0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-01-06 22:41:54 +00:00

Revamp configuration files so that more rules can be added, internal organization is more logical, and descriptions are captured.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@327 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2006-08-27 18:49:16 +00:00
parent 0d4ee2ba37
commit 24cde9c891
15 changed files with 600 additions and 54 deletions

View File

@ -6,8 +6,9 @@ help you find the correct functionality more quickly. Here they are:
All classes occupy the HTMLPurifier pseudo-namespace. All classes occupy the HTMLPurifier pseudo-namespace.
This means that all classes are prefixed with HTMLPurifier_. As such, all This means that all classes are prefixed with HTMLPurifier_. As such, all
names under HTMLPurifier_ are reserved, and userspace extensions should names under HTMLPurifier_ are reserved. I recommend that you use the name
be registered in a different namespace (or the main namespace). HTMLPurifierX_YourName_ClassName, especially if you want to take advantage
of HTMLPurifier_ConfigDef.
All classes correspond to their path if library/ was in the include path All classes correspond to their path if library/ was in the include path
HTMLPurifier_AttrDef is located at HTMLPurifier/AttrDef.php; replace HTMLPurifier_AttrDef is located at HTMLPurifier/AttrDef.php; replace

View File

@ -28,6 +28,26 @@ require_once 'HTMLPurifier/HTMLDefinition.php';
require_once 'HTMLPurifier/Generator.php'; require_once 'HTMLPurifier/Generator.php';
require_once 'HTMLPurifier/Strategy/Core.php'; require_once 'HTMLPurifier/Strategy/Core.php';
HTMLPurifier_ConfigDef::define(
'Core', 'Encoding', 'utf-8', 'istring',
'Defines the input and output character encodings to use. HTMLPurifier '.
'internally uses UTF-8, making that the painless default choice. Note '.
'certain implementations of HTMLPurifier_Lexer are intelligent enough '.
'automatically detect encoding, however, output format will always be '.
'this value.'
);
HTMLPurifier_ConfigDef::defineAllowedValues(
'Core', 'Encoding', array(
'utf-8',
'iso-8859-1'
)
);
HTMLPurifier_ConfigDef::defineValueAliases(
'Core', 'Encoding', array(
'iso8859-1' => 'iso-8859-1'
)
);
/** /**
* Main library execution class. * Main library execution class.
* *

View File

@ -6,7 +6,7 @@ require_once 'HTMLPurifier/URISchemeRegistry.php';
require_once 'HTMLPurifier/AttrDef/Host.php'; require_once 'HTMLPurifier/AttrDef/Host.php';
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'URI', 'DefaultScheme', 'http', 'URI', 'DefaultScheme', 'http', 'string',
'Defines through what scheme the output will be served, in order to '. 'Defines through what scheme the output will be served, in order to '.
'select the proper object validator when no scheme information is present.' 'select the proper object validator when no scheme information is present.'
); );

View File

@ -5,11 +5,14 @@ require_once 'HTMLPurifier/AttrTransform.php';
// this MUST be placed in post, as it assumes that any value in dir is valid // this MUST be placed in post, as it assumes that any value in dir is valid
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Attr', 'DefaultTextDir', 'ltr', 'Attr', 'DefaultTextDir', 'ltr', 'string',
'Defines the default text direction (ltr or rtl) of the document '. 'Defines the default text direction (ltr or rtl) of the document '.
'being parsed. This generally is the same as the value of the dir '. 'being parsed. This generally is the same as the value of the dir '.
'attribute in HTML, or ltr if that is not specified.' 'attribute in HTML, or ltr if that is not specified.'
); );
HTMLPurifier_ConfigDef::defineAllowedValues(
'Attr', 'DefaultTextDir', array( 'ltr', 'rtl' )
);
/** /**
* Post-trasnform that ensures that bdo tags have the dir attribute set. * Post-trasnform that ensures that bdo tags have the dir attribute set.

