diff options
Diffstat (limited to 'modules/gallery/tests')
| -rw-r--r-- | modules/gallery/tests/SafeString_Test.php | 19 | ||||
| -rw-r--r-- | modules/gallery/tests/Xss_Security_Test.php | 7 |
2 files changed, 16 insertions, 10 deletions
diff --git a/modules/gallery/tests/SafeString_Test.php b/modules/gallery/tests/SafeString_Test.php index 73d82c34..0fc7f6f3 100644 --- a/modules/gallery/tests/SafeString_Test.php +++ b/modules/gallery/tests/SafeString_Test.php @@ -25,8 +25,7 @@ class SafeString_Test extends Unit_Test_Case { } public function toString_for_safe_string_test() { - $safe_string = new SafeString("hello <p>world</p>"); - $safe_string->mark_html_safe(); + $safe_string = SafeString::of_safe_html("hello <p>world</p>"); $this->assert_equal("hello <p>world</p>", $safe_string); } @@ -62,7 +61,7 @@ class SafeString_Test extends Unit_Test_Case { } public function for_html_attr_with_safe_html_test() { - $safe_string = SafeString::of('"<em>Foo</em>\'s bar"')->mark_html_safe(); + $safe_string = SafeString::of_safe_html('"<em>Foo</em>\'s bar"'); $attr_string = $safe_string->for_html_attr(); $this->assert_equal('"<em>Foo</em>'s bar"', $attr_string); @@ -86,25 +85,29 @@ class SafeString_Test extends Unit_Test_Case { } public function of_safe_html_test() { - $safe_string = SafeString::of("hello <p>world</p>")->mark_html_safe(); + $safe_string = SafeString::of_safe_html("hello <p>world</p>"); $this->assert_equal("hello <p>world</p>", $safe_string->for_html()); } + public function purify_test() { + $safe_string = SafeString::purify("hello <p >world</p>"); + $this->assert_equal("hello <p>world</p>", $safe_string); + } + public function of_fluid_api_test() { $escaped_string = SafeString::of("Foo's bar")->for_js(); $this->assert_equal("Foo\\'s bar", $escaped_string); } public function safestring_of_safestring_preserves_safe_status_test() { - $safe_string = SafeString::of("hello's <p>world</p>")->mark_html_safe(); + $safe_string = SafeString::of_safe_html("hello's <p>world</p>"); $safe_string_2 = new SafeString($safe_string); $this->assert_equal("hello's <p>world</p>", $safe_string_2); $this->assert_equal("hello\\'s <p>world<\\/p>", $safe_string_2->for_js()); } public function safestring_of_safestring_preserves_html_safe_status_test() { - $safe_string = SafeString::of("hello's <p>world</p>") - ->mark_html_safe(); + $safe_string = SafeString::of_safe_html("hello's <p>world</p>"); $safe_string_2 = new SafeString($safe_string); $this->assert_equal("hello's <p>world</p>", $safe_string_2); $this->assert_equal("hello\\'s <p>world<\\/p>", $safe_string_2->for_js()); @@ -112,7 +115,7 @@ class SafeString_Test extends Unit_Test_Case { public function safestring_of_safestring_safe_status_override_test() { $safe_string = new SafeString("hello <p>world</p>"); - $safe_string_2 = SafeString::of($safe_string)->mark_html_safe(); + $safe_string_2 = SafeString::of_safe_html($safe_string); $this->assert_equal("hello <p>world</p>", $safe_string_2); } } diff --git a/modules/gallery/tests/Xss_Security_Test.php b/modules/gallery/tests/Xss_Security_Test.php index e0e5bb86..fd596c69 100644 --- a/modules/gallery/tests/Xss_Security_Test.php +++ b/modules/gallery/tests/Xss_Security_Test.php @@ -110,10 +110,13 @@ class Xss_Security_Test extends Unit_Test_Case { } else if ($token[1] == "SafeString") { // Looking for SafeString::of(... if (self::_token_matches(array(T_DOUBLE_COLON, "::"), $tokens, $token_number + 1) && - self::_token_matches(array(T_STRING, "of"), $tokens, $token_number + 2) && + self::_token_matches(array(T_STRING), $tokens, $token_number + 2) && + in_array($tokens[$token_number + 2][1], array("of", "of_safe_html", "purify")) && self::_token_matches("(", $tokens, $token_number + 3)) { $frame->is_safestring(true); - $frame->expr_append("::of("); + + $method = $tokens[$token_number + 2][1]; + $frame->expr_append("::$method("); $token_number += 3; $token = $tokens[$token_number]; |