fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-01 16:22:41 +09:00
Code Issues Projects Releases Packages Wiki Activity

Add MediaFilter class to absorb most EmbedFilter functionality

Browse source
This commit is contained in:
Kijin Sung 2016-03-13 09:51:15 +09:00
parent 3d3fa6d7d3
commit 7ecd9230c2
7 changed files with 266 additions and 1888 deletions
Download patch file Download diff file Expand all files Collapse all files

16
tests/unit/framework/security/HTMLFilterTest.php
View file

@ -64,20 +64,4 @@ class HTMLFilterTest extends \Codeception\TestCase\Test
$this->assertEquals($test[1], Rhymix\Framework\Security\HTMLFilter::clean($test[0]));
}
}
public function testRemoveEmbeddedMedia()
{
$tests = array(
'<div><object></object></div>' => '<div></div>',
'<div><object><embed></embed></object></div>' => '<div></div>',
'<div><object><param /></object></div>' => '<div></div>',
'<div><img class="foo" editor_component="multimedia_link" /></div>' => '<div></div>',
'<div><img editor_component="multimedia_link"></img></div>' => '<div></div>',
);
foreach ($tests as $from => $to)
{
$this->assertEquals($to, Rhymix\Framework\Security\HTMLFilter::removeEmbeddedMedia($from));
}
}
}

47
tests/unit/framework/security/MediaFilterTest.php Normal file
View file

@ -0,0 +1,47 @@
<?php
class MediaFilterTest extends \Codeception\TestCase\Test
{
public function testWhitelists()
{
// iframe whitelist as array.
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Security\MediaFilter::getIframeWhitelist()));
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Security\MediaFilter::getIframeWhitelist()));
// iframe whitelist as regex.
$this->assertTrue(strpos(Rhymix\Framework\Security\MediaFilter::getIframeWhitelistRegex(), '|www\.youtube\.com/') !== false);
$this->assertFalse(strpos(Rhymix\Framework\Security\MediaFilter::getIframeWhitelistRegex(), 'www.youtube.com/') !== false);
// Match individual URL against iframe whitelist.
$this->assertTrue(Rhymix\Framework\Security\MediaFilter::matchIframeWhitelist('https://www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Security\MediaFilter::matchIframeWhitelist('http://www-youtube.com/v'));
// object whitelist as array.
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Security\MediaFilter::getObjectWhitelist()));
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Security\MediaFilter::getObjectWhitelist()));
// object whitelist as regex.
$this->assertTrue(strpos(Rhymix\Framework\Security\MediaFilter::getObjectWhitelistRegex(), '|www\.youtube\.com/') !== false);
$this->assertFalse(strpos(Rhymix\Framework\Security\MediaFilter::getObjectWhitelistRegex(), 'www.youtube.com/') !== false);
// Match individual URL against object whitelist.
$this->assertTrue(Rhymix\Framework\Security\MediaFilter::matchObjectWhitelist('https://www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Security\MediaFilter::matchObjectWhitelist('http://www-youtube.com/v'));
}
public function testRemoveEmbeddedMedia()
{
$tests = array(
'<div><object></object></div>' => '<div></div>',
'<div><object><embed></embed></object></div>' => '<div></div>',
'<div><object><param /></object></div>' => '<div></div>',
'<div><img class="foo" editor_component="multimedia_link" /></div>' => '<div></div>',
'<div><img editor_component="multimedia_link"></img></div>' => '<div></div>',
);
foreach ($tests as $from => $to)
{
$this->assertEquals($to, Rhymix\Framework\Security\MediaFilter::removeEmbeddedMedia($from));
}
}
}