loofah 1.0.0 → 2.19.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +489 -0
- data/MIT-LICENSE.txt +3 -1
- data/README.md +364 -0
- data/SECURITY.md +18 -0
- data/lib/loofah/elements.rb +88 -11
- data/lib/loofah/helpers.rb +76 -2
- data/lib/loofah/html/document.rb +1 -0
- data/lib/loofah/html/document_fragment.rb +9 -2
- data/lib/loofah/html5/libxml2_workarounds.rb +27 -0
- data/lib/loofah/html5/safelist.rb +1042 -0
- data/lib/loofah/html5/scrub.rb +198 -40
- data/lib/loofah/instance_methods.rb +16 -10
- data/lib/loofah/metahelpers.rb +9 -10
- data/lib/loofah/scrubber.rb +22 -6
- data/lib/loofah/scrubbers.rb +96 -16
- data/lib/loofah/version.rb +5 -0
- data/lib/loofah/xml/document.rb +1 -0
- data/lib/loofah/xml/document_fragment.rb +5 -2
- data/lib/loofah.rb +38 -25
- metadata +159 -172
- data/CHANGELOG.rdoc +0 -134
- data/Gemfile +0 -1
- data/Manifest.txt +0 -34
- data/README.rdoc +0 -312
- data/Rakefile +0 -53
- data/benchmark/benchmark.rb +0 -149
- data/benchmark/fragment.html +0 -96
- data/benchmark/helper.rb +0 -73
- data/benchmark/www.slashdot.com.html +0 -2560
- data/lib/loofah/html5/whitelist.rb +0 -168
- data/test/helper.rb +0 -7
- data/test/html5/test_sanitizer.rb +0 -248
- data/test/integration/test_ad_hoc.rb +0 -176
- data/test/integration/test_helpers.rb +0 -33
- data/test/integration/test_html.rb +0 -51
- data/test/integration/test_scrubbers.rb +0 -331
- data/test/integration/test_xml.rb +0 -55
- data/test/unit/test_api.rb +0 -138
- data/test/unit/test_helpers.rb +0 -27
- data/test/unit/test_scrubber.rb +0 -229
- data/test/unit/test_scrubbers.rb +0 -14
@@ -1,51 +0,0 @@
|
|
1
|
-
require File.expand_path(File.join(File.dirname(__FILE__), '..', 'helper'))
|
2
|
-
|
3
|
-
class TestHtml < Test::Unit::TestCase
|
4
|
-
context "html fragment" do
|
5
|
-
context "#to_s" do
|
6
|
-
should "not include head tags (like style)" do
|
7
|
-
html = Loofah.fragment "<style>foo</style><div>bar</div>"
|
8
|
-
assert_equal "<div>bar</div>", html.to_s
|
9
|
-
end
|
10
|
-
end
|
11
|
-
|
12
|
-
context "#text" do
|
13
|
-
should "not include head tags (like style)" do
|
14
|
-
html = Loofah.fragment "<style>foo</style><div>bar</div>"
|
15
|
-
assert_equal "bar", html.text
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
context "#to_text" do
|
20
|
-
should "add newlines before and after block elements" do
|
21
|
-
html = Loofah.fragment "<div>tweedle<h1>beetle</h1>bottle<span>puddle</span>paddle<div>battle</div>muddle</div>"
|
22
|
-
assert_equal "\ntweedle\nbeetle\nbottlepuddlepaddle\nbattle\nmuddle\n", html.to_text
|
23
|
-
end
|
24
|
-
|
25
|
-
should "remove extraneous whitespace" do
|
26
|
-
html = Loofah.fragment "<div>tweedle\n\n\t\n\s\nbeetle</div>"
|
27
|
-
assert_equal "\ntweedle\n\nbeetle\n", html.to_text
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
context "html document" do
|
33
|
-
should "not include head tags (like style)" do
|
34
|
-
html = Loofah.document "<style>foo</style><div>bar</div>"
