[1.3.0] Added spiffy new smoketest printDefinition.php, which lets you twiddle with the configuration settings and see how the internal rules are affected. (currently only complete for HTMLDefinition).

- HTMLPurifier -> HTML Purifier . HTMLPurifier_Config->getBatch($namespace) added . More lenient casting to bool from string in HTMLPurifier_ConfigSchema . <?xml ... tags added to all smoketests git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@578 48356398-32a2-884e-a903-53898d9a118a
2025-08-18 11:51:19 +02:00 · 2006-11-24 06:26:02 +00:00
parent 775763c583
commit 73a1e31fad
12 changed files with 483 additions and 14 deletions
--- a/smoketests/common.php
+++ b/smoketests/common.php
@@ -2,8 +2,7 @@

 header('Content-type: text/html; charset=UTF-8');

-set_include_path('../library' . PATH_SEPARATOR . get_include_path());
-require_once 'HTMLPurifier.php';
+require_once '../library/HTMLPurifier.auto.php';

 function escapeHTML($string) {
    $string = HTMLPurifier_Encoder::cleanUTF8($string);
--- a/smoketests/printDefinition.php
+++ b/smoketests/printDefinition.php
@@ -0,0 +1,122 @@
+<?php
+
+require_once 'common.php'; // load library
+
+require_once 'HTMLPurifier/Printer/HTMLDefinition.php';
+require_once 'HTMLPurifier/Printer/CSSDefinition.php';
+
+$config = HTMLPurifier_Config::createDefault();
+
+// you can do custom configuration!
+if (file_exists('printDefinition.settings.php')) {
+    include 'printDefinition.settings.php';
+}
+
+$get = $_GET;
+foreach ($_GET as $key => $value) {
+    if (!strncmp($key, 'Null_', 5) && !empty($value)) {
+        unset($get[substr($key, 5)]);
+        unset($get[$key]);
+    }
+}
+
+@$config->loadArray($get);
+
+$printer_html_definition = new HTMLPurifier_Printer_HTMLDefinition();
+$printer_css_definition = new HTMLPurifier_Printer_CSSDefinition();
+
+echo '<?xml version="1.0" encoding="UTF-8" ?>';
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
+<head>
+    <title>HTML Purifier Printer Smoketest</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <style type="text/css">
+        form table {margin:1em auto;}
+        form th {text-align:right;padding-right:1em;}
+        .HTMLPurifier_Printer table {border-collapse:collapse;
+            border:1px solid #000; width:600px;
+            margin:1em auto;font-family:sans-serif;font-size:75%;}
+        .HTMLPurifier_Printer td, .HTMLPurifier_Printer th {padding:3px;
+            border:1px solid #000;background:#CCC; vertical-align: baseline;}
+        .HTMLPurifier_Printer th {text-align:left;background:#CCF;width:20%;}
+        .HTMLPurifier_Printer caption {font-size:1.5em; font-weight:bold;
+            width:100%;}
+        .HTMLPurifier_Printer .heavy {background:#99C;text-align:center;}
+    </style>
+    <script type="text/javascript">
+        function toggleWriteability(id_of_patient, checked) {
+            document.getElementById(id_of_patient).disabled = checked;
+        }
+    </script>
+</head>
+<body>
+<h1>HTML Purifier Printer Smoketest</h1>
+<p>Pretty-print an object and see how it turns out.</p>
+<h2>Modify configuration</h2>
+<form id="edit-config" method="get" action="printDefinition.php">
+<table>
+<?php
+    $directives = $config->getBatch('HTML');
+    // can't handle hashes
+    foreach ($directives as $key => $value) {
+        $directive = "HTML.$key";
+        if (is_array($value)) {
+            $keys = array_keys($value);
+            if ($keys === array_keys($keys)) {
+                $value = implode(',', $keys);
+            } else {
+                $new_value = '';
+                foreach ($value as $name => $bool) {
+                    if ($bool !== true) continue;
+                    $new_value .= "$name,";
+                }
+                $value = rtrim($new_value, ',');
+            }
+        }
+        $allow_null = $config->def->info['HTML'][$key]->allow_null;
+?>
+<tr>
+<th>%<?php echo $directive; ?></th>
+<td>
+<?php if (is_bool($value)) { ?>
+    <input type="checkbox" name="<?php echo $directive; ?>" value="1"<?php if ($value) { ?> checked="checked"<?php } ?> />
+<?php } else { ?>
+    <?php if($allow_null) { ?>
+        Null <input
+                type="checkbox"
+                value="1"
+                onclick="toggleWriteability('<?php echo $directive ?>',checked)"
+                name="Null_<?php echo $directive; ?>"
+                <?php if ($value === null) { ?> checked="checked"<?php } ?>
+              /> or 
+    <?php } ?>
+    <input
+        type="text"
+        id="<?php echo $directive; ?>"
+        name="<?php echo $directive; ?>"
+        value="<?php echo escapeHTML($value); ?>"
+        <?php if($value === null) {echo 'disabled="disabled"';} ?>
+    />
+<?php } ?>
+</td>
+</tr>
+<?php
+    }
+?>
+<tr>
+    <td colspan="2" style="text-align:right;">
+        [<a href="printDefinition.php">Reset</a>]
+        <input type="submit" value="Submit" />
+    </td>
+</tr>
+</table>
+</form>
+<h2>HTMLDefinition</h2>
+<?php echo $printer_html_definition->render($config) ?>
+<h2>CSSDefinition</h2>
+<?php echo $printer_css_definition->render($config) ?>
+</body>
+</html>
--- a/smoketests/utf8.php
+++ b/smoketests/utf8.php
@@ -2,16 +2,17 @@

