assertPurification("Null byte\0", "Null byte"); } function testStrict() { $this->config->set('HTML', 'Strict', true); $this->assertPurification( 'Illegal underline', 'Illegal underline' ); $this->assertPurification( '

Illegal contents

', '

Illegal contents

' ); } function testDifferentAllowedElements() { $this->config->set('HTML', 'AllowedElements', array('b', 'i', 'p', 'a')); $this->config->set('HTML', 'AllowedAttributes', array('a.href', '*.id')); $this->assertPurification( '

Par.

Paragraph

TextBold' ); $this->assertPurification( 'Not allowedFoobar', 'Not allowedFoobar' // no ID!!! ); } function testBlacklistElements() { $this->config->set('HTML', 'ForbiddenElements', array('b')); $this->config->set('HTML', 'ForbiddenAttributes', array('a@href')); $this->assertPurification( '

Par.

' ); $this->assertPurification( 'Par.', 'Par.' ); } function testDifferentAllowedCSSProperties() { $this->config->set('CSS', 'AllowedProperties', array('color', 'background-color')); $this->assertPurification( '

red

' ); $this->assertPurification( '

red

', '

red

' ); } function testDisableURI() { $this->config->set('URI', 'Disable', true); $this->assertPurification( '

', '' ); } function test_purifyArray() { $this->assertIdentical( $this->purifier->purifyArray( array('Good', 'Sketchy', 'foo' => '') ), array('Good', 'Sketchy', 'foo' => '') ); $this->assertIsA($this->purifier->context, 'array'); } function testAttrIDDisabledByDefault() { $this->assertPurification( 'foobar', 'foobar' ); } function testEnableAttrID() { $this->config->set('Attr', 'EnableID', true); $this->assertPurification('foobar'); $this->assertPurification(''); } function testScript() { $this->config->set('HTML', 'Trusted', true); $ideal = ''; $this->assertPurification($ideal); $this->assertPurification( '', $ideal ); $this->assertPurification( '', $ideal ); $this->assertPurification( '', $ideal ); $this->assertPurification( '', $ideal ); } function testGetInstance() { $purifier = HTMLPurifier::getInstance(); $purifier2 = HTMLPurifier::getInstance(); $this->assertReference($purifier, $purifier2); } function testMakeAbsolute() { $this->config->set('URI', 'Base', 'http://example.com/bar/baz.php'); $this->config->set('URI', 'MakeAbsolute', true); $this->assertPurification( 'Foobar', 'Foobar' ); } function test_addFilter_deprecated() { $this->expectError('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom'); generate_mock_once('HTMLPurifier_Filter'); $this->purifier->addFilter($mock = new HTMLPurifier_FilterMock()); $mock->expectOnce('preFilter'); $mock->expectOnce('postFilter'); $this->purifier->purify('foo'); } function test_shiftJis() { if (!function_exists('iconv')) return; $this->config->set('Core', 'Encoding', 'Shift_JIS'); $this->config->set('Core', 'EscapeNonASCIICharacters', true); $this->assertPurification( "111" ); } function test_shiftJisWorstCase() { if (!function_exists('iconv')) return; $this->config->set('Core', 'Encoding', 'Shift_JIS'); $this->assertPurification( // Notice how Yen disappears "111", "111" ); } function test_secureMunge() { $this->config->set('URI', 'Munge', '/redirect.php?url=%s&check=%t'); $this->config->set('URI', 'MungeSecretKey', 'foo'); $this->assertPurification( 'foo', 'foo' ); } function test_safeObjectAndEmbed() { $this->config->set('HTML', 'SafeObject', true); $this->config->set('HTML', 'SafeEmbed', true); $this->assertPurification( '', '' ); } function test_safeObjectAndEmbedWithSecureMunge() { $this->config->set('HTML', 'SafeObject', true); $this->config->set('HTML', 'SafeEmbed', true); $this->config->set('URI', 'Munge', '/redirect.php?url=%s&check=%t'); $this->config->set('URI', 'MungeSecretKey', 'foo'); $this->assertPurification( '', '' ); } function test_mungeWithExtraParams() { $this->config->set('URI', 'Munge', '/redirect?s=%s&t=%t&r=%r&n=%n&m=%m&p=%p'); $this->config->set('URI', 'MungeSecretKey', 'foo'); $this->config->set('URI', 'MungeResources', true); $this->assertPurification( 'Link', 'Link'. '' ); } function test_name() { $this->config->set('Attr', 'EnableID', true); $this->config->set('HTML', 'Doctype', 'XHTML 1.0 Strict'); $this->assertPurification(''); } }