|
35
|
-
assert_equal "bar", html.text
|
36
|
-
end
|
37
|
-
|
38
|
-
context "#to_text" do
|
39
|
-
should "add newlines before and after block elements" do
|
40
|
-
html = Loofah.document "<div>tweedle<h1>beetle</h1>bottle<span>puddle</span>paddle<div>battle</div>muddle</div>"
|
41
|
-
assert_equal "\ntweedle\nbeetle\nbottlepuddlepaddle\nbattle\nmuddle\n", html.to_text
|
42
|
-
end
|
43
|
-
|
44
|
-
should "remove extraneous whitespace" do
|
45
|
-
html = Loofah.document "<div>tweedle\n\n\t\n\s\nbeetle</div>"
|
46
|
-
assert_equal "\ntweedle\n\nbeetle\n", html.to_text
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
@@ -1,331 +0,0 @@
|
|
1
|
-
require File.expand_path(File.join(File.dirname(__FILE__), '..', 'helper'))
|
2
|
-
|
3
|
-
class TestScrubbers < Test::Unit::TestCase
|
4
|
-
|
5
|
-
INVALID_FRAGMENT = "<invalid>foo<p>bar</p>bazz</invalid><div>quux</div>"
|
6
|
-
INVALID_ESCAPED = "<invalid>foo<p>bar</p>bazz</invalid><div>quux</div>"
|
7
|
-
INVALID_PRUNED = "<div>quux</div>"
|
8
|
-
INVALID_STRIPPED = "foo<p>bar</p>bazz<div>quux</div>"
|
9
|
-
|
10
|
-
WHITEWASH_FRAGMENT = "<o:div>no</o:div><div id='no'>foo</div><invalid>bar</invalid><!--[if gts mso9]><div>microsofty stuff</div><![endif]-->"
|
11
|
-
WHITEWASH_RESULT = "<div>foo</div>"
|
12
|
-
|
13
|
-
NOFOLLOW_FRAGMENT = '<a href="http://www.example.com/">Click here</a>'
|
14
|
-
NOFOLLOW_RESULT = '<a href="http://www.example.com/" rel="nofollow">Click here</a>'
|
15
|
-
|
16
|
-
ENTITY_FRAGMENT = "<p>this is < that "&" the other > boo'ya</p><div>w00t</div>"
|
17
|
-
ENTITY_TEXT = %Q(this is < that "&" the other > boo\'yaw00t)
|
18
|
-
|
19
|
-
ENTITY_HACK_ATTACK = "<div><div>Hack attack!</div><div><script>alert('evil')</script></div></div>"
|
20
|
-
ENTITY_HACK_ATTACK_TEXT_SCRUB = "Hack attack!<script>alert('evil')</script>"
|
21
|
-
ENTITY_HACK_ATTACK_TEXT_SCRUB_UNESC = "Hack attack!<script>alert('evil')</script>"
|
22
|
-
|
23
|
-
context "Document" do
|
24
|
-
context "#scrub!" do
|
25
|
-
context ":escape" do
|
26
|
-
should "escape bad tags" do
|
27
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{INVALID_FRAGMENT}</body></html>"
|
28
|
-
result = doc.scrub! :escape
|
29
|
-
|
30
|
-
assert_equal INVALID_ESCAPED, doc.xpath('/html/body').inner_html
|
31
|
-
assert_equal doc, result
|
32
|
-
end
|
33
|
-
end
|
34
|
-
|
35
|
-
context ":prune" do
|
36
|
-
should "prune bad tags" do
|
37
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{INVALID_FRAGMENT}</body></html>"
|
38
|
-
result = doc.scrub! :prune
|
39
|
-
|
40
|
-
assert_equal INVALID_PRUNED, doc.xpath('/html/body').inner_html
|
41
|
-
assert_equal doc, result
|
42
|
-
end
|
43
|
-
end
|
44
|
-
|
45
|
-
context ":strip" do
|
46
|
-
should "strip bad tags" do
|
47
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{INVALID_FRAGMENT}</body></html>"
|
48
|
-
result = doc.scrub! :strip
|
49
|
-
|
50
|
-
assert_equal INVALID_STRIPPED, doc.xpath('/html/body').inner_html
|
51
|
-
