0 +1,61 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_ScriptingTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.Trusted', true);
|
||||
$this->config->set('Output.CommentScriptContents', false);
|
||||
}
|
||||
|
||||
public function testDefaultRemoval()
|
||||
{
|
||||
$this->config->set('HTML.Trusted', false);
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript">foo();</script>', ''
|
||||
);
|
||||
}
|
||||
|
||||
public function testPreserve()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript">foo();</script>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testCDATAEnclosure()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript">//<![CDATA[
|
||||
alert("<This is compatible with XHTML>");
|
||||
//]]></script>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testAllAttributes()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<script
|
||||
defer="defer"
|
||||
src="test.js"
|
||||
type="text/javascript"
|
||||
>PCDATA</script>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testUnsupportedAttributes()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<script
|
||||
type="text/javascript"
|
||||
charset="utf-8"
|
||||
>PCDATA</script>',
|
||||
'<script type="text/javascript">PCDATA</script>'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
29
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TargetBlankTest.php
Executable file
29
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TargetBlankTest.php
Executable file
@ -0,0 +1,29 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_TargetBlankTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.TargetBlank', true);
|
||||
}
|
||||
|
||||
public function testTargetBlank()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noreferrer noopener">a</a><a href="/local">b</a><a href="mailto:foo@example.com">c</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testTargetBlankNoDupe() {
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com" target="_blank">a</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noreferrer noopener">a</a>'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
51
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TargetNoopenerTest.php
Executable file
51
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TargetNoopenerTest.php
Executable file
@ -0,0 +1,51 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_TargetNoopenerTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.TargetNoreferrer', false);
|
||||
$this->config->set('HTML.TargetNoopener', true);
|
||||
$this->config->set('Attr.AllowedFrameTargets', '_blank');
|
||||
}
|
||||
|
||||
public function testNoreferrer()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com" target="_blank">x</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noopener">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testNoreferrerNoDupe()
|
||||
{
|
||||
$this->config->set('Attr.AllowedRel', 'noopener');
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com" target="_blank" rel="noopener">x</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noopener">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testTargetBlankNoreferrer()
|
||||
{
|
||||
$this->config->set('HTML.TargetBlank', true);
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com">x</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noopener">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testNoTarget()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com">x</a>',
|
||||
'<a href="http://google.com">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
51
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TargetNoreferrerTest.php
Executable file
51
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TargetNoreferrerTest.php
Executable file
@ -0,0 +1,51 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_HTMLModule_TargetNoreferrerTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->config->set('HTML.TargetNoreferrer', true);
|
||||
$this->config->set('HTML.TargetNoopener', false);
|
||||
$this->config->set('Attr.AllowedFrameTargets', '_blank');
