mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 08:21:52 +00:00
More unit test refactoring into seperate methods.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1380 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
a19f30fdcf
commit
9881a34712
@ -35,7 +35,7 @@ class HTMLPurifier_AttrValidator_ErrorsTest extends HTMLPurifier_ErrorsHarness
|
||||
$this->invoke($token);
|
||||
}
|
||||
|
||||
// to lazy to check for global post and global pre
|
||||
// too lazy to check for global post and global pre
|
||||
|
||||
function testAttributeRemoved() {
|
||||
$this->expectErrorCollection(E_ERROR, 'AttrValidator: Attribute removed');
|
||||
|
@ -17,7 +17,7 @@ class HTMLPurifier_EntityLookupTest extends HTMLPurifier_Harness
|
||||
// special char
|
||||
$this->assertIdentical('"', $lookup->table['quot']);
|
||||
$this->assertIdentical('“', $lookup->table['ldquo']);
|
||||
$this->assertIdentical('<', $lookup->table['lt']); //expressed strangely
|
||||
$this->assertIdentical('<', $lookup->table['lt']); // expressed strangely in source file
|
||||
|
||||
// symbol char
|
||||
$this->assertIdentical('θ', $lookup->table['theta']);
|
||||
|
@ -5,71 +5,95 @@ require_once 'HTMLPurifier/Lexer/DirectLex.php';
|
||||
class HTMLPurifier_LexerTest extends HTMLPurifier_Harness
|
||||
{
|
||||
|
||||
var $Lexer;
|
||||
var $DirectLex, $PEARSax3, $DOMLex;
|
||||
var $_entity_lookup;
|
||||
var $_has_pear = false;
|
||||
var $_has_dom = false;
|
||||
|
||||
function setUp() {
|
||||
$this->Lexer = new HTMLPurifier_Lexer();
|
||||
|
||||
$this->DirectLex = new HTMLPurifier_Lexer_DirectLex();
|
||||
|
||||
// E_STRICT = 2048, int used for PHP4 compat
|
||||
if ( $GLOBALS['HTMLPurifierTest']['PEAR'] &&
|
||||
((error_reporting() & 2048) != 2048)
|
||||
function HTMLPurifier_LexerTest() {
|
||||
parent::HTMLPurifier_Harness();
|
||||
// E_STRICT = 2048, int used for PHP4 compat: this check disables
|
||||
// PEAR if PHP 5 strict mode is on, since the class is not strict safe
|
||||
if (
|
||||
$GLOBALS['HTMLPurifierTest']['PEAR'] &&
|
||||
((error_reporting() & 2048) != 2048) // ought to be a better way
|
||||
) {
|
||||
$this->_has_pear = true;
|
||||
require_once 'HTMLPurifier/Lexer/PEARSax3.php';
|
||||
$this->PEARSax3 = new HTMLPurifier_Lexer_PEARSax3();
|
||||
$this->_has_pear = true;
|
||||
}
|
||||
|
||||
$this->_has_dom = version_compare(PHP_VERSION, '5', '>=');
|
||||
if ($this->_has_dom) {
|
||||
require_once 'HTMLPurifier/Lexer/DOMLex.php';
|
||||
$this->DOMLex = new HTMLPurifier_Lexer_DOMLex();
|
||||
}
|
||||
|
||||
$this->_entity_lookup = HTMLPurifier_EntityLookup::instance();
|
||||
|
||||
}
|
||||
|
||||
// HTMLPurifier_Lexer::create() --------------------------------------------
|
||||
|
||||
function test_create() {
|
||||
$config = HTMLPurifier_Config::create(array('Core.MaintainLineNumbers' => true));
|
||||
$lexer = HTMLPurifier_Lexer::create($config);
|
||||
$this->config->set('Core', 'MaintainLineNumbers', true);
|
||||
$lexer = HTMLPurifier_Lexer::create($this->config);
|
||||
$this->assertIsA($lexer, 'HTMLPurifier_Lexer_DirectLex');
|
||||
}
|
||||
|
||||
// HTMLPurifier_Lexer->parseData() -----------------------------------------
|
||||
|
||||
function assertParseData($input, $expect = true) {
|
||||
if ($expect === true) $expect = $input;
|
||||
$lexer = new HTMLPurifier_Lexer();
|
||||
$this->assertIdentical($expect, $lexer->parseData($input));
|
||||
}
|
||||
|
||||
function test_parseData_plainText() {
|
||||
$this->assertParseData('asdf');
