tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

MNT Update tests to use a dataprovider

Browse Source 
Also explicitly test both valid_elements and extended_valid_elements
This commit is contained in:
Guy Sartorelli 2024-04-18 14:27:25 +12:00
parent 99e965b5d7
commit 584968e80c
No known key found for this signature in database
GPG Key ID: F313E3B9504D496A
1 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
tests/php/Forms/HTMLEditor/HTMLEditorSanitiserTest.php
View File

@ -11,9 +11,9 @@ use SilverStripe\View\Parsers\HTMLValue;
class HTMLEditorSanitiserTest extends FunctionalTest
{
public function testSanitisation()
public function provideSanitise(): array
{
$tests = [
return [
[
'p,strong',
'<p>Leave Alone</p><div>Strip parent<strong>But keep children</strong> in order</div>',
@ -129,13 +129,20 @@ class HTMLEditorSanitiserTest extends FunctionalTest
'XSS vulnerable attributes starting with on or style are removed via configuration'
],
];
}
$config = HTMLEditorConfig::get('htmleditorsanitisertest');
foreach ($tests as $test) {
list($validElements, $input, $output, $desc) = $test;
$config->setOptions(['valid_elements' => $validElements]);
/**
* @dataProvider provideSanitise
*/
public function testSanitisation(string $validElements, string $input, string $output, string $desc): void
{
foreach (['valid_elements', 'extended_valid_elements'] as $configType) {
$config = HTMLEditorConfig::get('htmleditorsanitisertest_' . $configType);
$config->setOptions([$configType => $validElements]);
// Remove default valid elements if we're testing extended valid elements
if ($configType !== 'valid_elements') {
$config->setOptions(['valid_elements' => '']);
}
$sanitiser = new HtmlEditorSanitiser($config);
$value = 'noopener noreferrer';
@ -144,12 +151,13 @@ class HTMLEditorSanitiserTest extends FunctionalTest
} elseif (strpos($desc ?? '', 'link_rel_value is null') !== false) {
$value = null;
}
Config::inst()->set(HTMLEditorSanitiser::class, 'link_rel_value', $value);
HTMLEditorSanitiser::config()->set('link_rel_value', $value);
$htmlValue = HTMLValue::create($input);
$sanitiser->sanitise($htmlValue);
$this->assertEquals($output, $htmlValue->getContent(), $desc);
$this->assertEquals($output, $htmlValue->getContent(), "{$desc} - using config type: {$configType}");
}
}
}