2006-08-12 18:58:54 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
require_once 'HTMLPurifier/URIScheme.php';
|
|
|
|
|
|
|
|
require_once 'HTMLPurifier/URIScheme/http.php';
|
|
|
|
require_once 'HTMLPurifier/URIScheme/ftp.php';
|
|
|
|
require_once 'HTMLPurifier/URIScheme/https.php';
|
2006-08-12 19:11:21 +00:00
|
|
|
require_once 'HTMLPurifier/URIScheme/mailto.php';
|
2006-08-12 18:58:54 +00:00
|
|
|
require_once 'HTMLPurifier/URIScheme/news.php';
|
|
|
|
require_once 'HTMLPurifier/URIScheme/nntp.php';
|
|
|
|
|
2006-08-12 19:11:21 +00:00
|
|
|
// WARNING: All the URI schemes are far to relaxed, we need to tighten
|
|
|
|
// the checks.
|
|
|
|
|
2007-08-01 14:06:59 +00:00
|
|
|
class HTMLPurifier_URISchemeTest extends HTMLPurifier_Harness
|
2006-08-12 18:58:54 +00:00
|
|
|
{
|
|
|
|
|
|
|
|
function test_http() {
|
|
|
|
$scheme = new HTMLPurifier_URIScheme_http();
|
|
|
|
$config = HTMLPurifier_Config::createDefault();
|
2006-10-27 01:20:10 +00:00
|
|
|
$context = new HTMLPurifier_Context();
|
2006-08-12 18:58:54 +00:00
|
|
|
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, 'www.example.com', null, '/', 's=foobar', $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, 'www.example.com', null, '/', 's=foobar')
|
|
|
|
);
|
|
|
|
|
|
|
|
// absorb default port and userinfo
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
'user', 'www.example.com', 80, '/', 's=foobar', $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, 'www.example.com', null, '/', 's=foobar')
|
|
|
|
);
|
|
|
|
|
|
|
|
// do not absorb non-default port
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, 'www.example.com', 8080, '/', 's=foobar', $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, 'www.example.com', 8080, '/', 's=foobar')
|
|
|
|
);
|
|
|
|
|
|
|
|
// https is basically the same
|
|
|
|
|
|
|
|
$scheme = new HTMLPurifier_URIScheme_https();
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
'user', 'www.example.com', 443, '/', 's=foobar', $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, 'www.example.com', null, '/', 's=foobar')
|
|
|
|
);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
function test_ftp() {
|
|
|
|
|
|
|
|
$scheme = new HTMLPurifier_URIScheme_ftp();
|
|
|
|
$config = HTMLPurifier_Config::createDefault();
|
2006-10-27 01:20:10 +00:00
|
|
|
$context = new HTMLPurifier_Context();
|
2006-09-30 17:24:12 +00:00
|
|
|
|
2006-08-12 18:58:54 +00:00
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
'user', 'www.example.com', 21, '/', 's=foobar', $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array('user', 'www.example.com', null, '/', null)
|
|
|
|
);
|
|
|
|
|
2006-09-30 17:24:12 +00:00
|
|
|
// valid typecode
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, 'www.example.com', null, '/file.txt;type=a', null, $config, $context),
|
2006-09-30 17:24:12 +00:00
|
|
|
array(null, 'www.example.com', null, '/file.txt;type=a', null)
|
|
|
|
);
|
|
|
|
|
|
|
|
// remove invalid typecode
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, 'www.example.com', null, '/file.txt;type=z', null, $config, $context),
|
2006-09-30 17:24:12 +00:00
|
|
|
array(null, 'www.example.com', null, '/file.txt', null)
|
|
|
|
);
|
|
|
|
|
|
|
|
// encode errant semicolons
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, 'www.example.com', null, '/too;many;semicolons=1', null, $config, $context),
|
2006-09-30 17:24:12 +00:00
|
|
|
array(null, 'www.example.com', null, '/too%3Bmany%3Bsemicolons=1', null)
|
|
|
|
);
|
|
|
|
|
2006-08-12 18:58:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function test_news() {
|
|
|
|
|
|
|
|
$scheme = new HTMLPurifier_URIScheme_news();
|
|
|
|
$config = HTMLPurifier_Config::createDefault();
|
2006-10-27 01:20:10 +00:00
|
|
|
$context = new HTMLPurifier_Context();
|
2006-08-12 18:58:54 +00:00
|
|
|
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, null, null, 'gmane.science.linguistics', null, $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, null, null, 'gmane.science.linguistics', null)
|
|
|
|
);
|
|
|
|
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, null, null, '642@eagle.ATT.COM', null, $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, null, null, '642@eagle.ATT.COM', null)
|
|
|
|
);
|
|
|
|
|
|
|
|
// test invalid field removal
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
'user', 'www.google.com', 80, 'rec.music', 'path=foo', $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, null, null, 'rec.music', null)
|
|
|
|
);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
function test_nntp() {
|
|
|
|
|
|
|
|
$scheme = new HTMLPurifier_URIScheme_nntp();
|
|
|
|
$config = HTMLPurifier_Config::createDefault();
|
2006-10-27 01:20:10 +00:00
|
|
|
$context = new HTMLPurifier_Context();
|
2006-08-12 18:58:54 +00:00
|
|
|
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, 'news.example.com', null, '/alt.misc/12345', null, $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, 'news.example.com', null, '/alt.misc/12345', null)
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
'user', 'news.example.com', 119, '/alt.misc/12345', 'foo=asdf', $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, 'news.example.com', null, '/alt.misc/12345', null)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2006-08-12 19:11:21 +00:00
|
|
|
function test_mailto() {
|
2006-08-12 18:58:54 +00:00
|
|
|
|
|
|
|
$scheme = new HTMLPurifier_URIScheme_mailto();
|
|
|
|
$config = HTMLPurifier_Config::createDefault();
|
2006-10-27 01:20:10 +00:00
|
|
|
$context = new HTMLPurifier_Context();
|
2006-08-12 18:58:54 +00:00
|
|
|
|
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
null, null, null, 'bob@example.com', null, $config, $context),
|
2006-08-12 18:58:54 +00:00
|
|
|
array(null, null, null, 'bob@example.com', null)
|
|
|
|
);
|
|
|
|
|
2006-08-12 19:11:21 +00:00
|
|
|
$this->assertIdentical(
|
|
|
|
$scheme->validateComponents(
|
2006-10-27 01:20:10 +00:00
|
|
|
'user', 'example.com', 80, 'bob@example.com', 'subject=Foo!', $config, $context),
|
2006-08-12 19:11:21 +00:00
|
|
|
array(null, null, null, 'bob@example.com', 'subject=Foo!')
|
|
|
|
);
|
|
|
|
|
2006-08-12 18:58:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|