URI.Munge munges https to http URIs.
[htmlpurifier.git] / tests / HTMLPurifier / URIFilter / MungeTest.php
blob1acf11ea7a78729ec7b95128db505e08e1fc5fb7
1 <?php
3 class HTMLPurifier_URIFilter_MungeTest extends HTMLPurifier_URIFilterHarness
6 function setUp() {
7 parent::setUp();
8 $this->filter = new HTMLPurifier_URIFilter_Munge();
11 protected function setMunge($uri = 'http://www.google.com/url?q=%s') {
12 $this->config->set('URI.Munge', $uri);
15 protected function setSecureMunge($key = 'secret') {
16 $this->setMunge('/redirect.php?url=%s&checksum=%t');
17 $this->config->set('URI.MungeSecretKey', $key);
20 function testMunge() {
21 $this->setMunge();
22 $this->assertFiltering(
23 'http://www.example.com/',
24 'http://www.google.com/url?q=http%3A%2F%2Fwww.example.com%2F'
28 function testMungeReplaceTagName() {
29 $this->setMunge('/r?tagname=%n&url=%s');
30 $token = new HTMLPurifier_Token_Start('a');
31 $this->context->register('CurrentToken', $token);
32 $this->assertFiltering('http://google.com', '/r?tagname=a&url=http%3A%2F%2Fgoogle.com');
35 function testMungeReplaceAttribute() {
36 $this->setMunge('/r?attr=%m&url=%s');
37 $attr = 'href';
38 $this->context->register('CurrentAttr', $attr);
39 $this->assertFiltering('http://google.com', '/r?attr=href&url=http%3A%2F%2Fgoogle.com');
42 function testMungeReplaceResource() {
43 $this->setMunge('/r?embeds=%r&url=%s');
44 $embeds = false;
45 $this->context->register('EmbeddedURI', $embeds);
46 $this->assertFiltering('http://google.com', '/r?embeds=&url=http%3A%2F%2Fgoogle.com');
49 function testMungeReplaceCSSProperty() {
50 $this->setMunge('/r?property=%p&url=%s');
51 $property = 'background';
52 $this->context->register('CurrentCSSProperty', $property);
53 $this->assertFiltering('http://google.com', '/r?property=background&url=http%3A%2F%2Fgoogle.com');
56 function testIgnoreEmbedded() {
57 $this->setMunge();
58 $embeds = true;
59 $this->context->register('EmbeddedURI', $embeds);
60 $this->assertFiltering('http://example.com');
63 function testProcessEmbedded() {
64 $this->setMunge();
65 $this->config->set('URI.MungeResources', true);
66 $embeds = true;
67 $this->context->register('EmbeddedURI', $embeds);
68 $this->assertFiltering('http://www.example.com/', 'http://www.google.com/url?q=http%3A%2F%2Fwww.example.com%2F');
71 function testPreserveRelative() {
72 $this->setMunge();
73 $this->assertFiltering('index.html');
76 function testMungeIgnoreUnknownSchemes() {
77 $this->setMunge();
78 $this->assertFiltering('javascript:foobar();', true);
81 function testSecureMungePreserve() {
82 $this->setSecureMunge();
83 $this->assertFiltering('/local');
86 function testSecureMungePreserveEmbedded() {
87 $this->setSecureMunge();
88 $embedded = true;
89 $this->context->register('EmbeddedURI', $embedded);
90 $this->assertFiltering('http://google.com');
93 function testSecureMungeStandard() {
94 $this->setSecureMunge();
95 $this->assertFiltering('http://google.com', '/redirect.php?url=http%3A%2F%2Fgoogle.com&checksum=0072e2f817fd2844825def74e54443debecf0892');
98 function testSecureMungeIgnoreUnknownSchemes() {
99 // This should be integration tested as well to be false
100 $this->setSecureMunge();
101 $this->assertFiltering('javascript:', true);
104 function testSecureMungeIgnoreUnbrowsableSchemes() {
105 $this->setSecureMunge();
106 $this->assertFiltering('news:', true);
109 function testSecureMungeToDirectory() {
110 $this->setSecureMunge();
111 $this->setMunge('/links/%s/%t');
112 $this->assertFiltering('http://google.com', '/links/http%3A%2F%2Fgoogle.com/0072e2f817fd2844825def74e54443debecf0892');
115 function testMungeIgnoreSameDomain() {
116 $this->setMunge('http://example.com/%s');
117 $this->assertFiltering('http://example.com/foobar');
120 function testMungeIgnoreSameDomainInsecureToSecure() {
121 $this->setMunge('http://example.com/%s');
122 $this->assertFiltering('https://example.com/foobar');
125 function testMungeIgnoreSameDomainSecureToSecure() {
126 $this->config->set('URI.Base', 'https://example.com');
127 $this->setMunge('http://example.com/%s');
128 $this->assertFiltering('https://example.com/foobar');
131 function testMungeSameDomainSecureToInsecure() {
132 $this->config->set('URI.Base', 'https://example.com');
133 $this->setMunge('/%s');
134 $this->assertFiltering('http://example.com/foobar', '/http%3A%2F%2Fexample.com%2Ffoobar');
137 function testMungeIgnoresSourceHost() {
138 $this->config->set('URI.Host', 'foo.example.com');
139 $this->setMunge('http://example.com/%s');
140 $this->assertFiltering('http://foo.example.com/bar');
145 // vim: et sw=4 sts=4