RemoveForeignElementsTest.php
3.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<?php
class HTMLPurifier_Strategy_RemoveForeignElementsTest extends HTMLPurifier_StrategyHarness
{
public function setUp()
{
parent::setUp();
$this->obj = new HTMLPurifier_Strategy_RemoveForeignElements();
}
public function testBlankInput()
{
$this->assertResult('');
}
public function testPreserveRecognizedElements()
{
$this->assertResult('This is <b>bold text</b>.');
}
public function testRemoveForeignElements()
{
$this->assertResult(
'<asdf>Bling</asdf><d href="bang">Bong</d><foobar />',
'BlingBong'
);
}
public function testRemoveScriptAndContents()
{
$this->assertResult(
'<script>alert();</script>',
''
);
}
public function testRemoveStyleAndContents()
{
$this->assertResult(
'<style>.foo {blink;}</style>',
''
);
}
public function testRemoveOnlyScriptTagsLegacy()
{
$this->config->set('Core.RemoveScriptContents', false);
$this->assertResult(
'<script>alert();</script>',
'alert();'
);
}
public function testRemoveOnlyScriptTags()
{
$this->config->set('Core.HiddenElements', array());
$this->assertResult(
'<script>alert();</script>',
'alert();'
);
}
public function testRemoveInvalidImg()
{
$this->assertResult('<img />', '');
}
public function testPreserveValidImg()
{
$this->assertResult('<img src="foobar.gif" alt="foobar.gif" />');
}
public function testPreserveInvalidImgWhenRemovalIsDisabled()
{
$this->config->set('Core.RemoveInvalidImg', false);
$this->assertResult('<img />');
}
public function testTextifyCommentedScriptContents()
{
$this->config->set('HTML.Trusted', true);
$this->config->set('Output.CommentScriptContents', false); // simplify output
$this->assertResult(
'<script type="text/javascript"><!--
alert(<b>bold</b>);
// --></script>',
'<script type="text/javascript">
alert(<b>bold</b>);
// </script>'
);
}
public function testRequiredAttributesTestNotPerformedOnEndTag()
{
$def = $this->config->getHTMLDefinition(true);
$def->addElement('f', 'Block', 'Optional: #PCDATA', false, array('req*' => 'Text'));
$this->assertResult('<f req="text">Foo</f> Bar');
}
public function testPreserveCommentsWithHTMLTrusted()
{
$this->config->set('HTML.Trusted', true);
$this->assertResult('<!-- foo -->');
}
public function testRemoveTrailingHyphensInComment()
{
$this->config->set('HTML.Trusted', true);
$this->assertResult('<!-- foo ----->', '<!-- foo -->');
}
public function testCollapseDoubleHyphensInComment()
{
$this->config->set('HTML.Trusted', true);
$this->assertResult('<!-- bo --- asdf--as -->', '<!-- bo - asdf-as -->');
}
public function testPreserveCommentsWithLookup()
{
$this->config->set('HTML.AllowedComments', array('allowed'));
$this->assertResult('<!-- allowed --><!-- not allowed -->', '<!-- allowed -->');
}
public function testPreserveCommentsWithRegexp()
{
$this->config->set('HTML.AllowedCommentsRegexp', '/^allowed[1-9]$/');
$this->assertResult('<!-- allowed1 --><!-- not allowed -->', '<!-- allowed1 -->');
}
}
// vim: et sw=4 sts=4