mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-03-23 14:27:02 +00:00
Code Releases Activity

Conditionalize hash_hmac tests for 5.0

Browse Source 
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
This commit is contained in:
Edward Z. Yang 2013-10-28 16:48:07 -07:00 committed by Edward Z. Yang
parent 0beecad78a
commit 8cd08620dc
5 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/HTMLPurifier/URIFilter/Munge.php
View File

@ -48,7 +48,7 @@ class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter
$this->doEmbed = $config->get('URI.MungeResources'); $this->doEmbed = $config->get('URI.MungeResources');
$this->secretKey = $config->get('URI.MungeSecretKey'); $this->secretKey = $config->get('URI.MungeSecretKey');
if ($this->secretKey && !function_exists('hash_hmac')) { if ($this->secretKey && !function_exists('hash_hmac')) {
trigger_error("Cannot use %URI.MungeSecretKey without hash_hmac support.", E_USER_ERROR); throw new Exception("Cannot use %URI.MungeSecretKey without hash_hmac support.");
} }
return true; return true;
} }

2
tests/HTMLPurifier/HTMLT/munge-extra.htmlt
View File

@ -1,3 +1,5 @@
--SKIPIF--
return !function_exists('hash_hmac');
--INI-- --INI--
URI.Munge = "/redirect?s=%s&t=%t&r=%r&n=%n&m=%m&p=%p" URI.Munge = "/redirect?s=%s&t=%t&r=%r&n=%n&m=%m&p=%p"
URI.MungeSecretKey = "foo" URI.MungeSecretKey = "foo"

2
tests/HTMLPurifier/HTMLT/safe-object-embed-munge.htmlt
View File

@ -1,3 +1,5 @@
--SKIPIF--
return !function_exists('hash_hmac');
--INI-- --INI--
HTML.SafeObject = true HTML.SafeObject = true
HTML.SafeEmbed = true HTML.SafeEmbed = true

2
tests/HTMLPurifier/HTMLT/secure-munge.htmlt
View File

@ -1,3 +1,5 @@
--SKIPIF--
return !function_exists('hash_hmac');
--INI-- --INI--
URI.Munge = "/redirect.php?url=%s&check=%t" URI.Munge = "/redirect.php?url=%s&check=%t"
URI.MungeSecretKey = "foo" URI.MungeSecretKey = "foo"

14
tests/HTMLPurifier/URIFilter/MungeTest.php
View File

@ -16,8 +16,10 @@ class HTMLPurifier_URIFilter_MungeTest extends HTMLPurifier_URIFilterHarness
protected function setSecureMunge($key = 'secret') protected function setSecureMunge($key = 'secret')
{ {
if (!function_exists('hash_hmac')) return false;
$this->setMunge('/redirect.php?url=%s&checksum=%t'); $this->setMunge('/redirect.php?url=%s&checksum=%t');
$this->config->set('URI.MungeSecretKey', $key); $this->config->set('URI.MungeSecretKey', $key);
return true;
} }
public function testMunge() public function testMunge()
@ -92,13 +94,13 @@ class HTMLPurifier_URIFilter_MungeTest extends HTMLPurifier_URIFilterHarness
public function testSecureMungePreserve() public function testSecureMungePreserve()
{ {
$this->setSecureMunge(); if (!$this->setSecureMunge()) return;
$this->assertFiltering('/local'); $this->assertFiltering('/local');
} }
public function testSecureMungePreserveEmbedded() public function testSecureMungePreserveEmbedded()
{ {
$this->setSecureMunge(); if (!$this->setSecureMunge()) return;
$embedded = true; $embedded = true;
$this->context->register('EmbeddedURI', $embedded); $this->context->register('EmbeddedURI', $embedded);
$this->assertFiltering('http://google.com'); $this->assertFiltering('http://google.com');
@ -106,26 +108,26 @@ class HTMLPurifier_URIFilter_MungeTest extends HTMLPurifier_URIFilterHarness
public function testSecureMungeStandard() public function testSecureMungeStandard()
{ {
$this->setSecureMunge(); if (!$this->setSecureMunge()) return;
$this->assertFiltering('http://google.com', '/redirect.php?url=http%3A%2F%2Fgoogle.com&checksum=46267a796aca0ea5839f24c4c97ad2648373a4eca31b1c0d1fa7c7ff26798f79'); $this->assertFiltering('http://google.com', '/redirect.php?url=http%3A%2F%2Fgoogle.com&checksum=46267a796aca0ea5839f24c4c97ad2648373a4eca31b1c0d1fa7c7ff26798f79');
} }
public function testSecureMungeIgnoreUnknownSchemes() public function testSecureMungeIgnoreUnknownSchemes()
{ {
// This should be integration tested as well to be false // This should be integration tested as well to be false
$this->setSecureMunge(); if (!$this->setSecureMunge()) return;
$this->assertFiltering('javascript:', true); $this->assertFiltering('javascript:', true);
} }
public function testSecureMungeIgnoreUnbrowsableSchemes() public function testSecureMungeIgnoreUnbrowsableSchemes()
{ {
$this->setSecureMunge(); if (!$this->setSecureMunge()) return;
$this->assertFiltering('news:', true); $this->assertFiltering('news:', true);
} }
public function testSecureMungeToDirectory() public function testSecureMungeToDirectory()
{ {
$this->setSecureMunge(); if (!$this->setSecureMunge()) return;
$this->setMunge('/links/%s/%t'); $this->setMunge('/links/%s/%t');
$this->assertFiltering('http://google.com', '/links/http%3A%2F%2Fgoogle.com/46267a796aca0ea5839f24c4c97ad2648373a4eca31b1c0d1fa7c7ff26798f79'); $this->assertFiltering('http://google.com', '/links/http%3A%2F%2Fgoogle.com/46267a796aca0ea5839f24c4c97ad2648373a4eca31b1c0d1fa7c7ff26798f79');
} }