View File

@ -5,7 +5,7 @@ require_once 'HTMLPurifier/AttrTransform.php';
// must be called POST validation // must be called POST validation
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Attr', 'DefaultInvalidImage', '', 'Attr', 'DefaultInvalidImage', '', 'string',
'This is the default image an img tag will be pointed to if it does '. 'This is the default image an img tag will be pointed to if it does '.
'not have a valid src attribute. In future versions, we may allow the '. 'not have a valid src attribute. In future versions, we may allow the '.
'image tag to be removed completely, but due to design issues, this is '. 'image tag to be removed completely, but due to design issues, this is '.
@ -13,7 +13,7 @@ HTMLPurifier_ConfigDef::define(
); );
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Attr', 'DefaultInvalidImageAlt', 'Invalid image', 'Attr', 'DefaultInvalidImageAlt', 'Invalid image', 'string',
'This is the content of the alt tag of an invalid image if the user '. 'This is the content of the alt tag of an invalid image if the user '.
'had not previously specified an alt attribute. It has no effect when the '. 'had not previously specified an alt attribute. It has no effect when the '.
'image is valid but there was no alt attribute present.' 'image is valid but there was no alt attribute present.'

View File

@ -13,7 +13,7 @@
// in order to make it self correcting // in order to make it self correcting
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Core', 'EscapeInvalidChildren', false, 'Core', 'EscapeInvalidChildren', false, 'bool',
'When true, a child is found that is not allowed in the context of the '. 'When true, a child is found that is not allowed in the context of the '.
'parent element will be transformed into text as if it were ASCII. When '. 'parent element will be transformed into text as if it were ASCII. When '.
'false, that element and all internal tags will be dropped, though text '. 'false, that element and all internal tags will be dropped, though text '.

View File

@ -20,12 +20,18 @@ class HTMLPurifier_Config
*/ */
var $conf; var $conf;
/**
* Reference HTMLPurifier_ConfigDef for value checking
*/
var $def;
/** /**
* @param $definition HTMLPurifier_ConfigDef that defines what directives * @param $definition HTMLPurifier_ConfigDef that defines what directives
* are allowed. * are allowed.
*/ */
function HTMLPurifier_Config(&$definition) { function HTMLPurifier_Config(&$definition) {
$this->conf = $definition->info; // set up the defaults $this->conf = $definition->defaults; // set up, copy in defaults
$this->def = $definition; // keep a copy around for checking
} }
/** /**
@ -46,7 +52,7 @@ class HTMLPurifier_Config
function get($namespace, $key) { function get($namespace, $key) {
if (!isset($this->conf[$namespace][$key])) { if (!isset($this->conf[$namespace][$key])) {
trigger_error('Cannot retrieve value of undefined directive', trigger_error('Cannot retrieve value of undefined directive',
E_USER_ERROR); E_USER_WARNING);
return; return;
} }
return $this->conf[$namespace][$key]; return $this->conf[$namespace][$key];
@ -61,7 +67,26 @@ class HTMLPurifier_Config
function set($namespace, $key, $value) { function set($namespace, $key, $value) {
if (!isset($this->conf[$namespace][$key])) { if (!isset($this->conf[$namespace][$key])) {
trigger_error('Cannot set undefined directive to value', trigger_error('Cannot set undefined directive to value',
E_USER_ERROR); E_USER_WARNING);
return;
}
if (is_string($value)) {
// resolve value alias if defined
if (isset($this->def->info[$namespace][$key]->aliases[$value])) {
$value = $this->def->info[$namespace][$key]->aliases[$value];
}
if ($this->def->info[$namespace][$key]->allowed !== true) {
// check to see if the value is allowed
if (!isset($this->def->info[$namespace][$key]->allowed[$value])) {
trigger_error('Value not supported', E_USER_WARNING);
return;
}
}
}
$value = $this->def->validate($value,
$this->def->info[$namespace][$key]->type);
if ($value === null) {
trigger_error('Value is of invalid type', E_USER_WARNING);
return; return;
} }
$this->conf[$namespace][$key] = $value; $this->conf[$namespace][$key] = $value;