assert_equal doc, result
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
55
|
-
context ":whitewash" do
|
56
|
-
should "whitewash the markup" do
|
57
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{WHITEWASH_FRAGMENT}</body></html>"
|
58
|
-
result = doc.scrub! :whitewash
|
59
|
-
|
60
|
-
assert_equal WHITEWASH_RESULT, doc.xpath('/html/body').inner_html
|
61
|
-
assert_equal doc, result
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
context ":nofollow" do
|
66
|
-
should "add a 'nofollow' attribute to hyperlinks" do
|
67
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{NOFOLLOW_FRAGMENT}</body></html>"
|
68
|
-
result = doc.scrub! :nofollow
|
69
|
-
|
70
|
-
assert_equal NOFOLLOW_RESULT, doc.xpath('/html/body').inner_html
|
71
|
-
assert_equal doc, result
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
|
-
context "#scrub_document" do
|
77
|
-
should "be a shortcut for parse-and-scrub" do
|
78
|
-
mock_doc = mock
|
79
|
-
Loofah.expects(:document).with(:string_or_io).returns(mock_doc)
|
80
|
-
mock_doc.expects(:scrub!).with(:method)
|
81
|
-
|
82
|
-
Loofah.scrub_document(:string_or_io, :method)
|
83
|
-
end
|
84
|
-
end
|
85
|
-
|
86
|
-
context "#text" do
|
87
|
-
should "leave behind only inner text with html entities still escaped" do
|
88
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{ENTITY_HACK_ATTACK}</body></html>"
|
89
|
-
result = doc.text
|
90
|
-
|
91
|
-
assert_equal ENTITY_HACK_ATTACK_TEXT_SCRUB, result
|
92
|
-
end
|
93
|
-
|
94
|
-
context "with encode_special_chars => false" do
|
95
|
-
should "leave behind only inner text with html entities unescaped" do
|
96
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{ENTITY_HACK_ATTACK}</body></html>"
|
97
|
-
result = doc.text(:encode_special_chars => false)
|
98
|
-
|
99
|
-
assert_equal ENTITY_HACK_ATTACK_TEXT_SCRUB_UNESC, result
|
100
|
-
end
|
101
|
-
end
|
102
|
-
|
103
|
-
context "with encode_special_chars => true" do
|
104
|
-
should "leave behind only inner text with html entities still escaped" do
|
105
|
-
doc = Loofah::HTML::Document.parse "<html><body>#{ENTITY_HACK_ATTACK}</body></html>"
|
106
|
-
result = doc.text(:encode_special_chars => true)
|
107
|
-
|
108
|
-
assert_equal ENTITY_HACK_ATTACK_TEXT_SCRUB, result
|
109
|
-
end
|
110
|
-
end
|
111
|
-
end
|
112
|
-
|
113
|
-
context "#to_s" do
|
114
|
-
should "generate HTML" do
|
115
|
-
doc = Loofah.scrub_document "<html><head><title>quux</title></head><body><div>foo</div></body></html>", :prune
|
116
|
-
assert_not_nil doc.xpath("/html").first
|
117
|
-
assert_not_nil doc.xpath("/html/head").first
|
118
|
-
assert_not_nil doc.xpath("/html/body").first
|
119
|
-
|
120
|
-
string = doc.to_s
|
121
|
-
assert_contains string, /<!DOCTYPE/
|
122
|
-
assert_contains string, /<html>/
|
123
|
-
assert_contains string, /<head>/
|
124
|
-
assert_contains string, /<body>/
|
125
|
-
end
|
126
|
-
end
|
127
|
-
|
128
|
-
context "#serialize" do
|
129
|
-
should "generate HTML" do
