2017-03-19 22:00:09 +00:00
< ? php
namespace Zotlabs\Tests\Unit\includes ;
use Zotlabs\Tests\Unit\UnitTestCase ;
/**
2017-10-27 23:22:59 +00:00
* @ brief Unit Test case for include / text . php file .
2017-03-19 22:00:09 +00:00
*
* @ author ken restivo
*/
class TextTest extends UnitTestCase {
public function testPurifyHTML () {
2017-03-20 23:13:43 +00:00
// linebreaks
$htmlbr = ' first line < br />
one tab preserved
empty line above ' ;
$this -> assertEquals ( $htmlbr , purify_html ( $htmlbr ));
2017-03-19 22:00:09 +00:00
2017-03-20 23:13:43 +00:00
// HTML5 is not supported by HTMLPurifier yet, test our own configuration
$html5elements = '<section>section<nav>navigation</nav><article>main<a href="http://hubzilla.org/">hubzilla.org</a></article></section><footer>footer</footer>' ;
2017-03-19 22:00:09 +00:00
$this -> assertEquals ( $html5elements , purify_html ( $html5elements ));
2017-03-20 23:13:43 +00:00
$this -> assertEquals ( '<button>button label</button>' , purify_html ( '<button>button label</button>' ));
2017-03-18 16:50:05 +00:00
// unsupported HTML5 elements
$this -> assertEquals ( 'Your HTML parser does not support HTML5 video.' , purify_html ( '<video controls><source src="movie.ogg" type="video/ogg">Your HTML parser does not support HTML5 video.</video>' ));
$this -> assertEquals ( 'Your HTML parser does not support HTML5 audio.' , purify_html ( '<audio controls><source src="movie.ogg" "type="audio/ogg">Your HTML parser does not support HTML5 audio.</audio>' ));
2017-03-20 23:13:43 +00:00
// preserve f6 and bootstrap additional data attributes from our own configuration
$this -> assertEquals ( '<div data-title="title">text</div>' , purify_html ( '<div data-title="title">text</div>' ));
$this -> assertEquals ( '<ul data-accordion-menu=""><li>item1</li></ul>' , purify_html ( '<ul data-accordion-menu><li>item1</li></ul>' ));
$this -> assertEquals ( '<ul><li>item1</li></ul>' , purify_html ( '<ul data-accordion-menu-unknown><li>item1</li></ul>' ));
}
2017-05-24 21:47:03 +00:00
/**
* @ covers :: purify_html
*/
2017-03-20 23:13:43 +00:00
public function testPurifyHTML_html () {
$this -> assertEquals ( '<div id="id01"><p class="class01">ids und classes</p></div>' , purify_html ( '<div id="id01"><p class="class01">ids und classes</p></div>' ));
$this -> assertEquals ( '<div><p>close missing tags</p></div>' , purify_html ( '<div><p>close missing tags' ));
$this -> assertEquals ( '<center>deprecated tag</center>' , purify_html ( '<center>deprecated tag</center>' ));
$this -> assertEquals ( '<span></span><div>illegal nesting</div>' , purify_html ( '<span><div>illegal nesting</div></span>' ));
$this -> assertEquals ( '<a href="#">link with target</a>' , purify_html ( '<a href="#" target="_blank">link with target</a>' ));
$this -> assertEquals ( '<a href="#">link with rel="nofollow"</a>' , purify_html ( '<a href="#" rel="nofollow">link with rel="nofollow"</a>' ));
$this -> assertEquals ( 'a b' , purify_html ( 'a b' ));
$this -> assertEquals ( 'ä ä € €' , purify_html ( 'ä ä € €' ));
2017-03-18 16:50:05 +00:00
$this -> assertEquals ( '<img src="picture.png" alt="text" />' , purify_html ( '<img src="picture.png" alt="text">' ));
$this -> assertEquals ( '' , purify_html ( '<iframe width="560" height="315" src="https://www.youtube.com/embed/kiNGx5oL7hk" frameborder="0" allowfullscreen></iframe>' ));
2017-03-19 22:00:09 +00:00
}
2017-05-24 21:47:03 +00:00
/**
* @ covers :: purify_html
*/
2017-03-20 23:13:43 +00:00
public function testPurifyHTML_js () {
$this -> assertEquals ( '<div></div>' , purify_html ( '<div><img src="javascript:evil();" onload="evil();"></div>' ));
$this -> assertEquals ( '<a href="#">link</a>' , purify_html ( '<a href="#" onclick="alert(\'xss\')">link</a>' ));
$this -> assertEquals ( '' , purify_html ( '<IMG SRC="javascript:alert('XSS');">' ));
$this -> assertEquals ( '' , purify_html ( '<script>alter("42")</script>' ));
}
2017-05-24 21:47:03 +00:00
/**
* @ covers :: purify_html
*/
2017-03-20 23:13:43 +00:00
public function testPurifyHTML_css () {
$this -> assertEquals ( '<p style="color:#FF0000;background-color:#fff;">red</p>' , purify_html ( '<p style="color:red; background-color:#fff">red</p>' ));
$this -> assertEquals ( '<p>invalid color</p>' , purify_html ( '<p style="color:invalid; background-color:#jjkkmm">invalid color</p>' ));
$this -> assertEquals ( '<p>invalid style</p>' , purify_html ( '<p style="foo:bar">invalid style</p>' ));
// test our own CSS configuration
$this -> assertEquals ( '<div>position removed</div>' , purify_html ( '<div style="position:absolut">position removed</div>' ));
$this -> assertEquals ( '<div style="position:fixed;">position preserved</div>' , purify_html ( '<div style="position:fixed">position preserved</div>' , true ));
$this -> assertEquals ( '<div>invalid position removed</div>' , purify_html ( '<div style="position:invalid">invalid position removed</div>' , true ));
$this -> assertEquals ( '<div>position removed</div>' , purify_html ( '<div style="top:10px; left:3em;">position removed</div>' ));
$this -> assertEquals ( '<div style="top:10px;left:3em;right:50%;">position preserved</div>' , purify_html ( '<div style="top:10px; left:3em; right:50%;">position preserved</div>' , true ));
$this -> assertEquals ( '<div>invalid position removed</div>' , purify_html ( '<div style="top:10p">invalid position removed</div>' , true ));
}
2017-10-27 23:22:59 +00:00
/**
* @ dataProvider notagsProvider
*/
public function testNotags ( $string , $expected ) {
$this -> assertEquals ( $expected , notags ( $string ));
}
public function notagsProvider () {
return [
'empty string' => [ '' , '' ],
'simple tag' => [ '<value>' , '[value]' ],
'tag pair' => [ '<b>text</b>' , '[b]text[/b]' ],
'double angle bracket' => [ '<<value' , '[[value' ],
'HTML entity >' => [ '>' , '>' ]
];
}
/**
* @ dataProvider sanitise_aclProvider
*/
public function testSanitise_acl ( $string , $expected ) {
sanitise_acl ( $string );
$this -> assertEquals ( $expected , $string );
}
public function sanitise_aclProvider () {
return [
'text' => [ 'value' , '<value>' ],
'text with angle bracket' => [ '<value>' , '<[value]>' ],
'comma separated acls' => [ 'value1,value2' , '<value1,value2>' ]
];
}
public function testUnsetSanitise_acl () {
$empty = '' ;
sanitise_acl ( $empty );
$this -> assertTrue ( isset ( $empty )); // unset() not working? Would expect false
$this -> assertEmpty ( $empty );
}
2017-03-20 23:13:43 +00:00
}