 require_once 'common.php';

+echo '<?xml version="1.0" encoding="UTF-8" ?>';
 ?><!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html>
 <head>
-<title>HTMLPurifier UTF-8 Smoketest</title>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <title>HTML Purifier UTF-8 Smoketest</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
 </head>
 <body>
-<h1>HTMLPurifier UTF-8 Smoketest</h1>
+<h1>HTML Purifier UTF-8 Smoketest</h1>
 <?php

 $purifier = new HTMLPurifier();
--- a/smoketests/variableWidthAttack.php
+++ b/smoketests/variableWidthAttack.php
@@ -2,16 +2,17 @@

 require_once 'common.php';

+echo '<?xml version="1.0" encoding="UTF-8" ?>';
 ?><!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html>
 <head>
-<title>HTMLPurifier Variable Width Attack Smoketest</title>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <title>HTML Purifier Variable Width Attack Smoketest</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
 </head>
 <body>
-<h1>HTMLPurifier Variable Width Attack Smoketest</h1>
+<h1>HTML Purifier Variable Width Attack Smoketest</h1>
 <p>For more information, see
 <a href="http://applesoup.googlepages.com/bypass_filter.txt">Cheng Peng Su's
 original advisory.</a>  This particular exploit code appears only to work
--- a/smoketests/xssAttacks.php
+++ b/smoketests/xssAttacks.php
@@ -20,7 +20,7 @@ function formatCode($string) {
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html>
 <head>
-    <title>HTMLPurifier XSS Attacks Smoketest</title>
+    <title>HTML Purifier XSS Attacks Smoketest</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <style type="text/css">
        .scroll {overflow:auto; width:100%;}
@@ -31,7 +31,7 @@ function formatCode($string) {
    </style>
 </head>
 <body>
-<h1>HTMLPurifier XSS Attacks Smoketest</h1>
+<h1>HTML Purifier XSS Attacks Smoketest</h1>
 <p>XSS attacks are from
 <a href="http://ha.ckers.org/xss.html">http://ha.ckers.org/xss.html</a>.</p>
 <p><strong>Caveats:</strong>