View File

@ -7,11 +7,36 @@
class HTMLPurifier_ConfigDef { class HTMLPurifier_ConfigDef {
/** /**
* Currently defined directives (and namespaces). * Defaults of the directives and namespaces.
* @note This shares the exact same structure as HTMLPurifier_Config::$conf * @note This shares the exact same structure as HTMLPurifier_Config::$conf
*/ */
var $defaults = array();
/**
* Definition of the directives.
*/
var $info = array(); var $info = array();
/**
* Definition of namespaces.
*/
var $info_namespace = array();
/**
* Lookup table of allowed types.
*/
var $types = array(
'string' => true,
'istring' => true,
'int' => true,
'float' => true,
'bool' => true,
'lookup' => true,
'list' => true,
'hash' => true,
'mixed' => true
);
/** /**
* Initializes the default namespaces. * Initializes the default namespaces.
*/ */
@ -44,9 +69,14 @@ class HTMLPurifier_ConfigDef {
* @param $namespace Namespace the directive is in * @param $namespace Namespace the directive is in
* @param $name Key of directive * @param $name Key of directive
* @param $default Default value of directive * @param $default Default value of directive
* @param $type Allowed type of the directive. See
* HTMLPurifier_DirectiveDef::$type for allowed values
* @param $description Description of directive for documentation * @param $description Description of directive for documentation
*/ */
function define($namespace, $name, $default, $description) { function define(
$namespace, $name, $default, $type,
$description
) {
$def =& HTMLPurifier_ConfigDef::instance(); $def =& HTMLPurifier_ConfigDef::instance();
if (!isset($def->info[$namespace])) { if (!isset($def->info[$namespace])) {
trigger_error('Cannot define directive for undefined namespace', trigger_error('Cannot define directive for undefined namespace',
@ -54,11 +84,33 @@ class HTMLPurifier_ConfigDef {
return; return;
} }
if (isset($def->info[$namespace][$name])) { if (isset($def->info[$namespace][$name])) {
// this behavior is at risk of change if (
trigger_error('Cannot redefine directive', E_USER_ERROR); $def->info[$namespace][$name]->type !== $type ||
return; $def->defaults[$namespace][$name] !== $default
) {
trigger_error('Inconsistent default or type, cannot redefine');
return;
}
} else {
if (!isset($def->types[$type])) {
trigger_error('Invalid type for configuration directive',
E_USER_ERROR);
return;
}
if ($def->validate($default, $type) === null) {
trigger_error('Default value does not match directive type',
E_USER_ERROR);
return;
}
$def->info[$namespace][$name] =
new HTMLPurifier_ConfigEntity_Directive();
$def->info[$namespace][$name]->type = $type;
$def->defaults[$namespace][$name] = $default;
} }
$def->info[$namespace][$name] = $default; $backtrace = debug_backtrace();
$file = $def->mungeFilename($backtrace[0]['file']);
$line = $backtrace[0]['line'];
$def->info[$namespace][$name]->addDescription($file,$line,$description);
} }
/** /**
@ -73,8 +125,187 @@ class HTMLPurifier_ConfigDef {
return; return;
} }
$def->info[$namespace] = array(); $def->info[$namespace] = array();
$def->info_namespace[$namespace] = new HTMLPurifier_ConfigEntity_Namespace();
$backtrace = debug_backtrace();
$file = $def->mungeFilename($backtrace[0]['file']);
$line = $backtrace[0]['line'];
$def->info_namespace[$namespace]->addDescription($file,$line,$description);
$def->defaults[$namespace] = array();
}
/**
* Defines a directive value alias.
*
* Directive value aliases are convenient for developers because it lets
* them set a directive to several values and get the same result.
* @param $namespace Directive's namespace
* @param $name Name of Directive
* @param $alias Name of aliased value
* @param $real Value aliased value will be converted into
*/
function defineValueAliases($namespace, $name, $aliases) {
$def =& HTMLPurifier_ConfigDef::instance();