|
||||
}
|
||||
|
||||
function test_parseData_ampersandEntity() {
|
||||
$this->assertParseData('&', '&');
|
||||
}
|
||||
|
||||
function test_parseData_quotEntity() {
|
||||
$this->assertParseData('"', '"');
|
||||
}
|
||||
|
||||
function test_parseData_aposNumericEntity() {
|
||||
$this->assertParseData(''', "'");
|
||||
}
|
||||
|
||||
function test_parseData_aposCompactNumericEntity() {
|
||||
$this->assertParseData(''', "'");
|
||||
}
|
||||
|
||||
function test_parseData_adjacentAmpersandEntities() {
|
||||
$this->assertParseData('&&&', '&&&');
|
||||
}
|
||||
|
||||
function test_parseData_trailingUnescapedAmpersand() {
|
||||
$this->assertParseData('&&', '&&');
|
||||
}
|
||||
|
||||
function test_parseData_internalUnescapedAmpersand() {
|
||||
$this->assertParseData('Procter & Gamble');
|
||||
}
|
||||
|
||||
function test_parseData_improperEntityFaultToleranceTest() {
|
||||
$this->assertParseData('-');
|
||||
}
|
||||
|
||||
// HTMLPurifier_Lexer->extractBody() ---------------------------------------
|
||||
|
||||
function assertExtractBody($text, $extract = true) {
|
||||
$result = $this->Lexer->extractBody($text);
|
||||
$lexer = new HTMLPurifier_Lexer();
|
||||
$result = $lexer->extractBody($text);
|
||||
if ($extract === true) $extract = $text;
|
||||
$this->assertIdentical($extract, $result);
|
||||
}
|
||||
|
||||
function test_parseData() {
|
||||
$HP =& $this->Lexer;
|
||||
|
||||
$this->assertIdentical('asdf', $HP->parseData('asdf'));
|
||||
$this->assertIdentical('&', $HP->parseData('&'));
|
||||
$this->assertIdentical('"', $HP->parseData('"'));
|
||||
$this->assertIdentical("'", $HP->parseData('''));
|
||||
$this->assertIdentical("'", $HP->parseData('''));
|
||||
$this->assertIdentical('&&&', $HP->parseData('&&&'));
|
||||
$this->assertIdentical('&&', $HP->parseData('&&')); // [INVALID]
|
||||
$this->assertIdentical('Procter & Gamble',
|
||||
$HP->parseData('Procter & Gamble')); // [INVALID]
|
||||
|
||||
// This is not special, thus not converted. Test of fault tolerance,
|
||||
// realistically speaking, this should never happen
|
||||
$this->assertIdentical('-', $HP->parseData('-'));
|
||||
function test_extractBody_noBodyTags() {
|
||||
$this->assertExtractBody('<b>Bold</b>');
|
||||
}
|
||||
|
||||
|
||||
function test_extractBody() {
|
||||
$this->assertExtractBody('<b>Bold</b>');
|
||||
function test_extractBody_lowercaseBodyTags() {
|
||||
$this->assertExtractBody('<html><body><b>Bold</b></body></html>', '<b>Bold</b>');
|
||||
}
|
||||
|
||||
function test_extractBody_uppercaseBodyTags() {
|
||||
$this->assertExtractBody('<HTML><BODY><B>Bold</B></BODY></HTML>', '<B>Bold</B>');
|
||||
}
|
||||
|
||||
function test_extractBody_realisticUseCase() {
|
||||
$this->assertExtractBody(
|
||||
'<?xml version="1.0"
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
||||
@ -97,309 +121,374 @@ class HTMLPurifier_LexerTest extends HTMLPurifier_Harness
|
||||
</div>
|
||||
</form>
|
||||
');
|
||||
$this->assertExtractBody('<html><body bgcolor="#F00"><b>Bold</b></body></html>', '<b>Bold</b>');
|
||||
$this->assertExtractBody('<body>asdf'); // not closed, don't accept
|
||||
|
||||
}
|
||||
|
||||
function test_tokenizeHTML() {
|
||||
|
||||
$input = array();
|
||||
$expect = array();
|
||||
$sax_expect = array();
|
||||
$config = array();
|
||||
|
||||
$input[0] = '';
|
||||
$expect[0] = array();
|
||||
|
||||
$input[1] = 'This is regular text.';
|
||||
$expect[1] = array(
|
||||
new HTMLPurifier_Token_Text('This is regular text.')
