Prepended constants with C_ to avoid reserved words as per https://www.php.net/manual...
[htmlpurifier/darkodev.git] / tests / HTMLPurifier / URIFilter / MungeTest.php
blobaddaaf917685eb2d49387205733ba04f4913e3db
1 <?php
3 class HTMLPurifier_URIFilter_MungeTest extends HTMLPurifier_URIFilterHarness
6 public function setUp()
8 parent::setUp();
9 $this->filter = new HTMLPurifier_URIFilter_Munge();
12 protected function setMunge($uri = 'http://www.google.com/url?q=%s')
14 $this->config->set('URI.Munge', $uri);
17 protected function setSecureMunge($key = 'secret')
19 if (!function_exists('hash_hmac')) return false;
20 $this->setMunge('/redirect.php?url=%s&checksum=%t');
21 $this->config->set('URI.MungeSecretKey', $key);
22 return true;
25 public function testMunge()
27 $this->setMunge();
28 $this->assertFiltering(
29 'http://www.example.com/',
30 'http://www.google.com/url?q=http%3A%2F%2Fwww.example.com%2F'
34 public function testMungeReplaceTagName()
36 $this->setMunge('/r?tagname=%n&url=%s');
37 $token = new HTMLPurifier_Token_Start('a');
38 $this->context->register('CurrentToken', $token);
39 $this->assertFiltering('http://google.com', '/r?tagname=a&url=http%3A%2F%2Fgoogle.com');
42 public function testMungeReplaceAttribute()
44 $this->setMunge('/r?attr=%m&url=%s');
45 $attr = 'href';
46 $this->context->register('CurrentAttr', $attr);
47 $this->assertFiltering('http://google.com', '/r?attr=href&url=http%3A%2F%2Fgoogle.com');
50 public function testMungeReplaceResource()
52 $this->setMunge('/r?embeds=%r&url=%s');
53 $embeds = false;
54 $this->context->register('EmbeddedURI', $embeds);
55 $this->assertFiltering('http://google.com', '/r?embeds=&url=http%3A%2F%2Fgoogle.com');
58 public function testMungeReplaceCSSProperty()
60 $this->setMunge('/r?property=%p&url=%s');
61 $property = 'background';
62 $this->context->register('CurrentCSSProperty', $property);
63 $this->assertFiltering('http://google.com', '/r?property=background&url=http%3A%2F%2Fgoogle.com');
66 public function testIgnoreEmbedded()
68 $this->setMunge();
69 $embeds = true;
70 $this->context->register('EmbeddedURI', $embeds);
71 $this->assertFiltering('http://example.com');
74 public function testProcessEmbedded()
76 $this->setMunge();
77 $this->config->set('URI.MungeResources', true);
78 $embeds = true;
79 $this->context->register('EmbeddedURI', $embeds);
80 $this->assertFiltering('http://www.example.com/', 'http://www.google.com/url?q=http%3A%2F%2Fwww.example.com%2F');
83 public function testPreserveRelative()
85 $this->setMunge();
86 $this->assertFiltering('index.html');
89 public function testMungeIgnoreUnknownSchemes()
91 $this->setMunge();
92 $this->assertFiltering('javascript:foobar();', true);
95 public function testSecureMungePreserve()
97 if (!$this->setSecureMunge()) return;
98 $this->assertFiltering('/local');
101 public function testSecureMungePreserveEmbedded()
103 if (!$this->setSecureMunge()) return;
104 $embedded = true;
105 $this->context->register('EmbeddedURI', $embedded);
106 $this->assertFiltering('http://google.com');
109 public function testSecureMungeStandard()
111 if (!$this->setSecureMunge()) return;
112 $this->assertFiltering('http://google.com', '/redirect.php?url=http%3A%2F%2Fgoogle.com&checksum=46267a796aca0ea5839f24c4c97ad2648373a4eca31b1c0d1fa7c7ff26798f79');
115 public function testSecureMungeIgnoreUnknownSchemes()
117 // This should be integration tested as well to be false
118 if (!$this->setSecureMunge()) return;
119 $this->assertFiltering('javascript:', true);
122 public function testSecureMungeIgnoreUnbrowsableSchemes()
124 if (!$this->setSecureMunge()) return;
125 $this->assertFiltering('news:', true);
128 public function testSecureMungeToDirectory()
130 if (!$this->setSecureMunge()) return;
131 $this->setMunge('/links/%s/%t');
132 $this->assertFiltering('http://google.com', '/links/http%3A%2F%2Fgoogle.com/46267a796aca0ea5839f24c4c97ad2648373a4eca31b1c0d1fa7c7ff26798f79');
135 public function testMungeIgnoreSameDomain()
137 $this->setMunge('http://example.com/%s');
138 $this->assertFiltering('http://example.com/foobar');
141 public function testMungeIgnoreSameDomainInsecureToSecure()
143 $this->setMunge('http://example.com/%s');
144 $this->assertFiltering('https://example.com/foobar');
147 public function testMungeIgnoreSameDomainSecureToSecure()
149 $this->config->set('URI.Base', 'https://example.com');
150 $this->setMunge('http://example.com/%s');
151 $this->assertFiltering('https://example.com/foobar');
154 public function testMungeSameDomainSecureToInsecure()
156 $this->config->set('URI.Base', 'https://example.com');
157 $this->setMunge('/%s');
158 $this->assertFiltering('http://example.com/foobar', '/http%3A%2F%2Fexample.com%2Ffoobar');
161 public function testMungeIgnoresSourceHost()
163 $this->config->set('URI.Host', 'foo.example.com');
164 $this->setMunge('http://example.com/%s');
165 $this->assertFiltering('http://foo.example.com/bar');
170 // vim: et sw=4 sts=4