Add a directive that lets you disallow pure-registry overloading.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@216 48356398-32a2-884e-a903-53898d9a118a
2025-08-06 06:07:26 +02:00 · 2006-08-12 17:12:27 +00:00
parent 6c3d364213
commit 8167fca493
3 changed files with 24 additions and 4 deletions
--- a/tests/HTMLPurifier/URISchemeRegistryTest.php
+++ b/tests/HTMLPurifier/URISchemeRegistryTest.php
@@ -11,6 +11,7 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase
        
        $config = HTMLPurifier_Config::createDefault();
        $config->set('URI', 'AllowedSchemes', array('http' => true, 'telnet' => true));
+        $config->set('URI', 'OverrideAllowedSchemes', true);
        
        $registry = new HTMLPurifier_URISchemeRegistry();
        $this->assertIsA($registry->getScheme('http'), 'HTMLPurifier_URIScheme_http');
@@ -31,7 +32,11 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase
        $registry->register('foobar', $scheme_foobar);
        $this->assertIdentical($registry->getScheme('foobar', $config), $scheme_foobar);
        
-        // however, don't try to get a scheme that isn't allowed
+        // now, test when overriding is not allowed
+        $config->set('URI', 'OverrideAllowedSchemes', false);
+        $this->assertNull($registry->getScheme('foobar', $config));
+        
+        // scheme not allowed and never registered
        $this->assertNull($registry->getScheme('ftp', $config));
        
    }