X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=tests%2Fplugins%2FPluginMarkdownTest.php;h=ddc2728d3ae22542f82dd9bd158de7a1bab73ec0;hb=50142efd1b4b826f60b1e5673dba5ccbe26e0108;hp=12bdda24231b47a9cad0454694d030d7b4884362;hpb=c5941f316a49c94eff354b63e75b3add98ac4aea;p=github%2Fshaarli%2FShaarli.git

diff --git a/tests/plugins/PluginMarkdownTest.php b/tests/plugins/PluginMarkdownTest.php
index 12bdda24..ddc2728d 100644
--- a/tests/plugins/PluginMarkdownTest.php
+++ b/tests/plugins/PluginMarkdownTest.php
@@ -1,4 +1,5 @@
 <?php
+use Shaarli\Config\ConfigManager;
 
 /**
  * PluginMarkdownTest.php
@@ -8,24 +9,31 @@ require_once 'application/Utils.php';
 require_once 'plugins/markdown/markdown.php';
 
 /**
- * Class PlugQrcodeTest
- * Unit test for the QR-Code plugin
+ * Class PluginMarkdownTest
+ * Unit test for the Markdown plugin
  */
 class PluginMarkdownTest extends PHPUnit_Framework_TestCase
 {
+    /**
+     * @var ConfigManager instance.
+     */
+    protected $conf;
+
     /**
      * Reset plugin path
      */
-    function setUp()
+    public function setUp()
     {
         PluginManager::$PLUGINS_PATH = 'plugins';
+        $this->conf = new ConfigManager('tests/utils/config/configJson');
+        $this->conf->set('security.allowed_protocols', ['ftp', 'magnet']);
     }
 
     /**
      * Test render_linklist hook.
      * Only check that there is basic markdown rendering.
      */
-    function testMarkdownLinklist()
+    public function testMarkdownLinklist()
     {
         $markdown = '# My title' . PHP_EOL . 'Very interesting content.';
         $data = array(
@@ -36,7 +44,7 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
             ),
         );
 
-        $data = hook_markdown_render_linklist($data);
+        $data = hook_markdown_render_linklist($data, $this->conf);
         $this->assertNotFalse(strpos($data['links'][0]['description'], '<h1>'));
         $this->assertNotFalse(strpos($data['links'][0]['description'], '<p>'));
     }
@@ -45,31 +53,28 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
      * Test render_daily hook.
      * Only check that there is basic markdown rendering.
      */
-    function testMarkdownDaily()
+    public function testMarkdownDaily()
     {
         $markdown = '# My title' . PHP_EOL . 'Very interesting content.';
         $data = array(
             // Columns data
-            'cols' => array(
-                // First, second, third.
+            'linksToDisplay' => array(
+                // nth link
                 0 => array(
-                    // nth link
-                    0 => array(
-                        'formatedDescription' => $markdown,
-                    ),
+                    'formatedDescription' => $markdown,
                 ),
             ),
         );
 
-        $data = hook_markdown_render_daily($data);
-        $this->assertNotFalse(strpos($data['cols'][0][0]['formatedDescription'], '<h1>'));
-        $this->assertNotFalse(strpos($data['cols'][0][0]['formatedDescription'], '<p>'));
+        $data = hook_markdown_render_daily($data, $this->conf);
+        $this->assertNotFalse(strpos($data['linksToDisplay'][0]['formatedDescription'], '<h1>'));
+        $this->assertNotFalse(strpos($data['linksToDisplay'][0]['formatedDescription'], '<p>'));
     }
 
     /**
      * Test reverse_text2clickable().
      */
-    function testReverseText2clickable()
+    public function testReverseText2clickable()
     {
         $text = 'stuff http://hello.there/is=someone#here otherstuff';
         $clickableText = text2clickable($text, '');
@@ -80,7 +85,7 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
     /**
      * Test reverse_nl2br().
      */
-    function testReverseNl2br()
+    public function testReverseNl2br()
     {
         $text = 'stuff' . PHP_EOL . 'otherstuff';
         $processedText = nl2br($text);
@@ -91,7 +96,7 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
     /**
      * Test reverse_space2nbsp().
      */
-    function testReverseSpace2nbsp()
+    public function testReverseSpace2nbsp()
     {
         $text = ' stuff' . PHP_EOL . '  otherstuff  and another';
         $processedText = space2nbsp($text);
@@ -102,7 +107,7 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
     /**
      * Test sanitize_html().
      */
-    function testSanitizeHtml()
+    public function testSanitizeHtml()
     {
         $input = '< script src="js.js"/>';
         $input .= '< script attr>alert(\'xss\');</script>';
@@ -110,6 +115,8 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
         $output = escape($input);
         $input .= '<a href="#" onmouseHover="alert(\'xss\');" attr="tt">link</a>';
         $output .= '<a href="#"  attr="tt">link</a>';
+        $input .= '<a href="#" onmouseHover=alert(\'xss\'); attr="tt">link</a>';
+        $output .= '<a href="#"  attr="tt">link</a>';
         $this->assertEquals($output, sanitize_html($input));
         // Do not touch escaped HTML.
         $input = escape($input);
@@ -119,7 +126,7 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
     /**
      * Test the no markdown tag.
      */
-    function testNoMarkdownTag()
+    public function testNoMarkdownTag()
     {
         $str = 'All _work_ and `no play` makes Jack a *dull* boy.';
         $data = array(
@@ -130,38 +137,97 @@ class PluginMarkdownTest extends PHPUnit_Framework_TestCase
             ))
         );
 