|
||||
);
|
||||
|
||||
$input[2] = 'This is <b>bold</b> text';
|
||||
$expect[2] = array(
|
||||
new HTMLPurifier_Token_Text('This is ')
|
||||
,new HTMLPurifier_Token_Start('b', array())
|
||||
,new HTMLPurifier_Token_Text('bold')
|
||||
,new HTMLPurifier_Token_End('b')
|
||||
,new HTMLPurifier_Token_Text(' text')
|
||||
);
|
||||
|
||||
$input[3] = '<DIV>Totally rad dude. <b>asdf</b></div>';
|
||||
$expect[3] = array(
|
||||
new HTMLPurifier_Token_Start('DIV', array())
|
||||
,new HTMLPurifier_Token_Text('Totally rad dude. ')
|
||||
,new HTMLPurifier_Token_Start('b', array())
|
||||
,new HTMLPurifier_Token_Text('asdf')
|
||||
,new HTMLPurifier_Token_End('b')
|
||||
,new HTMLPurifier_Token_End('div')
|
||||
);
|
||||
|
||||
// [XML-INVALID]
|
||||
$input[4] = '<asdf></asdf><d></d><poOloka><poolasdf><ds></asdf></ASDF>';
|
||||
$expect[4] = array(
|
||||
new HTMLPurifier_Token_Start('asdf')
|
||||
,new HTMLPurifier_Token_End('asdf')
|
||||
,new HTMLPurifier_Token_Start('d')
|
||||
,new HTMLPurifier_Token_End('d')
|
||||
,new HTMLPurifier_Token_Start('poOloka')
|
||||
,new HTMLPurifier_Token_Start('poolasdf')
|
||||
,new HTMLPurifier_Token_Start('ds')
|
||||
,new HTMLPurifier_Token_End('asdf')
|
||||
,new HTMLPurifier_Token_End('ASDF')
|
||||
);
|
||||
// DOM is different because it condenses empty tags into REAL empty ones
|
||||
// as well as makes it well-formed
|
||||
$dom_expect[4] = array(
|
||||
new HTMLPurifier_Token_Empty('asdf')
|
||||
,new HTMLPurifier_Token_Empty('d')
|
||||
,new HTMLPurifier_Token_Start('pooloka')
|
||||
,new HTMLPurifier_Token_Start('poolasdf')
|
||||
,new HTMLPurifier_Token_Empty('ds')
|
||||
,new HTMLPurifier_Token_End('poolasdf')
|
||||
,new HTMLPurifier_Token_End('pooloka')
|
||||
);
|
||||
|
||||
$input[5] = '<a'."\t".'href="foobar.php"'."\n".'title="foo!">Link to <b id="asdf">foobar</b></a>';
|
||||
$expect[5] = array(
|
||||
new HTMLPurifier_Token_Start('a',array('href'=>'foobar.php','title'=>'foo!'))
|
||||
,new HTMLPurifier_Token_Text('Link to ')
|
||||
,new HTMLPurifier_Token_Start('b',array('id'=>'asdf'))
|
||||
,new HTMLPurifier_Token_Text('foobar')
|
||||
,new HTMLPurifier_Token_End('b')
|
||||
,new HTMLPurifier_Token_End('a')
|
||||
);
|
||||
|
||||
$input[6] = '<br />';
|
||||
$expect[6] = array(
|
||||
new HTMLPurifier_Token_Empty('br')
|
||||
);
|
||||
|
||||
// [SGML-INVALID] [RECOVERABLE]
|
||||
$input[7] = '<!-- Comment --> <!-- not so well formed --->';
|
||||
$expect[7] = array(
|
||||
new HTMLPurifier_Token_Comment(' Comment ')
|
||||
,new HTMLPurifier_Token_Text(' ')
|
||||
,new HTMLPurifier_Token_Comment(' not so well formed -')
|
||||
);
|
||||
$sax_expect[7] = false; // we need to figure out proper comment output
|
||||
|
||||
// [SGML-INVALID]
|
||||
$input[8] = '<a href=""';
|
||||
$expect[8] = array(
|
||||
new HTMLPurifier_Token_Text('<a href=""')
|
||||
);
|
||||
// SAX parses it into a tag
|
||||
$sax_expect[8] = array(
|
||||
new HTMLPurifier_Token_Start('a', array('href'=>''))
|
||||
);
|
||||
// DOM parses it into an empty tag
|
||||
$dom_expect[8] = array(
|
||||
new HTMLPurifier_Token_Empty('a', array('href'=>''))
|
||||
);
|
||||
|
||||
$input[9] = '<b>';
|
||||
$expect[9] = array(
|
||||
new HTMLPurifier_Token_Text('<b>')
|
||||
);
|
||||
$sax_expect[9] = array(
|
||||
new HTMLPurifier_Token_Text('<')
|
||||
,new HTMLPurifier_Token_Text('b')
|
||||
,new HTMLPurifier_Token_Text('>')
|
||||
);
|
||||
// note that SAX can clump text nodes together. We won't be
|
||||
// too picky though
|
||||
|
||||
// [SGML-INVALID]
|
||||
$input[10] = '<a "=>';
|
||||
// We barf on this, aim for no attributes
|
||||
$expect[10] = array(
|
||||
new HTMLPurifier_Token_Start('a', array('"' => ''))
|
||||
);
|
||||
// DOM correctly has no attributes, but also closes the tag
|
||||
$dom_expect[10] = array(
|
||||
new HTMLPurifier_Token_Empty('a')
|
||||
);
|
||||
// SAX barfs on this
|
||||
$sax_expect[10] = array(
|
||||
new HTMLPurifier_Token_Start('a', array('"' => ''))
|
||||
);
|
||||
|
||||
// [INVALID] [RECOVERABLE]
|
||||
$input[11] = '"';
|
||||
$expect[11] = array( new HTMLPurifier_Token_Text('"') );
|
||||
|
||||
// compare with this valid one:
|
||||
$input[12] = '"';
|
||||
$expect[12] = array( new HTMLPurifier_Token_Text('"') );
|
||||
$sax_expect[12] = false; // choked!
