[1.7.0] Add %HTML.Trusted directive to allow untrusted elements in. Add special-case code for <script> into Generator.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1061 48356398-32a2-884e-a903-53898d9a118a
2025-07-10 09:16:20 +02:00 · 2007-05-15 01:17:10 +00:00
parent 65252d6fbd
commit f7eccc0038
5 changed files with 126 additions and 5 deletions
--- a/tests/HTMLPurifier/HTMLModule/ScriptingTest.php
+++ b/tests/HTMLPurifier/HTMLModule/ScriptingTest.php
@ -0,0 +1,52 @@
+<?php
+
+require_once 'HTMLPurifier/HTMLModuleHarness.php';
+
+class HTMLPurifier_HTMLModule_ScriptingTest extends HTMLPurifier_HTMLModuleHarness
+{
+    
+    function test() {
+        
+        // default
+        $this->assertResult(
+            '<script type="text/javascript">foo();</script>', 'foo();'
+        );
+        
+        // enabled
+        $this->assertResult(
+            '<script type="text/javascript">foo();</script>', true,
+            array('HTML.Trusted' => true)
+        );
+        
+        // max
+        $this->assertResult(
+            '<script
+                defer="defer"
+                src="test.js"
+                type="text/javascript"
+            >PCDATA</script>', true,
+            array('HTML.Trusted' => true, 'Core.CommentScriptContents' => false)
+        );
+        
+        // unsupported
+        $this->assertResult(
+            '<script
+                type="text/javascript"
+                charset="utf-8"
+            >PCDATA</script>',
+            '<script type="text/javascript">PCDATA</script>',
+            array('HTML.Trusted' => true, 'Core.CommentScriptContents' => false)
+        );
+        
+        // invalid children
+        $this->assertResult(
+            '<script type="text/javascript">PCDATA<span</script>',
+            '<script type="text/javascript">PCDATA</script>',
+            array('HTML.Trusted' => true, 'Core.CommentScriptContents' => false)
+        );
+        
+    }
+    
+}
+
+?>