mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-06 14:16:32 +02:00
Code Issues Releases Wiki Activity

Tighter CSS selector validation.

Browse Source 
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
This commit is contained in:
Edward Z. Yang
2012-01-14 03:08:02 -05:00
parent 9de0785448
commit 1c7fedff5a
8 changed files with 258 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php
View File

@@ -10,7 +10,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocksTest extends HTMLPurifier_Harness
function test_tokenizeHTML_extractStyleBlocks() {
$this->config->set('Filter.ExtractStyleBlocks', true);
$purifier = new HTMLPurifier($this->config);
$result = $purifier->purify('<style type="text/css">.foo {text-align:center;bogus:remove-me;}</style>Test<style>* {font-size:12pt;}</style>');
$result = $purifier->purify('<style type="text/css">.foo {text-align:center;bogus:remove-me;} body.class[foo="attr"] {text-align:right;}</style>Test<style>* {font-size:12pt;}</style>');
$this->assertIdentical($result, 'Test');
$this->assertIdentical($purifier->context->get('StyleBlocks'),
array(
@@ -153,7 +153,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocksTest extends HTMLPurifier_Harness
$this->config->set('Filter.ExtractStyleBlocks.Scope', '#foo, .bar');
$this->assertCleanCSS(
"p, div {\ntext-indent:1em;\n}",
"#foo p, #foo div, .bar p, .bar div {\ntext-indent:1em;\n}"
"#foo p, .bar p, #foo div, .bar div {\ntext-indent:1em;\n}"
);
}
@@ -191,6 +191,41 @@ text-align:right;
);
}
function test_atSelector() {
$this->assertCleanCSS(
"{
b { text-align: center; }
}",
""
);
}
function test_selectorValidation() {
$this->assertCleanCSS(
"&, & {
text-align: center;
}",
""
);
$this->assertCleanCSS(
"&, b {
text-align:center;
}",
"b {
text-align:center;
}"
);
$this->assertCleanCSS(
"& a #foo:hover.bar +b > i {
text-align:center;
}",
"a #foo:hover.bar + b \\3E i {
text-align:center;
}"
);
$this->assertCleanCSS("doesnt-exist { text-align:center }", "");
}
}
// vim: et sw=4 sts=4