if (!isset($def->info[$namespace][$name])) {
trigger_error('Cannot set value alias for non-existant directive',
E_USER_ERROR);
return;
}
foreach ($aliases as $alias => $real) {
if (!$def->info[$namespace][$name] !== true &&
!isset($def->info[$namespace][$name]->allowed[$real])
) {
trigger_error('Cannot define alias to value that is not allowed',
E_USER_ERROR);
return;
}
if (isset($def->info[$namespace][$name]->allowed[$alias])) {
trigger_error('Cannot define alias over allowed value',
E_USER_ERROR);
return;
}
$def->info[$namespace][$name]->aliases[$alias] = $real;
}
}
/**
* Defines a set of allowed values for a directive.
* @param $namespace Namespace of directive
* @param $name Name of directive
* @param $allowed_values Arraylist of allowed values
*/
function defineAllowedValues($namespace, $name, $allowed_values) {
$def =& HTMLPurifier_ConfigDef::instance();
if (!isset($def->info[$namespace][$name])) {
trigger_error('Cannot define allowed values for undefined directive',
E_USER_ERROR);
return;
}
if ($def->info[$namespace][$name]->allowed === true) {
$def->info[$namespace][$name]->allowed = array();
}
foreach ($allowed_values as $value) {
$def->info[$namespace][$name]->allowed[$value] = true;
}
}
/**
* Validate a variable according to type. Return null if invalid.
*/
function validate($var, $type) {
if (!isset($this->types[$type])) {
trigger_error('Invalid type', E_USER_ERROR);
return;
}
switch ($type) {
case 'mixed':
return $var;
case 'istring':
case 'string':
if (!is_string($var)) return;
if ($type === 'istring') $var = strtolower($var);
return $var;
case 'int':
if (is_string($var) && ctype_digit($var)) $var = (int) $var;
elseif (!is_int($var)) return;
return $var;
case 'float':
if (is_string($var) && is_numeric($var)) $var = (float) $var;
elseif (!is_float($var)) return;
return $var;
case 'bool':
if (is_int($var) && ($var === 0 || $var === 1)) {
$var = (bool) $var;
} elseif (!is_bool($var)) return;
return $var;
case 'list':
case 'hash':
case 'lookup':
if (!is_array($var)) return;
$keys = array_keys($var);
if ($keys === array_keys($keys)) {
if ($type == 'list') return $var;
elseif ($type == 'lookup') {
$new = array();
foreach ($var as $key) {
$new[$key] = true;
}
return $new;
} else return;
}
if ($type === 'lookup') {
foreach ($var as $key => $value) {
$var[$key] = true;
}
}
return $var;
}
}
function mungeFilename($filename) {
$offset = strrpos($filename, 'HTMLPurifier');
$filename = substr($filename, $offset);
$filename = str_replace('\\', '/', $filename);
return $filename;
} }
} }
/**
* Base class for configuration entity
*/
class HTMLPurifier_ConfigEntity
{
/**
* Plaintext descriptions of the configuration entity is. Organized by
* file and line number, so multiple descriptions are allowed.
*/
var $descriptions = array();
/**
* Adds a description to the array
*/
function addDescription($file, $line, $description) {
if (!isset($this->descriptions[$file])) $this->descriptions[$file] = array();
$this->descriptions[$file][$line] = $description;
}
}
/**
* Structure object describing of a namespace
*/
class HTMLPurifier_ConfigEntity_Namespace extends HTMLPurifier_ConfigEntity {}
/**
* Structure object containing definition of a directive.
* @note This structure does not contain default values
*/
class HTMLPurifier_ConfigEntity_Directive extends HTMLPurifier_ConfigEntity
{
/**
* Hash of value aliases, i.e. values that are equivalent.
*/
var $aliases = array();
/**
* Lookup table of allowed values of the element, bool true if all allowed.
*/
var $allowed = true;
/**
* Allowed type of the directive. Values are:
* - string
* - istring (case insensitive string)
* - int
* - float
* - bool
* - lookup (array of value => true)
* - list (regular numbered index array)
* - hash (array of key => value)
* - mixed (anything goes)
*/
var $type = 'mixed';
}
?> ?>