|
130
|
-
doc = Loofah.scrub_document "<html><head><title>quux</title></head><body><div>foo</div></body></html>", :prune
|
131
|
-
assert_not_nil doc.xpath("/html").first
|
132
|
-
assert_not_nil doc.xpath("/html/head").first
|
133
|
-
assert_not_nil doc.xpath("/html/body").first
|
134
|
-
|
135
|
-
string = doc.serialize
|
136
|
-
assert_contains string, /<!DOCTYPE/
|
137
|
-
assert_contains string, /<html>/
|
138
|
-
assert_contains string, /<head>/
|
139
|
-
assert_contains string, /<body>/
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|
143
|
-
context "Node" do
|
144
|
-
context "#scrub!" do
|
145
|
-
should "only scrub subtree" do
|
146
|
-
xml = Loofah.document <<-EOHTML
|
147
|
-
<html><body>
|
148
|
-
<div class='scrub'>
|
149
|
-
<script>I should be removed</script>
|
150
|
-
</div>
|
151
|
-
<div class='noscrub'>
|
152
|
-
<script>I should remain</script>
|
153
|
-
</div>
|
154
|
-
</body></html>
|
155
|
-
EOHTML
|
156
|
-
node = xml.at_css "div.scrub"
|
157
|
-
node.scrub!(:prune)
|
158
|
-
assert_contains xml.to_s, /I should remain/
|
159
|
-
assert_does_not_contain xml.to_s, /I should be removed/
|
160
|
-
end
|
161
|
-
end
|
162
|
-
end
|
163
|
-
|
164
|
-
context "NodeSet" do
|
165
|
-
context "#scrub!" do
|
166
|
-
should "only scrub subtrees" do
|
167
|
-
xml = Loofah.document <<-EOHTML
|
168
|
-
<html><body>
|
169
|
-
<div class='scrub'>
|
170
|
-
<script>I should be removed</script>
|
171
|
-
</div>
|
172
|
-
<div class='noscrub'>
|
173
|
-
<script>I should remain</script>
|
174
|
-
</div>
|
175
|
-
<div class='scrub'>
|
176
|
-
<script>I should also be removed</script>
|
177
|
-
</div>
|
178
|
-
</body></html>
|
179
|
-
EOHTML
|
180
|
-
node_set = xml.css "div.scrub"
|
181
|
-
assert_equal 2, node_set.length
|
182
|
-
node_set.scrub!(:prune)
|
183
|
-
assert_contains xml.to_s, /I should remain/
|
184
|
-
assert_does_not_contain xml.to_s, /I should be removed/
|
185
|
-
assert_does_not_contain xml.to_s, /I should also be removed/
|
186
|
-
end
|
187
|
-
end
|
188
|
-
end
|
189
|
-
end
|
190
|
-
|
191
|
-
context "DocumentFragment" do
|
192
|
-
context "#scrub!" do
|
193
|
-
context ":escape" do
|
194
|
-
should "escape bad tags" do
|
195
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{INVALID_FRAGMENT}</div>"
|
196
|
-
result = doc.scrub! :escape
|
197
|
-
|
198
|
-
assert_equal INVALID_ESCAPED, doc.xpath("./div").inner_html
|
199
|
-
assert_equal doc, result
|
200
|
-
end
|
201
|
-
end
|
202
|
-
|
203
|
-
context ":prune" do
|
204
|
-
should "prune bad tags" do
|
205
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{INVALID_FRAGMENT}</div>"
|
206
|
-
result = doc.scrub! :prune
|
207
|
-
|
208
|
-
assert_equal INVALID_PRUNED, doc.xpath("./div").inner_html
|
209
|
-
assert_equal doc, result
|
210
|
-
end
|
211
|
-
end
|
212
|
-
|
213
|
-
context ":strip" do
|
214
|
-
should "strip bad tags" do
|
215
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{INVALID_FRAGMENT}</div>"
