1
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-07-10 17:26:25 +02:00

Support for safe external scripts via explicit whitelist.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
This commit is contained in:
Edward Z. Yang
2012-04-27 17:44:49 -04:00
parent 7291f19347
commit 2189a9430f
8 changed files with 95 additions and 2 deletions

View File

@ -0,0 +1,33 @@
<?php
class HTMLPurifier_HTMLModule_SafeScriptingTest extends HTMLPurifier_HTMLModuleHarness
{
function setUp() {
parent::setUp();
$this->config->set('HTML.SafeScripting', array('http://localhost/foo.js'));
}
function testMinimal() {
$this->assertResult(
'<script></script>',
''
);
}
function testGood() {
$this->assertResult(
'<script type="text/javascript" src="http://localhost/foo.js" />'
);
}
function testBad() {
$this->assertResult(
'<script type="text/javascript" src="http://localhost/foobar.js" />',
''
);
}
}
// vim: et sw=4 sts=4