View File

@ -5,7 +5,7 @@
require_once 'HTMLPurifier/Lexer.php'; require_once 'HTMLPurifier/Lexer.php';
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Core', 'CleanUTF8DuringGeneration', false, 'Core', 'CleanUTF8DuringGeneration', false, 'bool',
'When true, HTMLPurifier_Generator will also check all strings it '. 'When true, HTMLPurifier_Generator will also check all strings it '.
'escapes for UTF-8 well-formedness as a defense in depth measure. '. 'escapes for UTF-8 well-formedness as a defense in depth measure. '.
'This could cause a considerable performance impact, and is not '. 'This could cause a considerable performance impact, and is not '.

View File

@ -3,7 +3,7 @@
require_once 'HTMLPurifier/Token.php'; require_once 'HTMLPurifier/Token.php';
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Core', 'AcceptFullDocuments', true, 'Core', 'AcceptFullDocuments', true, 'bool',
'This parameter determines whether or not the filter should accept full '. 'This parameter determines whether or not the filter should accept full '.
'HTML documents, not just HTML fragments. When on, it will '. 'HTML documents, not just HTML fragments. When on, it will '.
'drop all sections except the content between body. Depending on '. 'drop all sections except the content between body. Depending on '.

View File

@ -9,7 +9,7 @@
*/ */
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Core', 'EscapeInvalidTags', false, 'Core', 'EscapeInvalidTags', false, 'bool',
'When true, invalid tags will be written back to the document as plain '. 'When true, invalid tags will be written back to the document as plain '.
'text. Otherwise, they are silently dropped.' 'text. Otherwise, they are silently dropped.'
); );

View File

@ -7,7 +7,7 @@ require_once 'HTMLPurifier/ConfigDef.php';
require_once 'HTMLPurifier/AttrContext.php'; require_once 'HTMLPurifier/AttrContext.php';
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'Attr', 'IDBlacklist', array(), 'Attr', 'IDBlacklist', array(), 'list',
'Array of IDs not allowed in the document.'); 'Array of IDs not allowed in the document.');
/** /**

View File

@ -11,13 +11,13 @@ HTMLPurifier_ConfigDef::define(
// for Usenet, these two are similar, but distinct // for Usenet, these two are similar, but distinct
'nntp' => true, // individual Netnews articles 'nntp' => true, // individual Netnews articles
'news' => true // newsgroup or individual Netnews articles), 'news' => true // newsgroup or individual Netnews articles),
), ), 'lookup',
'Whitelist that defines the schemes that a URI is allowed to have. This '. 'Whitelist that defines the schemes that a URI is allowed to have. This '.
'prevents XSS attacks from using pseudo-schemes like javascript or mocha.' 'prevents XSS attacks from using pseudo-schemes like javascript or mocha.'
); );
HTMLPurifier_ConfigDef::define( HTMLPurifier_ConfigDef::define(
'URI', 'OverrideAllowedSchemes', true, 'URI', 'OverrideAllowedSchemes', true, 'bool',
'If this is set to true (which it is by default), you can override '. 'If this is set to true (which it is by default), you can override '.
'%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme '. '%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme '.
'to the registry. If false, you will also have to update that directive '. 'to the registry. If false, you will also have to update that directive '.

