fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-05 09:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Properly handle "loading" and "sandbox" attributes of iframes

Browse source
This commit is contained in:
Kijin Sung 2023-12-12 19:05:40 +09:00
parent b299dd02dc
commit b344bbfb26
2 changed files with 40 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
tests/unit/framework/filters/HTMLFilterTest.php
View file

@ -130,6 +130,14 @@ class HTMLFilterTest extends \Codeception\Test\Unit
$target = '<iframe src="https://www.youtube.com/" referrerpolicy="no-referrer"></iframe>';
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
$source = '<iframe src="https://www.youtube.com/" loading="lazy" sandbox="allow-presentation allow-scripts allow-whatever"></iframe>';
$target = '<iframe src="https://www.youtube.com/" loading="lazy" sandbox="allow-presentation allow-scripts"></iframe>';
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
$source = '<iframe src="https://www.youtube.com/" loading="invalid" sandbox=" "></iframe>';
$target = '<iframe src="https://www.youtube.com/" sandbox=""></iframe>';
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
$source = '<object type="application/x-shockwave-flash" width="640px" height="360px" align="middle" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,3,0,0">' .
'<param name="movie" value="http://videofarm.daum.net/controller/player/VodPlayer.swf" />' .
'<param name="allowScriptAccess" value="always" />' .