Bug 19531: When saving patron record do not redirect to circ if not authorised
[koha.git] / t / Scrubber.t
blob9bcd003636ab8e67f3211763e9c3da220056fd8d
1 #!/usr/bin/perl
3 use strict;
4 use warnings;
6 $| = 1;
7 use Test::More tests => 29;
8 use Test::Warn;
10 BEGIN {
11 use FindBin;
12 use lib $FindBin::Bin;
13 use_ok('C4::Scrubber');
16 sub pretty_line {
17 my $max = 54;
18 (@_) or return "#" x $max . "\n";
19 my $phrase = " " . shift() . " ";
20 my $half = "#" x (($max - length($phrase))/2);
21 return $half . $phrase . $half . "\n";
24 my ($scrubber,$html,$result,@types,$collapse);
25 $collapse = 1;
26 @types = qw(default comment tag staff);
27 $html = q|
28 <![CDATA[selfdestruct]]&#x5d;>
29 <?php echo(" EVIL EVIL EVIL "); ?> <!-- COMMENT -->
30 <hr> <!-- TMPL_VAR NAME="password" -->
31 <style type="text/css">body{display:none;}</style>
32 <link media="screen" type="text/css" rev="stylesheet" rel="stylesheet" href="css.css">
33 <I FAKE="attribute" > I am ITALICS with fake="attribute" </I><br />
34 <em FAKE="attribute" > I am em with fake="attribute" </em><br />
35 <B> I am BOLD </B><br />
36 <span style="background-image: url(http://hackersite.cn/porno.jpg);"> I am a span w/ style. Bad style.</span>
37 <span> I am a span trying to inject a link: &lt;a href="badlink.html"&gt; link &lt;/a&gt;</span>
38 <br>
39 <A NAME="evil">
40 <A HREF="javascript:alert('OMG YOO R HACKED');">I am a link firing javascript.</A>
41 <br />
42 <A HREF="image/bigone.jpg" ONMOUSEOVER="alert('OMG YOO R HACKED');">
43 <IMG SRC="image/smallone.jpg" ALT="ONMOUSEOVER JAVASCRIPT">
44 </A>
45 </A> <br>
46 At the end here, I actually have some regular text.
49 ok($scrubber = C4::Scrubber->new(), "Constructor: C4::Scrubber->new()");
51 isa_ok($scrubber, 'HTML::Scrubber', 'Constructor returns HTML::Scrubber object');
53 warning_like { $scrubber->default() } '', "\$scrubber->default ran without fault.";
54 warning_like { $scrubber->comment() } '', "\$scrubber->comment ran without fault.";
55 warning_like { $scrubber->process() } '', "\$scrubber->process ran without fault.";
57 ok($result = $scrubber->scrub($html), "Getting scrubbed text (type: [default])");
59 foreach(@types) {
60 ok($scrubber = C4::Scrubber->new($_), "testing Constructor: C4::Scrubber->new($_)");
62 warning_like { $scrubber->default() } '', "\$scrubber->default ran without fault.";
63 warning_like { $scrubber->comment() } '', "\$scrubber->comment ran without fault.";
64 warning_like { $scrubber->process() } '', "\$scrubber->process ran without fault.";
66 ok($result = $scrubber->scrub($html), "Getting scrubbed text (type: $_)");
69 #Test for invalid new entry
70 eval{
71 C4::Scrubber->new("");
72 fail("test should fail on entry of ''");
74 if ($@) {
75 pass("Test should have failed on entry of '' (empty string) and it did. YAY!");
78 eval{
79 C4::Scrubber->new("Client");
80 fail("test should fail on entry of 'Client'");
82 if ($@) {
83 pass("Test should have failed on entry of 'Client' and it did. YAY!");