View File

@ -27,38 +27,261 @@ class HTMLPurifier_ConfigDefTest extends UnitTestCase
function testNormal() { function testNormal() {
HTMLPurifier_ConfigDef::defineNamespace('Core', 'Configuration that '. $file = $this->our_copy->mungeFilename(__FILE__);
'is always available.');
$this->assertIdentical( array(
'Core' => array()
), $this->our_copy->info);
// note that the description is silently dropped // define a namespace
HTMLPurifier_ConfigDef::define('Core', 'Name', 'default value', $description = 'Configuration that is always available.';
'This is a description of the directive.'); HTMLPurifier_ConfigDef::defineNamespace(
$this->assertIdentical( array( 'Core', $description
'Core' => array( ); $line = __LINE__;
'Name' => 'default value' $this->assertIdentical($this->our_copy->defaults, array(
) 'Core' => array()
), $this->our_copy->info); ));
$this->assertIdentical($this->our_copy->info, array(
'Core' => array()
));
$namespace = new HTMLPurifier_ConfigEntity_Namespace();
$namespace->addDescription($file, $line, $description);
$this->assertIdentical($this->our_copy->info_namespace, array(
'Core' => $namespace
));
// test an invalid namespace
HTMLPurifier_ConfigDef::define('Extension', 'Name', false, 'This is '.
'for an extension, but we have not defined its namespace!'); // define a directive
$description = 'This is a description of the directive.';
HTMLPurifier_ConfigDef::define(
'Core', 'Name', 'default value', 'string',
$description
); $line = __LINE__;
$this->assertIdentical($this->our_copy->defaults, array(
'Core' => array(
'Name' => 'default value'
)
));
$directive = new HTMLPurifier_ConfigEntity_Directive();
$directive->type = 'string';
$directive->addDescription($file, $line, $description);
$this->assertIdentical($this->our_copy->info, array(
'Core' => array(
'Name' => $directive
)
));
// define a directive in an undefined namespace
HTMLPurifier_ConfigDef::define(
'Extension', 'Name', false, 'bool',
'This is for an extension, but we have not defined its namespace!'
);
$this->assertError('Cannot define directive for undefined namespace'); $this->assertError('Cannot define directive for undefined namespace');
$this->assertNoErrors(); $this->assertNoErrors();
$this->swallowErrors(); $this->swallowErrors();
// test overloading already defined value
// ACTUALLY, we probably should allow this behavior, which simply
// means that two class files need that directive. Using debug_backtrace // redefine a value in a valid manner
// we could probably figure which files those are too! :-D $description = 'Alternative configuration definition';
HTMLPurifier_ConfigDef::define('Core', 'Name', 89, HTMLPurifier_ConfigDef::define(
'What, you\'re not allowed to overload directives? Bummer!'); 'Core', 'Name', 'default value', 'string',
$this->assertError('Cannot redefine directive'); $description
); $line = __LINE__;
$this->assertNoErrors();
$directive->addDescription($file, $line, $description);
$this->assertIdentical($this->our_copy->info, array(
'Core' => array(
'Name' => $directive
)
));
// redefine a directive in an invalid manner
HTMLPurifier_ConfigDef::define(
'Core', 'Name', 'different default', 'string',
'Inconsistent default or type, cannot redefine'
);
$this->assertError('Inconsistent default or type, cannot redefine');
$this->assertNoErrors(); $this->assertNoErrors();
$this->swallowErrors(); $this->swallowErrors();
// make an enumeration
HTMLPurifier_ConfigDef::defineAllowedValues(
'Core', 'Name', array(
'Real Value',
'Real Value 2'
)
);
$directive->allowed = array(
'Real Value' => true,
'Real Value 2' => true
);
$this->assertIdentical($this->our_copy->info, array(
'Core' => array(
'Name' => $directive
)
));
// redefinition of enumeration is cumulative
HTMLPurifier_ConfigDef::defineAllowedValues(
'Core', 'Name', array(
'Real Value 3',
)
);
$directive->allowed['Real Value 3'] = true;
$this->assertIdentical($this->our_copy->info, array(
'Core' => array(
'Name' => $directive
)
));
// cannot define enumeration for undefined directive
HTMLPurifier_ConfigDef::defineAllowedValues(
'Core', 'Foobar', array(
'Real Value 9',
)
);
$this->assertError('Cannot define allowed values for undefined directive');
$this->assertNoErrors();
$this->swallowErrors();
// test defining value aliases for an enumerated value
HTMLPurifier_ConfigDef::defineValueAliases(
'Core', 'Name', array(
'Aliased Value' => 'Real Value'
)
);
$directive->aliases['Aliased Value'] = 'Real Value';
$this->assertIdentical($this->our_copy->info, array(
'Core' => array(
'Name' => $directive
)
));
// redefine should be cumulative
HTMLPurifier_ConfigDef::defineValueAliases(
'Core', 'Name', array(
'Aliased Value 2' => 'Real Value 2'
)
);
$directive->aliases['Aliased Value 2'] = 'Real Value 2';
$this->assertIdentical($this->our_copy->info, array(
'Core' => array(
'Name' => $directive
)
));
// cannot create alias to not-allowed value
HTMLPurifier_ConfigDef::defineValueAliases(
'Core', 'Name', array(
'Aliased Value 3' => 'Invalid Value'
)
);
$this->assertError('Cannot define alias to value that is not allowed');
$this->assertNoErrors();
$this->swallowErrors();
// cannot create alias for already allowed value
HTMLPurifier_ConfigDef::defineValueAliases(
'Core', 'Name', array(
'Real Value' => 'Real Value 2'
)
);
$this->assertError('Cannot define alias over allowed value');
$this->assertNoErrors();
$this->swallowErrors();
// define a directive with an invalid type
HTMLPurifier_ConfigDef::define(
'Core', 'Foobar', false, 'omen',
'Omen is not a valid type, so we reject this.'
);
$this->assertError('Invalid type for configuration directive');
$this->assertNoErrors();
$this->swallowErrors();
// define a directive with inconsistent type
HTMLPurifier_ConfigDef::define(
'Core', 'Foobaz', 10, 'string',
'If we say string, we should mean it, not integer 10.'
);
$this->assertError('Default value does not match directive type');
$this->assertNoErrors();
$this->swallowErrors();
}
function assertValid($var, $type, $ret = null) {
$ret = ($ret === null) ? $var : $ret;
$this->assertIdentical($this->our_copy->validate($var, $type), $ret);
}
function assertInvalid($var, $type) {
$this->assertIdentical($this->our_copy->validate($var, $type), null);
}
function testValidate() {
$this->assertValid('foobar', 'string');
$this->assertValid('FOOBAR', 'istring', 'foobar');
$this->assertValid(34, 'int');
$this->assertValid(3.34, 'float');
$this->assertValid(false, 'bool');
$this->assertValid(0, 'bool', false);
$this->assertValid(1, 'bool', true);
$this->assertInvalid(34, 'bool');
$this->assertValid(array('1', '2', '3'), 'list');
$this->assertValid(array('1' => true, '2' => true), 'lookup');
$this->assertValid(array('1', '2'), 'lookup', array('1' => true, '2' => true));
$this->assertValid(array('foo' => 'bar'), 'hash');
$this->assertInvalid(array(0 => 'moo'), 'hash');
$this->assertValid(array(1 => 'moo'), 'hash');
$this->assertValid(23, 'mixed');
}
function assertMungeFilename($oldname, $newname) {
$this->assertIdentical(
$this->our_copy->mungeFilename($oldname),
$newname
);
}
function testMungeFilename() {
$this->assertMungeFilename(
'C:\\php\\libs\\htmlpurifier\\library\\HTMLPurifier\\AttrDef.php',
'HTMLPurifier/AttrDef.php'
);
$this->assertMungeFilename(
'C:\\php\\libs\\htmlpurifier\\library\\HTMLPurifier.php',
'HTMLPurifier.php'
);
} }
} }

