Firefox '
.'Internet Explorer '
.'Firefox '
.'Internet Explorer
';
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertNotRegExp('/data:text/', $washed, "Remove data:text/html links");
$this->assertNotRegExp('/vbscript:/', $washed, "Remove vbscript: links");
}
/**
* Test fixing of invalid href (#1488940)
*/
function test_href()
{
$html = "Firefox ";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('|href="http://test.com">|', $washed, "Link href with newlines (#1488940)");
}
/**
* Test XSS in area's href (#5240)
*/
function test_href_area()
{
$html = '
'
. '
'
. 'p2
";
$washed = $washer->wash($html);
$this->assertEquals('p2
', $washed, "HTML conditional comments (#1489004)");
$html = "test
', $washed, "HTML invalid comments (#1487759)");
$html = "para1
para2
";
$washed = $washer->wash($html);
$this->assertEquals('para1
para2
', $washed, "HTML comments - simple comment");
$html = "para1
para2
";
$washed = $washer->wash($html);
$this->assertEquals('para1
para2
', $washed, "HTML comments - tags inside (#1489904)");
}
/**
* Test fixing of invalid self-closing elements (#1489137)
*/
function test_self_closing()
{
$html = "|', $washed, "Self-closing textarea (#1489137)");
}
/**
* Test fixing of invalid closing tags (#1489446)
*/
function test_closing_tag_attrs()
{
$html = "test ";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('||', $washed, "Invalid closing tag (#1489446)");
}
/**
* Test fixing of invalid lists nesting (#1488768)
*/
function test_lists()
{
$data = array(
array(
"First Second Third First Second Third First First FirstFirst sub FirstFirst sub a
";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('|color: rgb\(241, 245, 218\)|', $washed, "Color style (#1489697)");
$this->assertRegExp('|font-size: 10px|', $washed, "Font-size style");
}
/**
* Test handling of unicode chars in style (#1489777)
*/
function test_style_unicode()
{
$html = "test ";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('|style="font-family: \"新細明體\",\"serif\"; color: red"|', $washed, "Unicode chars in style attribute - quoted (#1489697)");
$html = "test ";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('|style="font-family: 新細明體; color: red"|', $washed, "Unicode chars in style attribute (#1489697)");
}
/**
* Test style item fixes
*/
function test_style_wash()
{
$html = "a
";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('|line-height: 1;|', $washed, "Untouched line-height (#1489917)");
$this->assertRegExp('|; height: 10px|', $washed, "Fixed height units");
$html = "
";
$expected = "
";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertTrue(strpos($washed, $expected) !== false, "White-space and new-line characters handling");
}
/**
* Test invalid style cleanup - XSS prevention (#1490227)
*/
function test_style_wash_xss()
{
$html = "
An example text
';
$exp = '
410
An example text
';
$washer = new rcube_washtml;
$washed = $washer->wash($svg);
$this->assertSame($washed, $exp, "SVG content");
}
/**
* Test position:fixed cleanup - (#5264)
*/
function test_style_wash_position_fixed()
{
$html = "
I D =
1 2 k n W L (
V G S - V t
) 2
I_D = \frac{1}{2} k_n \frac{W}{L} (V_{GS}-V_t)^2
I D =
1 2 k n W L (
V G S - V t
) 2
I_D = \frac{1}{2} k_n \frac{W}{L} (V_{GS}-V_t)^2
";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertTrue($washer->extlinks);
$this->assertNotContains('TRACKING', $washed, "Src attribute of tag (#5583)");
}
/**
* Test external links
*/
function test_extlinks()
{
$html = array(
array("test
';
$washed = $washer->wash($html);
$this->assertContains('id="testmy-id"', $washed);
$this->assertContains('for="testmy-other-id"', $washed);
$this->assertContains('class="testmy-class1 testmy-class2"', $washed);
}
}