|
||||
|
||||
// CDATA sections!
|
||||
$input[13] = '<![CDATA[You <b>can't</b> get me!]]>';
|
||||
$expect[13] = array( new HTMLPurifier_Token_Text(
|
||||
'You <b>can't</b> get me!' // raw
|
||||
) );
|
||||
$sax_expect[13] = array( // SAX has a seperate call for each entity
|
||||
new HTMLPurifier_Token_Text('You '),
|
||||
new HTMLPurifier_Token_Text('<'),
|
||||
new HTMLPurifier_Token_Text('b'),
|
||||
new HTMLPurifier_Token_Text('>'),
|
||||
new HTMLPurifier_Token_Text('can'),
|
||||
new HTMLPurifier_Token_Text('&'),
|
||||
new HTMLPurifier_Token_Text('#39;t'),
|
||||
new HTMLPurifier_Token_Text('<'),
|
||||
new HTMLPurifier_Token_Text('/b'),
|
||||
new HTMLPurifier_Token_Text('>'),
|
||||
new HTMLPurifier_Token_Text(' get me!')
|
||||
);
|
||||
|
||||
$char_theta = $this->_entity_lookup->table['theta'];
|
||||
$char_rarr = $this->_entity_lookup->table['rarr'];
|
||||
|
||||
// test entity replacement
|
||||
$input[14] = 'θ';
|
||||
$expect[14] = array( new HTMLPurifier_Token_Text($char_theta) );
|
||||
|
||||
// test that entities aren't replaced in CDATA sections
|
||||
$input[15] = 'θ <![CDATA[→]]>';
|
||||
$expect[15] = array( new HTMLPurifier_Token_Text($char_theta . ' →') );
|
||||
$sax_expect[15] = array(
|
||||
new HTMLPurifier_Token_Text($char_theta . ' '),
|
||||
new HTMLPurifier_Token_Text('&'),
|
||||
new HTMLPurifier_Token_Text('rarr;')
|
||||
);
|
||||
|
||||
// test entity resolution in attributes
|
||||
$input[16] = '<a href="index.php?title=foo&id=bar">Link</a>';
|
||||
$expect[16] = array(
|
||||
new HTMLPurifier_Token_Start('a',array('href' => 'index.php?title=foo&id=bar'))
|
||||
,new HTMLPurifier_Token_Text('Link')
|
||||
,new HTMLPurifier_Token_End('a')
|
||||
);
|
||||
|
||||
// test that UTF-8 is preserved
|
||||
$char_hearts = $this->_entity_lookup->table['hearts'];
|
||||
$input[17] = $char_hearts;
|
||||
$expect[17] = array( new HTMLPurifier_Token_Text($char_hearts) );
|
||||
|
||||
// test weird characters in attributes
|
||||
$input[18] = '<br test="x < 6" />';
|
||||
$expect[18] = array( new HTMLPurifier_Token_Empty('br', array('test' => 'x < 6')) );
|
||||
|
||||
// test emoticon protection
|
||||
$input[19] = '<b>Whoa! <3 That\'s not good >.></b>';
|
||||
$expect[19] = array(
|
||||
new HTMLPurifier_Token_Start('b'),
|
||||
new HTMLPurifier_Token_Text('Whoa! '),
|
||||
new HTMLPurifier_Token_Text('<3 That\'s not good >'),
|
||||
new HTMLPurifier_Token_Text('.>'),
|
||||
new HTMLPurifier_Token_End('b'),
|
||||
);
|
||||
$dom_expect[19] = array(
|
||||
new HTMLPurifier_Token_Start('b'),
|
||||
new HTMLPurifier_Token_Text('Whoa! <3 That\'s not good >.>'),
|
||||
new HTMLPurifier_Token_End('b'),
|
||||
);
|
||||
$sax_expect[19] = false; // SAX drops the < character
|
||||
$config[19] = HTMLPurifier_Config::create(array('Core.AggressivelyFixLt' => true));
|
||||
|
||||
// test comment parsing with funky characters inside
|
||||
$input[20] = '<!-- This >< comment --><br />';
|
||||
$expect[20] = array(
|
||||
new HTMLPurifier_Token_Comment(' This >< comment '),
|
||||
new HTMLPurifier_Token_Empty('br')
|
||||
);
|
||||
$sax_expect[20] = false;
|
||||
$config[20] = HTMLPurifier_Config::create(array('Core.AggressivelyFixLt' => true));
|
||||
|
||||
// test comment parsing of missing end
|
||||
$input[21] = '<!-- This >< comment';
|
||||
$expect[21] = array(
|
||||
new HTMLPurifier_Token_Comment(' This >< comment')
|
||||
);
|
||||
$sax_expect[21] = false;
|
||||
$dom_expect[21] = false;
|
||||
$config[21] = HTMLPurifier_Config::create(array('Core.AggressivelyFixLt' => true));
|
||||
|
||||
// test CDATA tags
|
