mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-07-31 19:30:21 +02:00
[3.1.0] Implement tag@attr for Allowed and Forbidden
- Fix (or null) bug in configdoc git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1695 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang
@@ -4,24 +4,12 @@ class HTMLPurifierTest extends HTMLPurifier_Harness
|
||||
{
|
||||
protected $purifier;
|
||||
|
||||
function setUp() {
|
||||
$this->purifier = new HTMLPurifier();
|
||||
}
|
||||
|
||||
function assertPurification($input, $expect = null, $config = array()) {
|
||||
if ($expect === null) $expect = $input;
|
||||
$result = $this->purifier->purify($input, $config);
|
||||
$this->assertIdentical($expect, $result);
|
||||
}
|
||||
|
||||
function testNull() {
|
||||
$this->assertPurification("Null byte\0", "Null byte");
|
||||
}
|
||||
|
||||
function testStrict() {
|
||||
$config = HTMLPurifier_Config::createDefault();
|
||||
$config->set('HTML', 'Strict', true);
|
||||
$this->purifier = new HTMLPurifier( $config ); // verbose syntax
|
||||
$this->config->set('HTML', 'Strict', true);
|
||||
|
||||
$this->assertPurification(
|
||||
'<u>Illegal underline</u>',
|
||||
@@ -37,10 +25,8 @@ class HTMLPurifierTest extends HTMLPurifier_Harness
|
||||
|
||||
function testDifferentAllowedElements() {
|
||||
|
||||
$this->purifier = new HTMLPurifier(array(
|
||||
'HTML.AllowedElements' => array('b', 'i', 'p', 'a'),
|
||||
'HTML.AllowedAttributes' => array('a.href', '*.id')
|
||||
));
|
||||
$this->config->set('HTML', 'AllowedElements', array('b', 'i', 'p', 'a'));
|
||||
$this->config->set('HTML', 'AllowedAttributes', array('a.href', '*.id'));
|
||||
|
||||
$this->assertPurification(
|
||||
'<p>Par.</p><p>Para<a href="http://google.com/">gr</a>aph</p>Text<b>Bol<i>d</i></b>'
|
||||
@@ -54,10 +40,9 @@ class HTMLPurifierTest extends HTMLPurifier_Harness
|
||||
}
|
||||
|
||||
function testBlacklistElements() {
|
||||
$this->purifier = new HTMLPurifier(array(
|
||||
'HTML.ForbiddenElements' => array('b'),
|
||||
'HTML.ForbiddenAttributes' => array('a.href')
|
||||
));
|
||||
$this->config->set('HTML', 'ForbiddenElements', array('b'));
|
||||
$this->config->set('HTML', 'ForbiddenAttributes', array('a@href'));
|
||||
|
||||
$this->assertPurification(
|
||||
'<p>Par.</p>'
|
||||
);
|
||||
@@ -70,9 +55,7 @@ class HTMLPurifierTest extends HTMLPurifier_Harness
|
||||
|
||||
function testDifferentAllowedCSSProperties() {
|
||||
|
||||
$this->purifier = new HTMLPurifier(array(
|
||||
'CSS.AllowedProperties' => array('color', 'background-color')
|
||||
));
|
||||
$this->config->set('CSS', 'AllowedProperties', array('color', 'background-color'));
|
||||
|
||||
$this->assertPurification(
|
||||
'<div style="color:#f00;background-color:#ded;">red</div>'
|
||||
@@ -87,7 +70,7 @@ class HTMLPurifierTest extends HTMLPurifier_Harness
|
||||
|
||||
function testDisableURI() {
|
||||
|
||||
$this->purifier = new HTMLPurifier( array('URI.Disable' => true) );
|
||||
$this->config->set('URI', 'Disable', true);
|
||||
|
||||
$this->assertPurification(
|
||||
'<img src="foobar"/>',
|
||||
@@ -98,8 +81,6 @@ class HTMLPurifierTest extends HTMLPurifier_Harness
|
||||
|
||||
function test_purifyArray() {
|
||||
|
||||
$this->purifier = new HTMLPurifier();
|
||||
|
||||
$this->assertIdentical(
|
||||
$this->purifier->purifyArray(
|
||||
array('Good', '<b>Sketchy', 'foo' => '<script>bad</script>')
|
||||
@@ -111,23 +92,24 @@ class HTMLPurifierTest extends HTMLPurifier_Harness
|
||||
|
||||
}
|
||||
|
||||
function testEnableAttrID() {
|
||||
|
||||
$this->purifier = new HTMLPurifier();
|
||||
function testAttrIDDisabledByDefault() {
|
||||
|
||||
$this->assertPurification(
|
||||
'<span id="moon">foobar</span>',
|
||||
'<span>foobar</span>'
|
||||
);
|
||||
|
||||
$this->purifier = new HTMLPurifier(array('Attr.EnableID' => true));
|
||||
}
|
||||
|
||||
function testEnableAttrID() {
|
||||
$this->config->set('Attr', 'EnableID', true);
|
||||
$this->assertPurification('<span id="moon">foobar</span>');
|
||||
$this->assertPurification('<img id="folly" src="folly.png" alt="Omigosh!" />');
|
||||
|
||||
}
|
||||
|
||||
function testScript() {
|
||||
$this->purifier = new HTMLPurifier(array('HTML.Trusted' => true));
|
||||
$this->config->set('HTML', 'Trusted', true);
|
||||
|
||||
$ideal = '<script type="text/javascript"><!--//--><![CDATA[//><!--
|
||||
alert("<This is compatible with XHTML>");
|
||||
//--><!]]></script>';
|
||||
@@ -168,24 +150,21 @@ alert("<This is compatible with XHTML>");
|
||||
}
|
||||
|
||||
function testMakeAbsolute() {
|
||||
$this->config->set('URI', 'Base', 'http://example.com/bar/baz.php');
|
||||
$this->config->set('URI', 'MakeAbsolute', true);
|
||||
$this->assertPurification(
|
||||
'<a href="foo.txt">Foobar</a>',
|
||||
'<a href="http://example.com/bar/foo.txt">Foobar</a>',
|
||||
array(
|
||||
'URI.Base' => 'http://example.com/bar/baz.php',
|
||||
'URI.MakeAbsolute' => true
|
||||
)
|
||||
'<a href="http://example.com/bar/foo.txt">Foobar</a>'
|
||||
);
|
||||
}
|
||||
|
||||
function test_addFilter_deprecated() {
|
||||
$purifier = new HTMLPurifier();
|
||||
$this->expectError('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom');
|
||||
generate_mock_once('HTMLPurifier_Filter');
|
||||
$purifier->addFilter($mock = new HTMLPurifier_FilterMock());
|
||||
$this->purifier->addFilter($mock = new HTMLPurifier_FilterMock());
|
||||
$mock->expectOnce('preFilter');
|
||||
$mock->expectOnce('postFilter');
|
||||
$purifier->purify('foo');
|
||||
$this->purifier->purify('foo');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user