6 use Test
::More tests
=> 11;
10 use_ok
('C4::Scrubber');
15 (@_) or return "#" x
$max . "\n";
16 my $phrase = " " . shift() . " ";
17 my $half = "#" x
(($max - length($phrase))/2);
18 return $half . $phrase . $half . "\n";
21 my ($scrubber,$html,$result,@types,$collapse);
23 @types = qw(comment tag);
25 <![CDATA
[selfdestruct
]]]>
26 <?php echo
(" EVIL EVIL EVIL "); ?
> <!-- COMMENT
-->
27 <hr
> <!-- TMPL_VAR NAME
="password" -->
28 <style type
="text/css">body
{display
:none
;}</style
>
29 <link media
="screen" type
="text/css" rev
="stylesheet" rel
="stylesheet" href
="css.css">
30 <I FAKE
="attribute" > I am ITALICS with fake
="attribute" </I><br />
31 <em FAKE
="attribute" > I am em with fake
="attribute" </em><br />
32 <B
> I am BOLD
</B><br />
33 <span style
="background-image: url(http://hackersite.cn/porno.jpg);"> I am a span w
/ style
. Bad style
.</span
>
34 <span
> I am a span trying to inject a
link: <a href
="badlink.html"> link </a></span
>
37 <A HREF
="javascript:alert('OMG YOO R HACKED');">I am a
link firing javascript
.</A
>
39 <A HREF
="image/bigone.jpg" ONMOUSEOVER
="alert('OMG YOO R HACKED');">
40 <IMG SRC
="image/smallone.jpg" ALT
="ONMOUSEOVER JAVASCRIPT">
43 At the end here
, I actually have some regular text
.
46 print pretty_line
("Original HTML:"), $html, "\n", pretty_line
();
47 $collapse and diag
"Note: scrubber test output will have whitespace collapsed for readability\n";
48 ok
($scrubber = C4
::Scrubber
->new(), "Constructor: C4::Scrubber->new()");
50 isa_ok
($scrubber, 'HTML::Scrubber', 'Constructor returns HTML::Scrubber object');
52 ok
(printf("# scrubber settings: default %s, comment %s, process %s\n",
53 $scrubber->default(),$scrubber->comment(),$scrubber->process()),
54 "Outputting settings from scrubber object (type: [default])"
56 ok
($result = $scrubber->scrub($html), "Getting scrubbed text (type: [default])");
57 $collapse and $result =~ s/\s*\n\s*/\n/g;
58 print pretty_line
('default'), $result, "\n", pretty_line
();
61 ok
($scrubber = C4
::Scrubber
->new($_), "Constructor: C4::Scrubber->new($_)");
62 ok
(printf("# scrubber settings: default %s, comment %s, process %s\n",
63 $scrubber->default(),$scrubber->comment(),$scrubber->process()),
64 "Outputting settings from scrubber object (type: $_)"
66 ok
($result = $scrubber->scrub($html), "Getting scrubbed text (type: $_)");
67 $collapse and $result =~ s/\s*\n\s*/\n/g;
68 print pretty_line
($_), $result, "\n", pretty_line
();