||||
$input[22] = '<script>alert("<foo>");</script>';
|
||||
$expect[22] = array(
|
||||
new HTMLPurifier_Token_Start('script')
|
||||
,new HTMLPurifier_Token_Text('alert("<foo>");')
|
||||
,new HTMLPurifier_Token_End('script')
|
||||
);
|
||||
$config[22] = HTMLPurifier_Config::create(array('HTML.Trusted' => true));
|
||||
$sax_expect[22] = false;
|
||||
|
||||
// test escaping
|
||||
$input[23] = '<!-- This comment < < & -->';
|
||||
$expect[23] = array(
|
||||
new HTMLPurifier_Token_Comment(' This comment < < & ') );
|
||||
$sax_expect[23] = false; $config[23] =
|
||||
HTMLPurifier_Config::create(array('Core.AggressivelyFixLt' =>
|
||||
true));
|
||||
|
||||
// more DirectLex edge-cases
|
||||
$input[24] = '<a href="><>">';
|
||||
$expect[24] = array(
|
||||
new HTMLPurifier_Token_Start('a', array('href' => '')),
|
||||
new HTMLPurifier_Token_Text('<">')
|
||||
);
|
||||
$sax_expect[24] = false;
|
||||
$dom_expect[24] = array(
|
||||
new HTMLPurifier_Token_Empty('a', array('href' => '><>'))
|
||||
);
|
||||
|
||||
// empty tag with attributes
|
||||
$input[25] = '<param name="src" value="http://example.com/video.wmv" />';
|
||||
$expect[25] = array(
|
||||
new HTMLPurifier_Token_Empty('param', array('name' => 'src', 'value' => 'http://example.com/video.wmv'))
|
||||
);
|
||||
|
||||
$default_config = HTMLPurifier_Config::createDefault();
|
||||
$default_context = new HTMLPurifier_Context();
|
||||
foreach($input as $i => $discard) {
|
||||
if (!isset($config[$i])) $config[$i] = $default_config;
|
||||
|
||||
$result = $this->DirectLex->tokenizeHTML($input[$i], $config[$i], $default_context);
|
||||
$this->assertIdentical($expect[$i], $result, 'DirectLexTest '.$i.': %s');
|
||||
paintIf($result, $expect[$i] != $result);
|
||||
|
||||
if ($this->_has_pear) {
|
||||
// assert unless I say otherwise
|
||||
$sax_result = $this->PEARSax3->tokenizeHTML($input[$i], $config[$i], $default_context);
|
||||
if (!isset($sax_expect[$i])) {
|
||||
// by default, assert with normal result
|
||||
$this->assertIdentical($expect[$i], $sax_result, 'PEARSax3Test '.$i.': %s');
|
||||
paintIf($sax_result, $expect[$i] != $sax_result);
|
||||
} elseif ($sax_expect[$i] === false) {
|
||||
// assertions were turned off, optionally dump
|
||||
// paintIf($sax_expect, $i == NUMBER);
|
||||
} else {
|
||||
// match with a custom SAX result array
|
||||
$this->assertIdentical($sax_expect[$i], $sax_result, 'PEARSax3Test (custom) '.$i.': %s');
|
||||
paintIf($sax_result, $sax_expect[$i] != $sax_result);
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->_has_dom) {
|
||||
$dom_result = $this->DOMLex->tokenizeHTML($input[$i], $config[$i], $default_context);
|
||||
// same structure as SAX
|
||||
if (!isset($dom_expect[$i])) {
|
||||
$this->assertIdentical($expect[$i], $dom_result, 'DOMLexTest '.$i.': %s');
|
||||
paintIf($dom_result, $expect[$i] != $dom_result);
|
||||
} elseif ($dom_expect[$i] === false) {
|
||||
// paintIf($dom_result, $i == NUMBER);
|
||||
} else {
|
||||
$this->assertIdentical($dom_expect[$i], $dom_result, 'DOMLexTest (custom) '.$i.': %s');
|
||||
paintIf($dom_result, $dom_expect[$i] != $dom_result);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function test_extractBody_bodyWithAttributes() {
|
||||
$this->assertExtractBody('<html><body bgcolor="#F00"><b>Bold</b></body></html>', '<b>Bold</b>');
|
||||
}
|
||||
|
||||
function test_extractBody_preserveUnclosedBody() {
|
||||
$this->assertExtractBody('<body>asdf'); // not closed, don't accept
|
||||
}
|
||||
|
||||
// HTMLPurifier_Lexer->tokenizeHTML() --------------------------------------
|
||||