|
216
|
-
result = doc.scrub! :strip
|
217
|
-
|
218
|
-
assert_equal INVALID_STRIPPED, doc.xpath("./div").inner_html
|
219
|
-
assert_equal doc, result
|
220
|
-
end
|
221
|
-
end
|
222
|
-
|
223
|
-
context ":whitewash" do
|
224
|
-
should "whitewash the markup" do
|
225
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{WHITEWASH_FRAGMENT}</div>"
|
226
|
-
result = doc.scrub! :whitewash
|
227
|
-
|
228
|
-
assert_equal WHITEWASH_RESULT, doc.xpath("./div").inner_html
|
229
|
-
assert_equal doc, result
|
230
|
-
end
|
231
|
-
end
|
232
|
-
|
233
|
-
context ":nofollow" do
|
234
|
-
should "add a 'nofollow' attribute to hyperlinks" do
|
235
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{NOFOLLOW_FRAGMENT}</div>"
|
236
|
-
result = doc.scrub! :nofollow
|
237
|
-
|
238
|
-
assert_equal NOFOLLOW_RESULT, doc.xpath("./div").inner_html
|
239
|
-
assert_equal doc, result
|
240
|
-
end
|
241
|
-
end
|
242
|
-
end
|
243
|
-
|
244
|
-
context "#scrub_fragment" do
|
245
|
-
should "be a shortcut for parse-and-scrub" do
|
246
|
-
mock_doc = mock
|
247
|
-
Loofah.expects(:fragment).with(:string_or_io).returns(mock_doc)
|
248
|
-
mock_doc.expects(:scrub!).with(:method)
|
249
|
-
|
250
|
-
Loofah.scrub_fragment(:string_or_io, :method)
|
251
|
-
end
|
252
|
-
end
|
253
|
-
|
254
|
-
context "#text" do
|
255
|
-
should "leave behind only inner text with html entities still escaped" do
|
256
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{ENTITY_HACK_ATTACK}</div>"
|
257
|
-
result = doc.text
|
258
|
-
|
259
|
-
assert_equal ENTITY_HACK_ATTACK_TEXT_SCRUB, result
|
260
|
-
end
|
261
|
-
|
262
|
-
context "with encode_special_chars => false" do
|
263
|
-
should "leave behind only inner text with html entities unescaped" do
|
264
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{ENTITY_HACK_ATTACK}</div>"
|
265
|
-
result = doc.text(:encode_special_chars => false)
|
266
|
-
|
267
|
-
assert_equal ENTITY_HACK_ATTACK_TEXT_SCRUB_UNESC, result
|
268
|
-
end
|
269
|
-
end
|
270
|
-
|
271
|
-
context "with encode_special_chars => true" do
|
272
|
-
should "leave behind only inner text with html entities still escaped" do
|
273
|
-
doc = Loofah::HTML::DocumentFragment.parse "<div>#{ENTITY_HACK_ATTACK}</div>"
|
274
|
-
result = doc.text(:encode_special_chars => true)
|
275
|
-
|
276
|
-
assert_equal ENTITY_HACK_ATTACK_TEXT_SCRUB, result
|
277
|
-
end
|
278
|
-
end
|
279
|
-
end
|
280
|
-
|
281
|
-
context "#to_s" do
|
282
|
-
should "not remove entities" do
|
283
|
-
string = Loofah.scrub_fragment(ENTITY_FRAGMENT, :prune).to_s
|
284
|
-
assert_contains string, /this is </
|
285
|
-
end
|
286
|
-
end
|
287
|
-
|
288
|
-
context "Node" do
|
289
|
-
context "#scrub!" do
|
290
|
-
should "only scrub subtree" do
|
291
|
-
xml = Loofah.fragment <<-EOHTML
|
292
|
-
<div class='scrub'>
|
293
|
-
<script>I should be removed</script>
|
294
|
-
</div>
|
295
|
-
<div class='noscrub'>
|
296
|
-
<script>I should remain</script>
|
297
|
-
