0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-22 08:21:52 +00:00

[3.1.0] Fix bug with 3.1.0-dev version number (the dash caused problems, so we switched to commas)

- Refactored out null definition cache during HTMLDefinition tests


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1697 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2008-04-26 19:28:14 +00:00
parent a95f600e76
commit 144bd6f07a
9 changed files with 32 additions and 27 deletions

2
NEWS
View File

@ -29,6 +29,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
to migrate an %HTML.AllowedAttributes directives to this syntax too.
! Allow index to be false for config from form creation
! Added HTMLPurifier::VERSION constant
! Commas, not dashes, used for serializer IDs. This change is forwards-compatible
and allows for version numbers like "3.1.0-dev".
- InterchangeBuilder now alphabetizes its lists
- Validation error in configdoc output fixed
- Iconv and other encoding errors muted even with custom error handlers that

3
TODO
View File

@ -11,6 +11,9 @@ If no interest is expressed for a feature that may require a considerable
amount of effort to implement, it may get endlessly delayed. Do not be
afraid to cast your vote for the next feature to be implemented!
- Get PH5P working with the latest versions of DOM, which have much more
stringent error checking procedures. Maybe convert straight to tokens.
FUTURE VERSIONS
---------------

View File

@ -131,12 +131,12 @@
</directive>
<directive id="HTML.ForbiddenElements">
<file name="HTMLPurifier/HTMLDefinition.php">
<line>326</line>
<line>328</line>
</file>
</directive>
<directive id="HTML.ForbiddenAttributes">
<file name="HTMLPurifier/HTMLDefinition.php">
<line>327</line>
<line>329</line>
</file>
</directive>
<directive id="HTML.Trusted">

View File

@ -72,7 +72,7 @@ class HTMLPurifier_Config
* @param $definition HTMLPurifier_ConfigSchema that defines what directives
* are allowed.
*/
public function __construct(&$definition) {
public function __construct($definition) {
$this->conf = $definition->defaults; // set up, copy in defaults
$this->def = $definition; // keep a copy around for checking
$this->parser = new HTMLPurifier_VarParser_Flexible();

View File

@ -26,8 +26,8 @@ abstract class HTMLPurifier_DefinitionCache
* @param Instance of HTMLPurifier_Config
*/
public function generateKey($config) {
return $config->version . '-' . // possibly replace with function calls
$config->getBatchSerial($this->type) . '-' .
return $config->version . ',' . // possibly replace with function calls
$config->getBatchSerial($this->type) . ',' .
$config->get($this->type, 'DefinitionRev');
}
@ -38,8 +38,8 @@ abstract class HTMLPurifier_DefinitionCache
* @param $config Instance of HTMLPurifier_Config to test against
*/
public function isOld($key, $config) {
if (substr_count($key, '-') < 2) return true;
list($version, $hash, $revision) = explode('-', $key, 3);
if (substr_count($key, ',') < 2) return true;
list($version, $hash, $revision) = explode(',', $key, 3);
$compare = version_compare($version, $config->version);
// version mismatch, is always old
if ($compare != 0) return true;

View File

@ -48,8 +48,7 @@ class HTMLPurifier_DefinitionCacheFactory
public function create($type, $config) {
$method = $config->get('Cache', 'DefinitionImpl');
if ($method === null) {
$null = new HTMLPurifier_DefinitionCache_Null($type);
return $null;
return new HTMLPurifier_DefinitionCache_Null($type);
}
if (!empty($this->caches[$method][$type])) {
return $this->caches[$method][$type];

View File

@ -11,7 +11,7 @@ class HTMLPurifier_DefinitionCache_SerializerTest extends HTMLPurifier_Definitio
$config->setReturnValue('get', 2, array('Test', 'DefinitionRev'));
$config->version = '1.0.0';
$config_md5 = '1.0.0-serial-2';
$config_md5 = '1.0.0,serial,2';
$file = realpath(
$rel_file = HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer/Test/' .
@ -186,9 +186,9 @@ class HTMLPurifier_DefinitionCache_SerializerTest extends HTMLPurifier_Definitio
$def_original = $this->generateDefinition();
$cache->add($def_original, $config);
$this->assertFileExist($dir . '/Test/1.0.0-serial-1.ser');
$this->assertFileExist($dir . '/Test/1.0.0,serial,1.ser');
unlink($dir . '/Test/1.0.0-serial-1.ser');
unlink($dir . '/Test/1.0.0,serial,1.ser');
rmdir( $dir . '/Test');
}