|
||||
function assertTokenization($input, $expect, $alt_expect = array()) {
|
||||
$lexers = array();
|
||||
$lexers['DirectLex'] = new HTMLPurifier_Lexer_DirectLex();
|
||||
if ($this->_has_pear) $lexers['PEARSax3'] = new HTMLPurifier_Lexer_PEARSax3();
|
||||
if (version_compare(PHP_VERSION, "5", ">=") && class_exists('DOMDocument')) {
|
||||
$lexers['DOMLex'] = new HTMLPurifier_Lexer_DOMLex();
|
||||
}
|
||||
foreach ($lexers as $name => $lexer) {
|
||||
$result = $lexer->tokenizeHTML($input, $this->config, $this->context);
|
||||
if (isset($alt_expect[$name])) {
|
||||
if ($alt_expect[$name] === false) continue;
|
||||
$this->assertIdentical($result, $alt_expect[$name]);
|
||||
} else {
|
||||
$this->assertIdentical($result, $expect);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_emptyInput() {
|
||||
$this->assertTokenization('', array());
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_plainText() {
|
||||
$this->assertTokenization(
|
||||
'This is regular text.',
|
||||
array(
|
||||
new HTMLPurifier_Token_Text('This is regular text.')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_textAndTags() {
|
||||
$this->assertTokenization(
|
||||
'This is <b>bold</b> text',
|
||||
array(
|
||||
new HTMLPurifier_Token_Text('This is '),
|
||||
new HTMLPurifier_Token_Start('b', array()),
|
||||
new HTMLPurifier_Token_Text('bold'),
|
||||
new HTMLPurifier_Token_End('b'),
|
||||
new HTMLPurifier_Token_Text(' text'),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_normalizeCase() {
|
||||
$this->assertTokenization(
|
||||
'<DIV>Totally rad dude. <b>asdf</b></div>',
|
||||
array(
|
||||
new HTMLPurifier_Token_Start('DIV', array()),
|
||||
new HTMLPurifier_Token_Text('Totally rad dude. '),
|
||||
new HTMLPurifier_Token_Start('b', array()),
|
||||
new HTMLPurifier_Token_Text('asdf'),
|
||||
new HTMLPurifier_Token_End('b'),
|
||||
new HTMLPurifier_Token_End('div'),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_notWellFormed() {
|
||||
$this->assertTokenization(
|
||||
'<asdf></asdf><d></d><poOloka><poolasdf><ds></asdf></ASDF>',
|
||||
array(
|
||||
new HTMLPurifier_Token_Start('asdf'),
|
||||
new HTMLPurifier_Token_End('asdf'),
|
||||
new HTMLPurifier_Token_Start('d'),
|
||||
new HTMLPurifier_Token_End('d'),
|
||||
new HTMLPurifier_Token_Start('poOloka'),
|
||||
new HTMLPurifier_Token_Start('poolasdf'),
|
||||
new HTMLPurifier_Token_Start('ds'),
|
||||
new HTMLPurifier_Token_End('asdf'),
|
||||
new HTMLPurifier_Token_End('ASDF'),
|
||||
),
|
||||
array(
|
||||
// DOMLex automatically closes invalid tags
|
||||
'DOMLex' => array(
|
||||
new HTMLPurifier_Token_Empty('asdf'),
|
||||
new HTMLPurifier_Token_Empty('d'),
|
||||
new HTMLPurifier_Token_Start('pooloka'),
|
||||
new HTMLPurifier_Token_Start('poolasdf'),
|
||||
new HTMLPurifier_Token_Empty('ds'),
|
||||
new HTMLPurifier_Token_End('poolasdf'),
|
||||
new HTMLPurifier_Token_End('pooloka'),
|
||||
),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_whitespaceInTag() {
|
||||
$this->assertTokenization(
|
||||
'<a'."\t".'href="foobar.php"'."\n".'title="foo!">Link to <b id="asdf">foobar</b></a>',
|
||||
array(
|
||||
new HTMLPurifier_Token_Start('a',array('href'=>'foobar.php','title'=>'foo!')),
|
||||
new HTMLPurifier_Token_Text('Link to '),
|
||||
new HTMLPurifier_Token_Start('b',array('id'=>'asdf')),
|
||||
new HTMLPurifier_Token_Text('foobar'),
|
||||
new HTMLPurifier_Token_End('b'),
|
||||
new HTMLPurifier_Token_End('a'),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_emptyTag() {
|
||||
$this->assertTokenization(
|
||||
'<br />',
|
||||