|
||||
}
|
||||
|
||||
public function testNoreferrer()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com" target="_blank">x</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noreferrer">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testNoreferrerNoDupe()
|
||||
{
|
||||
$this->config->set('Attr.AllowedRel', 'noreferrer');
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com" target="_blank" rel="noreferrer">x</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noreferrer">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testTargetBlankNoreferrer()
|
||||
{
|
||||
$this->config->set('HTML.TargetBlank', true);
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com">x</a>',
|
||||
'<a href="http://google.com" target="_blank" rel="noreferrer">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function testNoTarget()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<a href="http://google.com">x</a>',
|
||||
'<a href="http://google.com">x</a>'
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
224
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TidyTest.php
Executable file
224
htmlpurifier-4.10.0/tests/HTMLPurifier/HTMLModule/TidyTest.php
Executable file
@ -0,0 +1,224 @@
|
||||
<?php
|
||||
|
||||
Mock::generatePartial(
|
||||
'HTMLPurifier_HTMLModule_Tidy',
|
||||
'HTMLPurifier_HTMLModule_Tidy_TestForConstruct',
|
||||
array('makeFixes', 'makeFixesForLevel', 'populate')
|
||||
);
|
||||
|
||||
class HTMLPurifier_HTMLModule_TidyTest extends HTMLPurifier_Harness
|
||||
{
|
||||
|
||||
public function test_getFixesForLevel()
|
||||
{
|
||||
$module = new HTMLPurifier_HTMLModule_Tidy();
|
||||
$module->fixesForLevel['light'][] = 'light-fix';
|
||||
$module->fixesForLevel['medium'][] = 'medium-fix';
|
||||
$module->fixesForLevel['heavy'][] = 'heavy-fix';
|
||||
|
||||
$this->assertIdentical(
|
||||
array(),
|
||||
$module->getFixesForLevel('none')
|
||||
);
|
||||
$this->assertIdentical(
|
||||
array('light-fix' => true),
|
||||
$module->getFixesForLevel('light')
|
||||
);
|
||||
$this->assertIdentical(
|
||||
array('light-fix' => true, 'medium-fix' => true),
|
||||
$module->getFixesForLevel('medium')
|
||||
);
|
||||
$this->assertIdentical(
|
||||
array('light-fix' => true, 'medium-fix' => true, 'heavy-fix' => true),
|
||||
$module->getFixesForLevel('heavy')
|
||||
);
|
||||
|
||||
$this->expectError('Tidy level turbo not recognized');
|
||||
$module->getFixesForLevel('turbo');
|
||||
|
||||
}
|
||||
|
||||
public function test_setup()
|
||||
{
|
||||
$i = 0; // counter, helps us isolate expectations
|
||||
|
||||
// initialize partial mock
|
||||
$module = new HTMLPurifier_HTMLModule_Tidy_TestForConstruct();
|
||||
$module->fixesForLevel['light'] = array('light-fix-1', 'light-fix-2');
|
||||
$module->fixesForLevel['medium'] = array('medium-fix-1', 'medium-fix-2');
|
||||
$module->fixesForLevel['heavy'] = array('heavy-fix-1', 'heavy-fix-2');
|
||||
|
||||
$j = 0;
|
||||
$fixes = array(
|
||||
'light-fix-1' => $lf1 = $j++,
|
||||
'light-fix-2' => $lf2 = $j++,
|
||||
'medium-fix-1' => $mf1 = $j++,
|
||||
'medium-fix-2' => $mf2 = $j++,
|
||||
'heavy-fix-1' => $hf1 = $j++,
|
||||
'heavy-fix-2' => $hf2 = $j++
|
||||
);
|
||||
$module->returns('makeFixes', $fixes);
|
||||
|
||||
$config = HTMLPurifier_Config::create(array(
|
||||
'HTML.TidyLevel' => 'none'
|
||||
));
|
||||
$module->expectAt($i++, 'populate', array(array()));
|
||||
$module->setup($config);
|
||||
|
||||
// basic levels
|
||||
|
||||
$config = HTMLPurifier_Config::create(array(
|
||||
'HTML.TidyLevel' => 'light'
|
||||
));
|
||||
$module->expectAt($i++, 'populate', array(array(
|
||||
'light-fix-1' => $lf1,
|
||||
'light-fix-2' => $lf2
|
||||
)));
|
||||
$module->setup($config);
|
||||
|
||||
$config = HTMLPurifier_Config::create(array(
|
||||
'HTML.TidyLevel' => 'heavy'
|
||||
));
|
||||
$module->expectAt($i++, 'populate', array(array(
|
||||
'light-fix-1' => $lf1,
|
||||
'light-fix-2' => $lf2,
|
||||
'medium-fix-1' => $mf1,
|
||||
'medium-fix-2' => $mf2,
|
||||
'heavy-fix-1' => $hf1,
|
||||
