4 * This test is kinda weird, because it doesn't test the full safe object
5 * functionality, just a small section of it. Or maybe it's actually the right
8 class HTMLPurifier_Injector_SafeObjectTest
extends HTMLPurifier_InjectorHarness
11 public function setup()
14 // there is no AutoFormat.SafeObject directive
15 $this->config
->set('AutoFormat.Custom', array(new HTMLPurifier_Injector_SafeObject()));
16 $this->config
->set('HTML.Trusted', true);
19 public function testPreserve()
26 public function testRemoveStrayParam()
34 public function testEditObjectParam()
38 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
42 public function testIgnoreStrayParam()
45 '<object><param /></object>',
46 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
50 public function testIgnoreDuplicates()
53 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
57 public function testIgnoreBogusData()
60 '<object><param name="allowscriptaccess" value="always" /><param name="allowNetworking" value="always" /></object>',
61 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
65 public function testIgnoreInvalidData()
68 '<object><param name="foo" value="bar" /></object>',
69 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object>'
73 public function testKeepValidData()
76 '<object><param name="movie" value="bar" /></object>',
77 '<object data="bar"><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="movie" value="bar" /></object>'
81 public function testNested()
84 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><object></object></object>',
85 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></object></object>'
89 public function testNotActuallyNested()
92 '<object><p><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /></p></object>',
93 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><p></p></object>'
97 public function testCaseInsensitive()
100 '<object><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><param name="flashVars" value="a" /><param name="FlashVars" value="b" /></object>'
106 // vim: et sw=4 sts=4