You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161
  1. <?php
  2. /**
  3. * @todo Aim for complete code coverage with mocks
  4. */
  5. class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
  6. {
  7. public function setUp()
  8. {
  9. $this->def = new HTMLPurifier_AttrDef_URI();
  10. parent::setUp();
  11. }
  12. public function testIntegration()
  13. {
  14. $this->assertDef('http://www.google.com/');
  15. $this->assertDef('http:', '');
  16. $this->assertDef('http:/foo', '/foo');
  17. $this->assertDef('javascript:bad_stuff();', false);
  18. $this->assertDef('ftp://www.example.com/');
  19. $this->assertDef('news:rec.alt');
  20. $this->assertDef('nntp://news.example.com/324234');
  21. $this->assertDef('mailto:bob@example.com');
  22. }
  23. public function testIntegrationWithPercentEncoder()
  24. {
  25. $this->assertDef(
  26. 'http://www.example.com/%56%fc%GJ%5%FC',
  27. 'http://www.example.com/V%FC%25GJ%255%FC'
  28. );
  29. }
  30. public function testPercentEncoding()
  31. {
  32. $this->assertDef(
  33. 'http:colon:mercenary',
  34. 'colon%3Amercenary'
  35. );
  36. }
  37. public function testPercentEncodingPreserve()
  38. {
  39. $this->assertDef(
  40. 'http://www.example.com/abcABC123-_.!~*()\''
  41. );
  42. }
  43. public function testEmbeds()
  44. {
  45. $this->def = new HTMLPurifier_AttrDef_URI(true);
  46. $this->assertDef('http://sub.example.com/alas?foo=asd');
  47. $this->assertDef('mailto:foo@example.com', false);
  48. }
  49. public function testConfigMunge()
  50. {
  51. $this->config->set('URI.Munge', 'http://www.google.com/url?q=%s');
  52. $this->assertDef(
  53. 'http://www.example.com/',
  54. 'http://www.google.com/url?q=http%3A%2F%2Fwww.example.com%2F'
  55. );
  56. $this->assertDef('index.html');
  57. $this->assertDef('javascript:foobar();', false);
  58. }
  59. public function testDefaultSchemeRemovedInBlank()
  60. {
  61. $this->assertDef('http:', '');
  62. }
  63. public function testDefaultSchemeRemovedInRelativeURI()
  64. {
  65. $this->assertDef('http:/foo/bar', '/foo/bar');
  66. }
  67. public function testDefaultSchemeNotRemovedInAbsoluteURI()
  68. {
  69. $this->assertDef('http://example.com/foo/bar');
  70. }
  71. public function testAltSchemeNotRemoved()
  72. {
  73. $this->assertDef('mailto:this-looks-like-a-path@example.com');
  74. }
  75. public function testResolveNullSchemeAmbiguity()
  76. {
  77. $this->assertDef('///foo', '/foo');
  78. }
  79. public function testResolveNullSchemeDoubleAmbiguity()
  80. {
  81. $this->config->set('URI.Host', 'example.com');
  82. $this->assertDef('////foo', '//example.com//foo');
  83. }
  84. public function testURIDefinitionValidation()
  85. {
  86. $parser = new HTMLPurifier_URIParser();
  87. $uri = $parser->parse('http://example.com');
  88. $this->config->set('URI.DefinitionID', 'HTMLPurifier_AttrDef_URITest->testURIDefinitionValidation');
  89. generate_mock_once('HTMLPurifier_URIDefinition');
  90. $uri_def = new HTMLPurifier_URIDefinitionMock();
  91. $uri_def->expectOnce('filter', array($uri, '*', '*'));
  92. $uri_def->setReturnValue('filter', true, array($uri, '*', '*'));
  93. $uri_def->expectOnce('postFilter', array($uri, '*', '*'));
  94. $uri_def->setReturnValue('postFilter', true, array($uri, '*', '*'));
  95. $uri_def->setup = true;
  96. // Since definitions are no longer passed by reference, we need
  97. // to muck around with the cache to insert our mock. This is
  98. // technically a little bad, since the cache shouldn't change
  99. // behavior, but I don't feel too good about letting users
  100. // overload entire definitions.
  101. generate_mock_once('HTMLPurifier_DefinitionCache');
  102. $cache_mock = new HTMLPurifier_DefinitionCacheMock();
  103. $cache_mock->setReturnValue('get', $uri_def);
  104. generate_mock_once('HTMLPurifier_DefinitionCacheFactory');
  105. $factory_mock = new HTMLPurifier_DefinitionCacheFactoryMock();
  106. $old = HTMLPurifier_DefinitionCacheFactory::instance();
  107. HTMLPurifier_DefinitionCacheFactory::instance($factory_mock);
  108. $factory_mock->setReturnValue('create', $cache_mock);
  109. $this->assertDef('http://example.com');
  110. HTMLPurifier_DefinitionCacheFactory::instance($old);
  111. }
  112. public function test_make()
  113. {
  114. $factory = new HTMLPurifier_AttrDef_URI();
  115. $def = $factory->make('');
  116. $def2 = new HTMLPurifier_AttrDef_URI();
  117. $this->assertIdentical($def, $def2);
  118. $def = $factory->make('embedded');
  119. $def2 = new HTMLPurifier_AttrDef_URI(true);
  120. $this->assertIdentical($def, $def2);
  121. }
  122. /*
  123. public function test_validate_configWhitelist()
  124. {
  125. $this->config->set('URI.HostPolicy', 'DenyAll');
  126. $this->config->set('URI.HostWhitelist', array(null, 'google.com'));
  127. $this->assertDef('http://example.com/fo/google.com', false);
  128. $this->assertDef('server.txt');
  129. $this->assertDef('ftp://www.google.com/?t=a');
  130. $this->assertDef('http://google.com.tricky.spamsite.net', false);
  131. }
  132. */
  133. }
  134. // vim: et sw=4 sts=4