123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 |
- <?php
- require_once 'application/Url.php';
- use Shaarli\Config\ConfigManager;
- /**
- * Class WhitelistProtocolsTest
- *
- * Test whitelist_protocols() function of Url.
- */
- class WhitelistProtocolsTest extends PHPUnit_Framework_TestCase
- {
- /**
- * Test whitelist_protocols() on a note (relative URL).
- */
- public function testWhitelistProtocolsRelative()
- {
- $whitelist = ['ftp', 'magnet'];
- $url = '?12443564';
- $this->assertEquals($url, whitelist_protocols($url, $whitelist));
- $url = '/path.jpg';
- $this->assertEquals($url, whitelist_protocols($url, $whitelist));
- }
- /**
- * Test whitelist_protocols() on a note (relative URL).
- */
- public function testWhitelistProtocolMissing()
- {
- $whitelist = ['ftp', 'magnet'];
- $url = 'test.tld/path/?query=value#hash';
- $this->assertEquals('http://'. $url, whitelist_protocols($url, $whitelist));
- }
- /**
- * Test whitelist_protocols() with allowed protocols.
- */
- public function testWhitelistAllowedProtocol()
- {
- $whitelist = ['ftp', 'magnet'];
- $url = 'http://test.tld/path/?query=value#hash';
- $this->assertEquals($url, whitelist_protocols($url, $whitelist));
- $url = 'https://test.tld/path/?query=value#hash';
- $this->assertEquals($url, whitelist_protocols($url, $whitelist));
- $url = 'ftp://test.tld/path/?query=value#hash';
- $this->assertEquals($url, whitelist_protocols($url, $whitelist));
- $url = 'magnet:test.tld/path/?query=value#hash';
- $this->assertEquals($url, whitelist_protocols($url, $whitelist));
- }
- /**
- * Test whitelist_protocols() with allowed protocols.
- */
- public function testWhitelistDisallowedProtocol()
- {
- $whitelist = ['ftp', 'magnet'];
- $url = 'javascript:alert("xss");';
- $this->assertEquals('http://alert("xss");', whitelist_protocols($url, $whitelist));
- $url = 'other://test.tld/path/?query=value#hash';
- $this->assertEquals('http://test.tld/path/?query=value#hash', whitelist_protocols($url, $whitelist));
- }
- }
|