</div>
|
298
|
-
EOHTML
|
299
|
-
node = xml.at_css "div.scrub"
|
300
|
-
node.scrub!(:prune)
|
301
|
-
assert_contains xml.to_s, /I should remain/
|
302
|
-
assert_does_not_contain xml.to_s, /I should be removed/
|
303
|
-
end
|
304
|
-
end
|
305
|
-
end
|
306
|
-
|
307
|
-
context "NodeSet" do
|
308
|
-
context "#scrub!" do
|
309
|
-
should "only scrub subtrees" do
|
310
|
-
xml = Loofah.fragment <<-EOHTML
|
311
|
-
<div class='scrub'>
|
312
|
-
<script>I should be removed</script>
|
313
|
-
</div>
|
314
|
-
<div class='noscrub'>
|
315
|
-
<script>I should remain</script>
|
316
|
-
</div>
|
317
|
-
<div class='scrub'>
|
318
|
-
<script>I should also be removed</script>
|
319
|
-
</div>
|
320
|
-
EOHTML
|
321
|
-
node_set = xml.css "div.scrub"
|
322
|
-
assert_equal 2, node_set.length
|
323
|
-
node_set.scrub!(:prune)
|
324
|
-
assert_contains xml.to_s, /I should remain/
|
325
|
-
assert_does_not_contain xml.to_s, /I should be removed/
|
326
|
-
assert_does_not_contain xml.to_s, /I should also be removed/
|
327
|
-
end
|
328
|
-
end
|
329
|
-
end
|
330
|
-
end
|
331
|
-
end
|
@@ -1,55 +0,0 @@
|
|
1
|
-
require File.expand_path(File.join(File.dirname(__FILE__), '..', 'helper'))
|
2
|
-
|
3
|
-
class TestXml < Test::Unit::TestCase
|
4
|
-
context "integration test" do
|
5
|
-
context "xml document" do
|
6
|
-
context "custom scrubber" do
|
7
|
-
should "act as expected" do
|
8
|
-
xml = Loofah.xml_document <<-EOXML
|
9
|
-
<root>
|
10
|
-
<employee deceased='true'>Abraham Lincoln</employee>
|
11
|
-
<employee deceased='false'>Abe Vigoda</employee>
|
12
|
-
</root>
|
13
|
-
EOXML
|
14
|
-
bring_out_your_dead = Loofah::Scrubber.new do |node|
|
15
|
-
if node.name == "employee" and node["deceased"] == "true"
|
16
|
-
node.remove
|
17
|
-
Loofah::Scrubber::STOP # don't bother with the rest of the subtree
|
18
|
-
end
|
19
|
-
end
|
20
|
-
assert_equal 2, xml.css("employee").length
|
21
|
-
|
22
|
-
xml.scrub!(bring_out_your_dead)
|
23
|
-
|
24
|
-
employees = xml.css "employee"
|
25
|
-
assert_equal 1, employees.length
|
26
|
-
assert_equal "Abe Vigoda", employees.first.inner_text
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
context "xml fragment" do
|
32
|
-
context "custom scrubber" do
|
33
|
-
should "act as expected" do
|
34
|
-
xml = Loofah.xml_fragment <<-EOXML
|
35
|
-
<employee deceased='true'>Abraham Lincoln</employee>
|
36
|
-
<employee deceased='false'>Abe Vigoda</employee>
|
37
|
-
EOXML
|
38
|
-
bring_out_your_dead = Loofah::Scrubber.new do |node|
|
39
|
-
if node.name == "employee" and node["deceased"] == "true"
|
40
|
-
node.remove
|
41
|
-
Loofah::Scrubber::STOP # don't bother with the rest of the subtree
|
42
|
-
end
|
43
|
-
end
|
44
|
-
assert_equal 2, xml.css("employee").length
|
45
|
-
|
46
|
-
xml.scrub!(bring_out_your_dead)
|
47
|
-
|
48
|
-
employees = xml.css "employee"
|
49
|
-
assert_equal 1, employees.length
|
50
|
-
assert_equal "Abe Vigoda", employees.first.inner_text
|
51
|
-
end
|
52
|