-        $data = hook_markdown_render_linklist($data);
-        $this->assertEquals($str, $data['links'][0]['description']);
+        $processed = hook_markdown_render_linklist($data, $this->conf);
+        $this->assertEquals($str, $processed['links'][0]['description']);
+
+        $processed = hook_markdown_render_feed($data, $this->conf);
+        $this->assertEquals($str, $processed['links'][0]['description']);
 
         $data = array(
             // Columns data
-            'cols' => array(
-                // First, second, third.
+            'linksToDisplay' => array(
+                // nth link
                 0 => array(
-                    // nth link
-                    0 => array(
-                        'formatedDescription' => $str,
-                        'tags' => NO_MD_TAG,
-                        'taglist' => array(),
-                    ),
+                    'formatedDescription' => $str,
+                    'tags' => NO_MD_TAG,
+                    'taglist' => array(),
                 ),
             ),
         );
 
-        $data = hook_markdown_render_daily($data);
-        $this->assertEquals($str, $data['cols'][0][0]['formatedDescription']);
+        $data = hook_markdown_render_daily($data, $this->conf);
+        $this->assertEquals($str, $data['linksToDisplay'][0]['formatedDescription']);
+    }
+
+    /**
+     * Test that a close value to nomarkdown is not understand as nomarkdown (previous value `.nomarkdown`).
+     */
+    public function testNoMarkdownNotExcactlyMatching()
+    {
+        $str = 'All _work_ and `no play` makes Jack a *dull* boy.';
+        $data = array(
+            'links' => array(array(
+                'description' => $str,
+                'tags' => '.' . NO_MD_TAG,
+                'taglist' => array('.'. NO_MD_TAG),
+            ))
+        );
+
+        $data = hook_markdown_render_feed($data, $this->conf);
+        $this->assertContains('<em>', $data['links'][0]['description']);
     }
 
     /**
-     * Test hashtag links processed with markdown.
+     * Make sure that the generated HTML match the reference HTML file.
      */
-    function testMarkdownHashtagLinks()
+    public function testMarkdownGlobalProcessDescription()
     {
         $md = file_get_contents('tests/plugins/resources/markdown.md');
         $md = format_description($md);
         $html = file_get_contents('tests/plugins/resources/markdown.html');
 
-        $data = process_markdown($md);
+        $data = process_markdown(
+            $md,
+            $this->conf->get('security.markdown_escape', true),
+            $this->conf->get('security.allowed_protocols')
+        );
         $this->assertEquals($html, $data);
     }
+
+    /**
+     * Make sure that the HTML tags are escaped.
+     */
+    public function testMarkdownWithHtmlEscape()
+    {
+        $md = '**strong** <strong>strong</strong>';
+        $html = '<div class="markdown"><p><strong>strong</strong> &lt;strong&gt;strong&lt;/strong&gt;</p></div>';
+        $data = array(
+            'links' => array(
+                0 => array(
+                    'description' => $md,
+                ),
+            ),
+        );
+        $data = hook_markdown_render_linklist($data, $this->conf);
+        $this->assertEquals($html, $data['links'][0]['description']);
+    }
+
+    /**
+     * Make sure that the HTML tags aren't escaped with the setting set to false.
+     */
+    public function testMarkdownWithHtmlNoEscape()
+    {
+        $this->conf->set('security.markdown_escape', false);
+        $md = '**strong** <strong>strong</strong>';
+        $html = '<div class="markdown"><p><strong>strong</strong> <strong>strong</strong></p></div>';
+        $data = array(
+            'links' => array(
+                0 => array(
+                    'description' => $md,
+                ),
+            ),
+        );
+        $data = hook_markdown_render_linklist($data, $this->conf);
+        $this->assertEquals($html, $data['links'][0]['description']);
+    }
 }