array( new HTMLPurifier_Token_Empty('br') )
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_comment() {
|
||||
$this->assertTokenization(
|
||||
'<!-- Comment -->',
|
||||
array( new HTMLPurifier_Token_Comment(' Comment ') )
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_malformedComment() {
|
||||
$this->assertTokenization(
|
||||
'<!-- not so well formed --->',
|
||||
array( new HTMLPurifier_Token_Comment(' not so well formed -') ),
|
||||
array(
|
||||
'PEARSax3' => false, // behavior is undefined
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_unterminatedTag() {
|
||||
$this->assertTokenization(
|
||||
'<a href=""',
|
||||
array( new HTMLPurifier_Token_Text('<a href=""') ),
|
||||
array(
|
||||
// I like our behavior better, but it's non-standard
|
||||
'DOMLex' => array( new HTMLPurifier_Token_Empty('a', array('href'=>'')) ),
|
||||
'PEARSax3' => array( new HTMLPurifier_Token_Start('a', array('href'=>'')) ),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_specialEntities() {
|
||||
$this->assertTokenization(
|
||||
'<b>',
|
||||
array(
|
||||
new HTMLPurifier_Token_Text('<b>')
|
||||
),
|
||||
array(
|
||||
// it is possible to configure PEARSax3 to clump nodes together,
|
||||
// I just don't know how
|
||||
'PEARSax3' => array(
|
||||
new HTMLPurifier_Token_Text('<'),
|
||||
new HTMLPurifier_Token_Text('b'),
|
||||
new HTMLPurifier_Token_Text('>'),
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_earlyQuote() {
|
||||
$this->assertTokenization(
|
||||
'<a "=>',
|
||||
array( new HTMLPurifier_Token_Empty('a') ),
|
||||
array(
|
||||
// we barf on this input
|
||||
'DirectLex' => $tokens = array(
|
||||
new HTMLPurifier_Token_Start('a', array('"' => ''))
|
||||
),
|
||||
'PEARSax3' => $tokens,
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_unescapedQuote() {
|
||||
$this->assertTokenization(
|
||||
'"',
|
||||
array( new HTMLPurifier_Token_Text('"') )
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_escapedQuote() {
|
||||
$this->assertTokenization(
|
||||
'"',
|
||||
array( new HTMLPurifier_Token_Text('"') )
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_cdata() {
|
||||
$this->assertTokenization(
|
||||
'<![CDATA[You <b>can't</b> get me!]]>',
|
||||
array( new HTMLPurifier_Token_Text('You <b>can't</b> get me!') ),
|
||||
array(
|
||||
// PEAR splits up all of the CDATA
|
||||
'PEARSax3' => array(
|
||||
new HTMLPurifier_Token_Text('You '),
|
||||
new HTMLPurifier_Token_Text('<'),
|
||||
new HTMLPurifier_Token_Text('b'),
|
||||
new HTMLPurifier_Token_Text('>'),
|
||||
new HTMLPurifier_Token_Text('can'),
|
||||
new HTMLPurifier_Token_Text('&'),
|
||||
new HTMLPurifier_Token_Text('#39;t'),
|
||||
new HTMLPurifier_Token_Text('<'),
|
||||
new HTMLPurifier_Token_Text('/b'),
|
||||
new HTMLPurifier_Token_Text('>'),
|
||||
new HTMLPurifier_Token_Text(' get me!'),
|
||||
),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_characterEntity() {
|
||||
$this->assertTokenization(
|
||||
'θ',
|
||||
array( new HTMLPurifier_Token_Text("\xCE\xB8") )
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_characterEntityInCDATA() {
|
||||
$this->assertTokenization(
|
||||
'<![CDATA[→]]>',
|
||||
array( new HTMLPurifier_Token_Text("→") ),
|
||||
array(
|
||||
'PEARSax3' => array(
|
||||
new HTMLPurifier_Token_Text('&'),
|
||||
new HTMLPurifier_Token_Text('rarr;'),
|
||||
),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_entityInAttribute() {
|
||||
$this->assertTokenization(
|
||||
'<a href="index.php?title=foo&id=bar">Link</a>',
|
||||
array(
|
||||
new HTMLPurifier_Token_Start('a',array('href' => 'index.php?title=foo&id=bar')),
