1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
<?php
class HTMLPurifier_Strategy_RemoveForeignElementsTest extends HTMLPurifier_StrategyHarness
{
function setUp() {
parent::setUp();
$this->obj = new HTMLPurifier_Strategy_RemoveForeignElements();
}
function testBlankInput() {
$this->assertResult('');
}
function testPreserveRecognizedElements() {
$this->assertResult('This is <b>bold text</b>.');
}
function testRemoveForeignElements() {
$this->assertResult(
'<asdf>Bling</asdf><d href="bang">Bong</d><foobar />',
'BlingBong'
);
}
function testRemoveScriptAndContents() {
$this->assertResult(
'<script>alert();</script>',
''
);
}
function testRemoveStyleAndContents() {
$this->assertResult(
'<style>.foo {blink;}</style>',
''
);
}
function testRemoveOnlyScriptTagsLegacy() {
$this->config->set('Core.RemoveScriptContents', false);
$this->assertResult(
'<script>alert();</script>',
'alert();'
);
}
function testRemoveOnlyScriptTags() {
$this->config->set('Core.HiddenElements', array());
$this->assertResult(
'<script>alert();</script>',
'alert();'
);
}
function testRemoveInvalidImg() {
$this->assertResult('<img />', '');
}
function testPreserveValidImg() {
$this->assertResult('<img src="foobar.gif" alt="foobar.gif" />');
}
function testPreserveInvalidImgWhenRemovalIsDisabled() {
$this->config->set('Core.RemoveInvalidImg', false);
$this->assertResult('<img />');
}
function testTextifyCommentedScriptContents() {
$this->config->set('HTML.Trusted', true);
$this->config->set('Output.CommentScriptContents', false); // simplify output
$this->assertResult(
'<script type="text/javascript"><!--
alert(<b>bold</b>);
// --></script>',
'<script type="text/javascript">
alert(<b>bold</b>);
// </script>'
);
}
function testRequiredAttributesTestNotPerformedOnEndTag() {
$def = $this->config->getHTMLDefinition(true);
$def->addElement('f', 'Block', 'Optional: #PCDATA', false, array('req*' => 'Text'));
$this->assertResult('<f req="text">Foo</f> Bar');
}
function testPreserveCommentsWithHTMLTrusted() {
$this->config->set('HTML.Trusted', true);
$this->assertResult('<!-- foo -->');
}
function testRemoveTrailingHyphensInComment() {
$this->config->set('HTML.Trusted', true);
$this->assertResult('<!-- foo ----->', '<!-- foo -->');
}
function testCollapseDoubleHyphensInComment() {
$this->config->set('HTML.Trusted', true);
$this->assertResult('<!-- bo --- asdf--as -->', '<!-- bo - asdf-as -->');
}
function testPreserveCommentsWithLookup() {
$this->config->set('HTML.AllowedComments', array('allowed'));
$this->assertResult('<!-- allowed --><!-- not allowed -->', '<!-- allowed -->');
}
function testPreserveCommentsWithRegexp() {
$this->config->set('HTML.AllowedCommentsRegexp', '/^allowed[1-9]$/');
$this->assertResult('<!-- allowed1 --><!-- not allowed -->', '<!-- allowed1 -->');
}
}
// vim: et sw=4 sts=4
|