'heavy-fix-2' => $hf2
|
||||
)));
|
||||
$module->setup($config);
|
||||
|
||||
// fine grained tuning
|
||||
|
||||
$config = HTMLPurifier_Config::create(array(
|
||||
'HTML.TidyLevel' => 'none',
|
||||
'HTML.TidyAdd' => array('light-fix-1', 'medium-fix-1')
|
||||
));
|
||||
$module->expectAt($i++, 'populate', array(array(
|
||||
'light-fix-1' => $lf1,
|
||||
'medium-fix-1' => $mf1
|
||||
)));
|
||||
$module->setup($config);
|
||||
|
||||
$config = HTMLPurifier_Config::create(array(
|
||||
'HTML.TidyLevel' => 'medium',
|
||||
'HTML.TidyRemove' => array('light-fix-1', 'medium-fix-1')
|
||||
));
|
||||
$module->expectAt($i++, 'populate', array(array(
|
||||
'light-fix-2' => $lf2,
|
||||
'medium-fix-2' => $mf2
|
||||
)));
|
||||
$module->setup($config);
|
||||
|
||||
}
|
||||
|
||||
public function test_makeFixesForLevel()
|
||||
{
|
||||
$module = new HTMLPurifier_HTMLModule_Tidy();
|
||||
$module->defaultLevel = 'heavy';
|
||||
|
||||
$module->makeFixesForLevel(array(
|
||||
'fix-1' => 0,
|
||||
'fix-2' => 1,
|
||||
'fix-3' => 2
|
||||
));
|
||||
|
||||
$this->assertIdentical($module->fixesForLevel['heavy'], array('fix-1', 'fix-2', 'fix-3'));
|
||||
$this->assertIdentical($module->fixesForLevel['medium'], array());
|
||||
$this->assertIdentical($module->fixesForLevel['light'], array());
|
||||
|
||||
}
|
||||
public function test_makeFixesForLevel_undefinedLevel()
|
||||
{
|
||||
$module = new HTMLPurifier_HTMLModule_Tidy();
|
||||
$module->defaultLevel = 'bananas';
|
||||
|
||||
$this->expectError('Default level bananas does not exist');
|
||||
|
||||
$module->makeFixesForLevel(array(
|
||||
'fix-1' => 0
|
||||
));
|
||||
|
||||
}
|
||||
|
||||
public function test_getFixType()
|
||||
{
|
||||
// syntax needs documenting
|
||||
|
||||
$module = new HTMLPurifier_HTMLModule_Tidy();
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('a'),
|
||||
array('tag_transform', array('element' => 'a'))
|
||||
);
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('a@href'),
|
||||
$reuse = array('attr_transform_pre', array('element' => 'a', 'attr' => 'href'))
|
||||
);
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('a@href#pre'),
|
||||
$reuse
|
||||
);
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('a@href#post'),
|
||||
array('attr_transform_post', array('element' => 'a', 'attr' => 'href'))
|
||||
);
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('xml:foo@xml:bar'),
|
||||
array('attr_transform_pre', array('element' => 'xml:foo', 'attr' => 'xml:bar'))
|
||||
);
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('blockquote#child'),
|
||||
array('child', array('element' => 'blockquote'))
|
||||
);
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('@lang'),
|
||||
array('attr_transform_pre', array('attr' => 'lang'))
|
||||
);
|
||||
|
||||
$this->assertIdentical(
|
||||
$module->getFixType('@lang#post'),
|
||||
array('attr_transform_post', array('attr' => 'lang'))
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
public function test_populate()
|
||||
{
|
||||
$i = 0;
|
||||
|
||||
$module = new HTMLPurifier_HTMLModule_Tidy();
|
||||
$module->populate(array(
|
||||
'element' => $element = $i++,
|
||||
'element@attr' => $attr = $i++,
|
||||
'element@attr#post' => $attr_post = $i++,
|
||||
'element#child' => $child = $i++,
|
||||
'element#content_model_type' => $content_model_type = $i++,
|
||||
'@attr' => $global_attr = $i++,
|
||||
'@attr#post' => $global_attr_post = $i++
|
||||
));
|
||||
|
||||
$module2 = new HTMLPurifier_HTMLModule_Tidy();
|
||||
$e = $module2->addBlankElement('element');
|
||||
$e->attr_transform_pre['attr'] = $attr;
|
||||
$e->attr_transform_post['attr'] = $attr_post;
|
||||
$e->child = $child;
|
||||
$e->content_model_type = $content_model_type;
|
||||
$module2->info_tag_transform['element'] = $element;
|
||||
$module2->info_attr_transform_pre['attr'] = $global_attr;
|
||||
$module2->info_attr_transform_post['attr'] = $global_attr_post;
|
||||
|
||||
$this->assertEqual($module, $module2);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
Reference in New Issue
Block a user