-
end
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
data/test/unit/test_api.rb
DELETED
@@ -1,138 +0,0 @@
|
|
1
|
-
require File.expand_path(File.join(File.dirname(__FILE__), '..', 'helper'))
|
2
|
-
|
3
|
-
class TestApi < Test::Unit::TestCase
|
4
|
-
|
5
|
-
HTML = "<div>a</div>\n<div>b</div>"
|
6
|
-
XML_FRAGMENT = "<div>a</div>\n<div>b</div>"
|
7
|
-
XML = "<root>#{XML_FRAGMENT}</root>"
|
8
|
-
|
9
|
-
def test_loofah_document
|
10
|
-
doc = Loofah.document(HTML)
|
11
|
-
assert_html_documentish doc
|
12
|
-
end
|
13
|
-
|
14
|
-
def test_loofah_fragment
|
15
|
-
doc = Loofah.fragment(HTML)
|
16
|
-
assert_html_fragmentish doc
|
17
|
-
end
|
18
|
-
|
19
|
-
def test_loofah_xml_document
|
20
|
-
doc = Loofah.xml_document(XML)
|
21
|
-
assert_xml_documentish doc
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_loofah_xml_fragment
|
25
|
-
doc = Loofah.xml_fragment(XML_FRAGMENT)
|
26
|
-
assert_xml_fragmentish doc
|
27
|
-
end
|
28
|
-
|
29
|
-
def test_loofah_html_document_parse_method
|
30
|
-
doc = Loofah::HTML::Document.parse(HTML)
|
31
|
-
assert_html_documentish doc
|
32
|
-
end
|
33
|
-
|
34
|
-
def test_loofah_xml_document_parse_method
|
35
|
-
doc = Loofah::XML::Document.parse(XML)
|
36
|
-
assert_xml_documentish doc
|
37
|
-
end
|
38
|
-
|
39
|
-
def test_loofah_html_document_fragment_parse_method
|
40
|
-
doc = Loofah::HTML::DocumentFragment.parse(HTML)
|
41
|
-
assert_html_fragmentish doc
|
42
|
-
end
|
43
|
-
|
44
|
-
def test_loofah_xml_document_fragment_parse_method
|
45
|
-
doc = Loofah::XML::DocumentFragment.parse(XML_FRAGMENT)
|
46
|
-
assert_xml_fragmentish doc
|
47
|
-
end
|
48
|
-
|
49
|
-
def test_loofah_document_scrub!
|
50
|
-
doc = Loofah.document(HTML).scrub!(:strip)
|
51
|
-
assert_html_documentish doc
|
52
|
-
end
|
53
|
-
|
54
|
-
def test_loofah_fragment_scrub!
|
55
|
-
doc = Loofah.fragment(HTML).scrub!(:strip)
|
56
|
-
assert_html_fragmentish doc
|
57
|
-
end
|
58
|
-
|
59
|
-
def test_loofah_xml_document_scrub!
|
60
|
-
scrubber = Loofah::Scrubber.new { |node| }
|
61
|
-
doc = Loofah.xml_document(XML).scrub!(scrubber)
|
62
|
-
assert_xml_documentish doc
|
63
|
-
end
|
64
|
-
|
65
|
-
def test_loofah_xml_fragment_scrub!
|
66
|
-
scrubber = Loofah::Scrubber.new { |node| }
|
67
|
-
doc = Loofah.xml_fragment(XML_FRAGMENT).scrub!(scrubber)
|
68
|
-
assert_xml_fragmentish doc
|
69
|
-
end
|
70
|
-
|
71
|
-
def test_loofah_html_document_node_scrub!
|
72
|
-
doc = Loofah.document(HTML)
|
73
|
-
assert(node = doc.at_css("div"))
|
74
|
-
node.scrub!(:strip)
|
75
|
-
end
|
76
|
-
|
77
|
-
def test_loofah_html_fragment_node_scrub!
|
78
|
-
doc = Loofah.fragment(HTML)
|
79
|
-
assert(node = doc.at_css("div"))
|
80
|
-
node.scrub!(:strip)
|
81
|
-
end
|
82
|
-
|
83
|
-
def test_loofah_xml_document_node_scrub!
|
84
|
-
doc = Loofah.xml_document(XML)
|
85
|
-
assert(node = doc.at_css("div"))
|
86
|
-
node.scrub!(:strip)
|
87
|
-
end
|
88
|
-
|
89
|
-
def test_loofah_xml_fragment_node_scrub!
