mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-07-10 09:16:20 +02:00
[1.7.0] Add %HTML.Trusted directive to allow untrusted elements in. Add special-case code for <script> into Generator.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1061 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
52
tests/HTMLPurifier/HTMLModule/ScriptingTest.php
Normal file
52
tests/HTMLPurifier/HTMLModule/ScriptingTest.php
Normal file
@ -0,0 +1,52 @@
|
||||
<?php
|
||||
|
||||
require_once 'HTMLPurifier/HTMLModuleHarness.php';
|
||||
|
||||
class HTMLPurifier_HTMLModule_ScriptingTest extends HTMLPurifier_HTMLModuleHarness
|
||||
{
|
||||
|
||||
function test() {
|
||||
|
||||
// default
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript">foo();</script>', 'foo();'
|
||||
);
|
||||
|
||||
// enabled
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript">foo();</script>', true,
|
||||
array('HTML.Trusted' => true)
|
||||
);
|
||||
|
||||
// max
|
||||
$this->assertResult(
|
||||
'<script
|
||||
defer="defer"
|
||||
src="test.js"
|
||||
type="text/javascript"
|
||||
>PCDATA</script>', true,
|
||||
array('HTML.Trusted' => true, 'Core.CommentScriptContents' => false)
|
||||
);
|
||||
|
||||
// unsupported
|
||||
$this->assertResult(
|
||||
'<script
|
||||
type="text/javascript"
|
||||
charset="utf-8"
|
||||
>PCDATA</script>',
|
||||
'<script type="text/javascript">PCDATA</script>',
|
||||
array('HTML.Trusted' => true, 'Core.CommentScriptContents' => false)
|
||||
);
|
||||
|
||||
// invalid children
|
||||
$this->assertResult(
|
||||
'<script type="text/javascript">PCDATA<span</script>',
|
||||
'<script type="text/javascript">PCDATA</script>',
|
||||
array('HTML.Trusted' => true, 'Core.CommentScriptContents' => false)
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
Reference in New Issue
Block a user