<?php
+use Shaarli\Config\ConfigManager;
/**
* PluginMarkdownTest.php
*/
class PluginMarkdownTest extends PHPUnit_Framework_TestCase
{
+ /**
+ * @var ConfigManager instance.
+ */
+ protected $conf;
+
/**
* Reset plugin path
*/
public function setUp()
{
PluginManager::$PLUGINS_PATH = 'plugins';
+ $this->conf = new ConfigManager('tests/utils/config/configJson');
+ $this->conf->set('security.allowed_protocols', ['ftp', 'magnet']);
}
/**
),
);
- $data = hook_markdown_render_linklist($data);
+ $data = hook_markdown_render_linklist($data, $this->conf);
$this->assertNotFalse(strpos($data['links'][0]['description'], '<h1>'));
$this->assertNotFalse(strpos($data['links'][0]['description'], '<p>'));
}
),
);
- $data = hook_markdown_render_daily($data);
+ $data = hook_markdown_render_daily($data, $this->conf);
$this->assertNotFalse(strpos($data['cols'][0][0]['formatedDescription'], '<h1>'));
$this->assertNotFalse(strpos($data['cols'][0][0]['formatedDescription'], '<p>'));
}
$output = escape($input);
$input .= '<a href="#" onmouseHover="alert(\'xss\');" attr="tt">link</a>';
$output .= '<a href="#" attr="tt">link</a>';
+ $input .= '<a href="#" onmouseHover=alert(\'xss\'); attr="tt">link</a>';
+ $output .= '<a href="#" attr="tt">link</a>';
$this->assertEquals($output, sanitize_html($input));
// Do not touch escaped HTML.
$input = escape($input);
))
);
- $processed = hook_markdown_render_linklist($data);
+ $processed = hook_markdown_render_linklist($data, $this->conf);
$this->assertEquals($str, $processed['links'][0]['description']);
- $processed = hook_markdown_render_feed($data);
+ $processed = hook_markdown_render_feed($data, $this->conf);
$this->assertEquals($str, $processed['links'][0]['description']);
$data = array(
),
);
- $data = hook_markdown_render_daily($data);
+ $data = hook_markdown_render_daily($data, $this->conf);
$this->assertEquals($str, $data['cols'][0][0]['formatedDescription']);
}
))
);
- $data = hook_markdown_render_feed($data);
+ $data = hook_markdown_render_feed($data, $this->conf);
$this->assertContains('<em>', $data['links'][0]['description']);
}
/**
- * Test hashtag links processed with markdown.
+ * Make sure that the generated HTML match the reference HTML file.
*/
- public function testMarkdownHashtagLinks()
+ public function testMarkdownGlobalProcessDescription()
{
$md = file_get_contents('tests/plugins/resources/markdown.md');
$md = format_description($md);
$html = file_get_contents('tests/plugins/resources/markdown.html');
- $data = process_markdown($md);
+ $data = process_markdown(
+ $md,
+ $this->conf->get('security.markdown_escape', true),
+ $this->conf->get('security.allowed_protocols')
+ );
$this->assertEquals($html, $data);
}
+
+ /**
+ * Make sure that the HTML tags are escaped.
+ */
+ public function testMarkdownWithHtmlEscape()
+ {
+ $md = '**strong** <strong>strong</strong>';
+ $html = '<div class="markdown"><p><strong>strong</strong> <strong>strong</strong></p></div>';
+ $data = array(
+ 'links' => array(
+ 0 => array(
+ 'description' => $md,
+ ),
+ ),
+ );
+ $data = hook_markdown_render_linklist($data, $this->conf);
+ $this->assertEquals($html, $data['links'][0]['description']);
+ }
+
+ /**
+ * Make sure that the HTML tags aren't escaped with the setting set to false.
+ */
+ public function testMarkdownWithHtmlNoEscape()
+ {
+ $this->conf->set('security.markdown_escape', false);
+ $md = '**strong** <strong>strong</strong>';
+ $html = '<div class="markdown"><p><strong>strong</strong> <strong>strong</strong></p></div>';
+ $data = array(
+ 'links' => array(
+ 0 => array(
+ 'description' => $md,
+ ),
+ ),
+ );
+ $data = hook_markdown_render_linklist($data, $this->conf);
+ $this->assertEquals($html, $data['links'][0]['description']);
+ }
}
projects / github / shaarli / Shaarli.git / blobdiff