mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-23 08:51:53 +00:00
bf0d659c47
- DirectLex now honors comments with greater than or less than signs in them - Comments are transformed into script elements, ending comments are scrapped - Buggy generator code rewritten to be more error-proof - AttrValidator checks if token has attributes before processing - Remove invalid documentation from Scripting - "Commenting" of script elements switched to the more advanced version git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1189 48356398-32a2-884e-a903-53898d9a118a
98 lines
2.7 KiB
PHP
98 lines
2.7 KiB
PHP
<?php
|
|
|
|
require_once 'HTMLPurifier/StrategyHarness.php';
|
|
require_once 'HTMLPurifier/Strategy/RemoveForeignElements.php';
|
|
|
|
class HTMLPurifier_Strategy_RemoveForeignElementsTest
|
|
extends HTMLPurifier_StrategyHarness
|
|
{
|
|
|
|
function setUp() {
|
|
parent::setUp();
|
|
$this->obj = new HTMLPurifier_Strategy_RemoveForeignElements();
|
|
}
|
|
|
|
function test() {
|
|
|
|
$this->config = array('HTML.Doctype' => 'XHTML 1.0 Strict');
|
|
|
|
$this->assertResult('');
|
|
|
|
$this->assertResult('This is <b>bold text</b>.');
|
|
|
|
$this->assertResult(
|
|
'<asdf>Bling</asdf><d href="bang">Bong</d><foobar />',
|
|
'BlingBong'
|
|
);
|
|
|
|
$this->assertResult(
|
|
'<script>alert();</script>',
|
|
''
|
|
);
|
|
|
|
$this->assertResult(
|
|
'<script>alert();</script>',
|
|
'alert();',
|
|
array('Core.RemoveScriptContents' => false)
|
|
);
|
|
|
|
$this->assertResult(
|
|
'<menu><li>Item 1</li></menu>',
|
|
'<ul><li>Item 1</li></ul>'
|
|
);
|
|
|
|
// test center transform
|
|
$this->assertResult(
|
|
'<center>Look I am Centered!</center>',
|
|
'<div style="text-align:center;">Look I am Centered!</div>'
|
|
);
|
|
|
|
// test font transform
|
|
$this->assertResult(
|
|
'<font color="red" face="Arial" size="6">Big Warning!</font>',
|
|
'<span style="color:red;font-family:Arial;font-size:xx-large;">Big'.
|
|
' Warning!</span>'
|
|
);
|
|
|
|
// test removal of invalid img tag
|
|
$this->assertResult(
|
|
'<img />',
|
|
''
|
|
);
|
|
|
|
// test preservation of valid img tag
|
|
$this->assertResult('<img src="foobar.gif" alt="foobar.gif" />');
|
|
|
|
// test preservation of invalid img tag when removal is disabled
|
|
$this->assertResult(
|
|
'<img />',
|
|
true,
|
|
array(
|
|
'Core.RemoveInvalidImg' => false
|
|
)
|
|
);
|
|
|
|
// test transform to unallowed element
|
|
$this->assertResult(
|
|
'<font color="red" face="Arial" size="6">Big Warning!</font>',
|
|
'Big Warning!',
|
|
array('HTML.Allowed' => 'div')
|
|
);
|
|
|
|
// text-ify commented script contents ( the trailing comment gets
|
|
// removed during generation )
|
|
$this->assertResult(
|
|
'<script type="text/javascript"><!--
|
|
alert(<b>bold</b>);
|
|
// --></script>',
|
|
'<script type="text/javascript">
|
|
alert(<b>bold</b>);
|
|
// </script>',
|
|
array('HTML.Trusted' => true, 'Output.CommentScriptContents' => false)
|
|
);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|