4 * This test is kinda weird, because it doesn't test the full safe object
5 * functionality, just a small section of it. Or maybe it's actually the right
8 class HTMLPurifier_Injector_SafeObjectTest
extends HTMLPurifier_InjectorHarness
13 $this->config
->set('AutoFormat', 'Custom', array(new HTMLPurifier_Injector_SafeObject()));
14 $this->config
->set('HTML', 'Trusted', true);
17 function testPreserve() {
23 function testRemoveStrayParam() {
30 function testEditObjectParam() {
33 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
37 function testIgnoreStrayParam() {
39 '<object><param /></object>',
40 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
44 function testIgnoreDuplicates() {
46 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
50 function testIgnoreBogusData() {
52 '<object><param name="allowScriptAccess" value="always" /><param name="allowNetworking" value="always" /></object>',
53 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
57 function testIgnoreInvalidData() {
59 '<object><param name="foo" value="bar" /></object>',
60 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
64 function testKeepValidData() {
66 '<object><param name="movie" value="bar" /></object>',
67 '<object data="bar"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="movie" value="bar" /></object>'
71 function testNested() {
73 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><object></object></object>',
74 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object></object>'
78 function testNotActuallyNested() {
80 '<object><p><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></p></object>',
81 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><p></p></object>'