View File

@ -13,16 +13,17 @@ class HTMLPurifier_DefinitionCacheTest extends HTMLPurifier_Harness
$config->setReturnValue('get', 10, array('Test', 'DefinitionRev'));
$config->setReturnValue('getBatchSerial', 'hash', array('Test'));
$this->assertIdentical($cache->isOld('1.0.0-hash-10', $config), false);
$this->assertIdentical($cache->isOld('1.5.0-hash-1', $config), true);
$this->assertIdentical($cache->isOld('1.0.0,hash,10', $config), false);
$this->assertIdentical($cache->isOld('1.5.0,hash,1', $config), true);
$this->assertIdentical($cache->isOld('0.9.0-hash-1', $config), true);
$this->assertIdentical($cache->isOld('1.0.0-hash-1', $config), true);
$this->assertIdentical($cache->isOld('1.0.0beta-hash-11', $config), true);
$this->assertIdentical($cache->isOld('0.9.0,hash,1', $config), true);
$this->assertIdentical($cache->isOld('1.0.0,hash,1', $config), true);
$this->assertIdentical($cache->isOld('1.0.0beta,hash,11', $config), true);
$this->assertIdentical($cache->isOld('0.9.0-hash2-1', $config), true);
$this->assertIdentical($cache->isOld('1.0.0-hash2-1', $config), false); // if hash is different, don't touch!
$this->assertIdentical($cache->isOld('1.0.0beta-hash2-11', $config), true);
$this->assertIdentical($cache->isOld('0.9.0,hash2,1', $config), true);
$this->assertIdentical($cache->isOld('1.0.0,hash2,1', $config), false); // if hash is different, don't touch!
$this->assertIdentical($cache->isOld('1.0.0beta,hash2,11', $config), true);
$this->assertIdentical($cache->isOld('1.0.0-dev,hash2,11', $config), true);
}

View File

@ -3,6 +3,13 @@
class HTMLPurifier_HTMLDefinitionTest extends HTMLPurifier_Harness
{
function expectError($error = false, $message = '%s') {
// Because we're testing a definition, it's vital that the cache
// is turned off for tests that expect errors.
$this->config->set('Cache', 'DefinitionImpl', null);
parent::expectError($error);
}
function test_parseTinyMCEAllowedList() {
$def = new HTMLPurifier_HTMLDefinition();
@ -85,21 +92,18 @@ a[href|title]
}
function test_AllowedElements_invalidElement() {
$this->config->set('Cache', 'DefinitionImpl', null); // Necessary to ensure error is thrown
$this->config->set('HTML', 'AllowedElements', 'obviously_invalid,p');
$this->expectError(new PatternExpectation("/Element 'obviously_invalid' is not supported/"));
$this->assertPurification_AllowedElements_p();
}
function test_AllowedElements_invalidElement_xssAttempt() {
$this->config->set('Cache', 'DefinitionImpl', null);
$this->config->set('HTML', 'AllowedElements', '<script>,p');
$this->expectError(new PatternExpectation("/Element '&lt;script&gt;' is not supported/"));
$this->assertPurification_AllowedElements_p();
}
function test_AllowedElements_multipleInvalidElements() {
$this->config->set('Cache', 'DefinitionImpl', null);
$this->config->set('HTML', 'AllowedElements', 'dr-wiggles,dr-pepper,p');
$this->expectError(new PatternExpectation("/Element 'dr-wiggles' is not supported/"));
$this->expectError(new PatternExpectation("/Element 'dr-pepper' is not supported/"));
@ -153,21 +157,18 @@ a[href|title]
}
function test_AllowedAttributes_local_invalidAttribute() {
$this->config->set('Cache', 'DefinitionImpl', null);
$this->config->set('HTML', 'AllowedAttributes', array('p@style', 'p@<foo>'));
$this->expectError(new PatternExpectation("/Attribute '&lt;foo&gt;' in element 'p' not supported/"));
$this->assertPurification_AllowedAttributes_local_p_style();
}
function test_AllowedAttributes_global_invalidAttribute() {
$this->config->set('Cache', 'DefinitionImpl', null);
$this->config->set('HTML', 'AllowedAttributes', array('style', '<foo>'));
$this->expectError(new PatternExpectation("/Global attribute '&lt;foo&gt;' is not supported in any elements/"));
$this->assertPurification_AllowedAttributes_global_style();
}
function test_AllowedAttributes_local_invalidAttributeDueToMissingElement() {
$this->config->set('Cache', 'DefinitionImpl', null);
$this->config->set('HTML', 'AllowedAttributes', 'p.style,foo.style');
$this->expectError(new PatternExpectation("/Cannot allow attribute 'style' if element 'foo' is not allowed\/supported/"));
$this->assertPurification_AllowedAttributes_local_p_style();
@ -208,7 +209,6 @@ a[href|title]
}
function test_ForbiddenAttributes_incorrectSyntax() {
$this->config->set('Cache', 'DefinitionImpl', null);
$this->config->set('HTML', 'ForbiddenAttributes', 'b.style');
$this->expectError("Error with b.style: tag.attr syntax not supported for HTML.ForbiddenAttributes; use tag@attr instead");
$this->assertPurification('<b style="float:left;">Test</b>');