0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 17:01:51 +00:00
htmlpurifier/tests/HTMLPurifier/Injector/SafeObjectTest.php
Edward Z. Yang 700d5bcbfc Implement %AutoFormat.RemoveEmpty, end to start ref, and injector rewind.
Injector rewind: Injectors can now use the method rewind() in order to move
the input index backwards, so that they can reprocess tokens (other injectors
are not affected by a rewind). This functionality was necessary to implement
nested node removals in %AutoFormat.RemoveEmpty.

End to start ref: To facilitate rewinding, HTMLPurifier_Token_End now
maintains a reference called $start to the starting token for their node.

%AutoFormat.RemoveEmpty removes empty nodes. Lots of people have requested
it, so here is a partially effective implementation. Because it is implemented
as an Injector, it's not possible for it to handle newly introduced empty
nodes by later validators, specifically auto-closing and child validation.
The Injector is only meant to be used on HTML-ish languages.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 16:09:14 -04:00

88 lines
3.2 KiB
PHP

<?php
/**
* This test is kinda weird, because it doesn't test the full safe object
* functionality, just a small section of it. Or maybe it's actually the right
* way.
*/
class HTMLPurifier_Injector_SafeObjectTest extends HTMLPurifier_InjectorHarness
{
function setup() {
parent::setup();
// there is no AutoFormat.SafeObject directive
$this->config->set('AutoFormat', 'Custom', array(new HTMLPurifier_Injector_SafeObject()));
$this->config->set('HTML', 'Trusted', true);
}
function testPreserve() {
$this->assertResult(
'<b>asdf</b>'
);
}
function testRemoveStrayParam() {
$this->assertResult(
'<param />',
''
);
}
function testEditObjectParam() {
$this->assertResult(
'<object></object>',
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
);
}
function testIgnoreStrayParam() {
$this->assertResult(
'<object><param /></object>',
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
);
}
function testIgnoreDuplicates() {
$this->assertResult(
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
);
}
function testIgnoreBogusData() {
$this->assertResult(
'<object><param name="allowScriptAccess" value="always" /><param name="allowNetworking" value="always" /></object>',
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
);
}
function testIgnoreInvalidData() {
$this->assertResult(
'<object><param name="foo" value="bar" /></object>',
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
);
}
function testKeepValidData() {
$this->assertResult(
'<object><param name="movie" value="bar" /></object>',
'<object data="bar"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="movie" value="bar" /></object>'
);
}
function testNested() {
$this->assertResult(
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><object></object></object>',
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object></object>'
);
}
function testNotActuallyNested() {
$this->assertResult(
'<object><p><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></p></object>',
'<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><p></p></object>'
);
}
}