|
90
|
-
doc = Loofah.xml_fragment(XML)
|
91
|
-
assert(node = doc.at_css("div"))
|
92
|
-
node.scrub!(:strip)
|
93
|
-
end
|
94
|
-
|
95
|
-
def test_loofah_nodeset_scrub!
|
96
|
-
doc = Loofah.document(HTML)
|
97
|
-
assert(node_set = doc.css("div"))
|
98
|
-
assert_instance_of Nokogiri::XML::NodeSet, node_set
|
99
|
-
node_set.scrub!(:strip)
|
100
|
-
end
|
101
|
-
|
102
|
-
should "HTML::DocumentFragment exposes serialize_root" do
|
103
|
-
doc = Loofah.fragment(HTML)
|
104
|
-
assert_equal HTML, doc.serialize_root.to_html
|
105
|
-
end
|
106
|
-
|
107
|
-
should "HTML::Document exposes serialize_root" do
|
108
|
-
doc = Loofah.document(HTML)
|
109
|
-
assert_equal HTML, doc.serialize_root.children.to_html
|
110
|
-
end
|
111
|
-
|
112
|
-
private
|
113
|
-
|
114
|
-
def assert_html_documentish(doc)
|
115
|
-
assert_kind_of Nokogiri::HTML::Document, doc
|
116
|
-
assert_kind_of Loofah::HTML::Document, doc
|
117
|
-
assert_equal HTML, doc.xpath("/html/body").inner_html
|
118
|
-
end
|
119
|
-
|
120
|
-
def assert_html_fragmentish(doc)
|
121
|
-
assert_kind_of Nokogiri::HTML::DocumentFragment, doc
|
122
|
-
assert_kind_of Loofah::HTML::DocumentFragment, doc
|
123
|
-
assert_equal HTML, doc.inner_html
|
124
|
-
end
|
125
|
-
|
126
|
-
def assert_xml_documentish(doc)
|
127
|
-
assert_kind_of Nokogiri::XML::Document, doc
|
128
|
-
assert_kind_of Loofah::XML::Document, doc
|
129
|
-
assert_equal XML, doc.root.to_xml
|
130
|
-
end
|
131
|
-
|
132
|
-
def assert_xml_fragmentish(doc)
|
133
|
-
assert_kind_of Nokogiri::XML::DocumentFragment, doc
|
134
|
-
assert_kind_of Loofah::XML::DocumentFragment, doc
|
135
|
-
assert_equal XML_FRAGMENT, doc.children.to_xml
|
136
|
-
end
|
137
|
-
|
138
|
-
end
|
data/test/unit/test_helpers.rb
DELETED
@@ -1,27 +0,0 @@
|
|
1
|
-
require File.expand_path(File.join(File.dirname(__FILE__), '..', 'helper'))
|
2
|
-
|
3
|
-
class TestHelpers < Test::Unit::TestCase
|
4
|
-
|
5
|
-
HTML_STRING = "<div>omgwtfbbq</div>"
|
6
|
-
|
7
|
-
context "#strip_tags" do
|
8
|
-
should "invoke Loofah.fragment.text" do
|
9
|
-
mock_doc = mock
|
10
|
-
Loofah.expects(:fragment).with(HTML_STRING).returns(mock_doc)
|
11
|
-
mock_doc.expects(:text)
|
12
|
-
|
13
|
-
Loofah::Helpers.strip_tags HTML_STRING
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
context "#sanitize" do
|
18
|
-
should "invoke Loofah.scrub_fragment(:strip).to_s" do
|
19
|
-
mock_doc = mock
|
20
|
-
Loofah.expects(:fragment).with(HTML_STRING).returns(mock_doc)
|
21
|
-
mock_doc.expects(:scrub!).with(:strip).returns(mock_doc)
|
22
|
-
mock_doc.expects(:to_s)
|
23
|
-
|
24
|
-
Loofah::Helpers.sanitize HTML_STRING
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|