View File

@ -5,25 +5,51 @@ require_once 'HTMLPurifier/Config.php';
class HTMLPurifier_ConfigTest extends UnitTestCase class HTMLPurifier_ConfigTest extends UnitTestCase
{ {
var $our_copy, $old_copy;
function setUp() {
$our_copy = new HTMLPurifier_ConfigDef();
$this->old_copy = HTMLPurifier_ConfigDef::instance();
$this->our_copy =& HTMLPurifier_ConfigDef::instance($our_copy);
}
function tearDown() {
HTMLPurifier_ConfigDef::instance($this->old_copy);
}
function test() { function test() {
$def = new HTMLPurifier_ConfigDef(); HTMLPurifier_ConfigDef::defineNamespace('Core', 'Corestuff');
$def->info = array( HTMLPurifier_ConfigDef::defineNamespace('Attr', 'Attributes');
'Core' => array('Key' => false), HTMLPurifier_ConfigDef::defineNamespace('Extension', 'Extensible');
'Attr' => array('Key' => 42),
'Extension' => array('Pert' => 'moo') HTMLPurifier_ConfigDef::define(
'Core', 'Key', false, 'bool', 'A boolean directive.'
);
HTMLPurifier_ConfigDef::define(
'Attr', 'Key', 42, 'int', 'An integer directive.'
);
HTMLPurifier_ConfigDef::define(
'Extension', 'Pert', 'foo', 'string', 'A string directive.'
); );
$config = new HTMLPurifier_Config($def); HTMLPurifier_ConfigDef::defineAllowedValues(
'Extension', 'Pert', array('foo', 'moo')
);
HTMLPurifier_ConfigDef::defineValueAliases(
'Extension', 'Pert', array('cow' => 'moo')
);
$config = HTMLPurifier_Config::createDefault();
// test default value retrieval // test default value retrieval
$this->assertIdentical($config->get('Core', 'Key'), false); $this->assertIdentical($config->get('Core', 'Key'), false);
$this->assertIdentical($config->get('Attr', 'Key'), 42); $this->assertIdentical($config->get('Attr', 'Key'), 42);
$this->assertIdentical($config->get('Extension', 'Pert'), 'moo'); $this->assertIdentical($config->get('Extension', 'Pert'), 'foo');
// set some values // set some values
$config->set('Core', 'Key', 'foobar'); $config->set('Core', 'Key', true);
$this->assertIdentical($config->get('Core', 'Key'), 'foobar'); $this->assertIdentical($config->get('Core', 'Key'), true);
// try to retrieve undefined value // try to retrieve undefined value
$config->get('Core', 'NotDefined'); $config->get('Core', 'NotDefined');
@ -37,6 +63,23 @@ class HTMLPurifier_ConfigTest extends UnitTestCase
$this->assertNoErrors(); $this->assertNoErrors();
$this->swallowErrors(); $this->swallowErrors();
// try to set not allowed value
$config->set('Extension', 'Pert', 'wizard');
$this->assertError('Value not supported');
$this->assertNoErrors();
$this->swallowErrors();
// try to set not allowed value
$config->set('Extension', 'Pert', 34);
$this->assertError('Value is of invalid type');
$this->assertNoErrors();
$this->swallowErrors();
// set aliased value
$config->set('Extension', 'Pert', 'cow');
$this->assertNoErrors();
$this->assertIdentical($config->get('Extension', 'Pert'), 'moo');
} }
} }