|
||||
new HTMLPurifier_Token_Text('Link'),
|
||||
new HTMLPurifier_Token_End('a'),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_preserveUTF8() {
|
||||
$this->assertTokenization(
|
||||
"\xCE\xB8",
|
||||
array( new HTMLPurifier_Token_Text("\xCE\xB8") )
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_specialEntityInAttribute() {
|
||||
$this->assertTokenization(
|
||||
'<br test="x < 6" />',
|
||||
array( new HTMLPurifier_Token_Empty('br', array('test' => 'x < 6')) )
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_emoticonProtection() {
|
||||
$this->config->set('Core', 'AggressivelyFixLt', true);
|
||||
$this->assertTokenization(
|
||||
'<b>Whoa! <3 That\'s not good >.></b>',
|
||||
array(
|
||||
new HTMLPurifier_Token_Start('b'),
|
||||
new HTMLPurifier_Token_Text('Whoa! '),
|
||||
new HTMLPurifier_Token_Text('<3 That\'s not good >'),
|
||||
new HTMLPurifier_Token_Text('.>'),
|
||||
new HTMLPurifier_Token_End('b')
|
||||
),
|
||||
array(
|
||||
// text is absorbed together
|
||||
'DOMLex' => array(
|
||||
new HTMLPurifier_Token_Start('b'),
|
||||
new HTMLPurifier_Token_Text('Whoa! <3 That\'s not good >.>'),
|
||||
new HTMLPurifier_Token_End('b'),
|
||||
),
|
||||
'PEARSax3' => false, // totally mangled
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_commentWithFunkyChars() {
|
||||
$this->assertTokenization(
|
||||
'<!-- This >< comment --><br />',
|
||||
array(
|
||||
new HTMLPurifier_Token_Comment(' This >< comment '),
|
||||
new HTMLPurifier_Token_Empty('br'),
|
||||
),
|
||||
array(
|
||||
'PEARSax3' => false,
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_unterminatedComment() {
|
||||
$this->assertTokenization(
|
||||
'<!-- This >< comment',
|
||||
array( new HTMLPurifier_Token_Comment(' This >< comment') ),
|
||||
array(
|
||||
'DOMLex' => false,
|
||||
'PEARSax3' => false
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_scriptCDATAContents() {
|
||||
$this->config->set('HTML', 'Trusted', true);
|
||||
$this->assertTokenization(
|
||||
'<script>alert("<foo>");</script>',
|
||||
array(
|
||||
new HTMLPurifier_Token_Start('script'),
|
||||
new HTMLPurifier_Token_Text('alert("<foo>");'),
|
||||
new HTMLPurifier_Token_End('script'),
|
||||
),
|
||||
array(
|
||||
'PEARSax3' => false,
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_entitiesInComment() {
|
||||
$this->config->set('Core', 'AggressivelyFixLt', true);
|
||||
$this->assertTokenization(
|
||||
'<!-- This comment < < & -->',
|
||||
array( new HTMLPurifier_Token_Comment(' This comment < < & ') ),
|
||||
array(
|
||||
'PEARSax3' => false
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_attributeWithSpecialCharacters() {
|
||||
$this->assertTokenization(
|
||||
'<a href="><>">',
|
||||
array( new HTMLPurifier_Token_Empty('a', array('href' => '><>')) ),
|
||||
array(
|
||||
'DirectLex' => array(
|
||||
new HTMLPurifier_Token_Start('a', array('href' => '')),
|
||||
new HTMLPurifier_Token_Text('<">'),
|
||||
),
|
||||
'PEARSax3' => false,
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function test_tokenizeHTML_emptyTagWithSlashInAttribute() {
|
||||
$this->assertTokenization(
|
||||
'<param name="src" value="http://example.com/video.wmv" />',
|
||||
array( new HTMLPurifier_Token_Empty('param', array('name' => 'src', 'value' => 'http://example.com/video.wmv')) )
|
||||
);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
function test_tokenizeHTML_() {
|
||||
$this->assertTokenization(
|
||||
,
|
||||
array(
|
||||
|
||||
)
|
||||
);
|
||||
}
|
||||
*/
|
||||
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user