2015-02-10 03:32:44 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Tests the {@see EditableLiteralField} class
|
|
|
|
*/
|
|
|
|
class EditableLiteralFieldTest extends SapphireTest {
|
|
|
|
|
|
|
|
public function setUp() {
|
|
|
|
parent::setUp();
|
|
|
|
Config::nest();
|
|
|
|
HtmlEditorConfig::set_active('cms');
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function tearDown() {
|
|
|
|
Config::unnest();
|
|
|
|
parent::tearDown();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Tests the sanitisation of HTML content
|
|
|
|
*/
|
|
|
|
public function testSanitisation() {
|
|
|
|
$rawContent = '<h1>Welcome</h1><script>alert("Hello!");</script><p>Giant Robots!</p>';
|
|
|
|
$safeContent = '<h1>Welcome</h1><p>Giant Robots!</p>';
|
|
|
|
$field = new EditableLiteralField();
|
2015-09-11 00:20:06 +02:00
|
|
|
|
2015-02-10 03:32:44 +01:00
|
|
|
// Test with sanitisation enabled
|
|
|
|
Config::inst()->update('HtmlEditorField', 'sanitise_server_side', true);
|
|
|
|
$field->setContent($rawContent);
|
|
|
|
$this->assertEquals($safeContent, $field->getContent());
|
|
|
|
|
|
|
|
// Test with sanitisation disabled
|
|
|
|
Config::inst()->remove('HtmlEditorField', 'sanitise_server_side');
|
|
|
|
$field->setContent($rawContent);
|
|
|
|
$this->assertEquals($rawContent, $field->getContent());
|
|
|
|
}
|
|
|
|
}
|