p3k
/
XRay
mirror of https://github.com/aaronpk/XRay.git
1
0
Fork 0
Code Issues 0 Releases 75 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
319 Commits
2 Branches
46 MiB
Tree: 4c8fc24c1f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4c8fc24c1f'
${ noResults }
XRay/tests/SanitizeTest.php

415 lines
19 KiB
Raw Normal View History

sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
reorganize XRay classes, use p3k-http lib * removes the HTTP classes from this project and uses p3k-http library instead * reorganizes the XRay classes into a psr-4 compatible folder * moves controller autoload into -dev in preparation for turning this into a library (#17)
7 years ago
add tests for validating URL fields * fields that should be URLs will now be omitted if the value was not a URL, such as when the value is `javascript:alert()` * makes Mf2 class slightly more self-contained by duplicating the URL helper functions into it * fixes tests to not cache responses in memcache
8 years ago
sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
fix whitespace handling for br tags in html
6 years ago
sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
sanitize HTML in the entry allow only a basic set of tags, and remove any non-mf2 classes closes #2
8 years ago
sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
allow ul/li/ol
8 years ago
fix whitespace handling for br tags in html
6 years ago
sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
tests for sanitizing and escaping HTML use fork of php-mf2 until https://github.com/indieweb/php-mf2/pull/83 is merged
8 years ago
sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
tests for sanitizing and escaping HTML use fork of php-mf2 until https://github.com/indieweb/php-mf2/pull/83 is merged
8 years ago
sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
sanitize HTML in the entry allow only a basic set of tags, and remove any non-mf2 classes closes #2
8 years ago
restrict matching mf2 classes to only lowercase names see http://microformats.org/wiki/microformats2-parsing-issues#ignore_u-camelCase_properties for background
8 years ago
sanitize HTML in the entry allow only a basic set of tags, and remove any non-mf2 classes closes #2
8 years ago
tests for sanitizing and escaping HTML use fork of php-mf2 until https://github.com/indieweb/php-mf2/pull/83 is merged
8 years ago
Allow iframe from YouTube and Vimeo
4 years ago
add tests for validating URL fields * fields that should be URLs will now be omitted if the value was not a URL, such as when the value is `javascript:alert()` * makes Mf2 class slightly more self-contained by duplicating the URL helper functions into it * fixes tests to not cache responses in memcache
8 years ago
run name/content dedupe before munging HTML fix for #53
6 years ago
adds a bunch of broken tests for #52
6 years ago
run name/content dedupe before munging HTML fix for #53
6 years ago
adds a bunch of broken tests for #52
6 years ago
comment out two tests until open mf2 parser issues are resolved
6 years ago
add failing test for `p-content` containing an `u-photo`
6 years ago
adds a bunch of broken tests for #52
6 years ago
comment out two tests until open mf2 parser issues are resolved
6 years ago
adds a bunch of broken tests for #52
6 years ago
normalize relative URLs in JSONFeed items closes #77
5 years ago
adds a bunch of broken tests for #52
6 years ago
fix whitespace handling for br tags in html
6 years ago
adds a bunch of broken tests for #52
6 years ago
fix whitespace handling for br tags in html
6 years ago
adds a bunch of broken tests for #52
6 years ago
fix whitespace handling for br tags in html
6 years ago
adds a bunch of broken tests for #52
6 years ago
fix checking for empty post content XRay now looks for images inside the HTML and does not consider those empty posts
4 years ago
adds a bunch of broken tests for #52
6 years ago
add simple case of Known markup for #57
6 years ago
if removing the img results in empty content, put the name value back closes #57
6 years ago
put the comment in the right spot
6 years ago
add simple case of Known markup for #57
6 years ago
adds a bunch of broken tests for #52
6 years ago
if removing the img results in empty content, put the name value back closes #57
6 years ago
adds a bunch of broken tests for #52
6 years ago
if removing the img results in empty content, put the name value back closes #57
6 years ago
adds a bunch of broken tests for #52
6 years ago
fix checking for empty post content XRay now looks for images inside the HTML and does not consider those empty posts
4 years ago
adds a bunch of broken tests for #52
6 years ago
fix whitespace handling for br tags in html
6 years ago
adds a bunch of broken tests for #52
6 years ago
fix checking for empty post content XRay now looks for images inside the HTML and does not consider those empty posts
4 years ago
comment out two tests until open mf2 parser issues are resolved
6 years ago
fix checking for empty post content XRay now looks for images inside the HTML and does not consider those empty posts
4 years ago
adds a bunch of broken tests for #52
6 years ago
fix checking for empty post content XRay now looks for images inside the HTML and does not consider those empty posts
4 years ago
adds a bunch of broken tests for #52
6 years ago
fix whitespace handling for br tags in html
6 years ago
sanitize HTML sanitize the HTML returned in the content property. allows a common set of HTML tags. for #2
8 years ago
 
  1. <?php
  2. use Symfony\Component\HttpFoundation\Request;
  3. use Symfony\Component\HttpFoundation\Response;
  4. 

  5. class SanitizeTest extends PHPUnit_Framework_TestCase {
  6. 

  7.   private $http;
  8. 

  9.   public function setUp() {
  10.     $this->client = new Parse();
  11.     $this->client->http = new p3k\HTTP\Test(dirname(__FILE__).'/data/');
  12.     $this->client->mc = null;
  13.   }
  14. 

  15.   private function parse($params) {
  16.     $request = new Request($params);
  17.     $response = new Response();
  18.     return $this->client->parse($request, $response);
  19.   }
  20. 

  21.   public function testAllowsWhitelistedTags() {
  22.     $url = 'http://sanitize.example/entry-with-valid-tags';
  23.     $response = $this->parse(['url' => $url]);
  24. 

  25.     $body = $response->getContent();
  26.     $this->assertEquals(200, $response->getStatusCode());
  27.     $data = json_decode($body, true);
  28.     $html = $data['data']['content']['html'];
  29. 

  30.     $this->assertEquals('entry', $data['data']['type']);
  31.     $this->assertContains('This content has only valid tags.', $html);
  32.     $this->assertContains('<a href="http://sanitize.example/example">links</a>,', $html, '<a> missing');
  33.     $this->assertContains('<abbr>abbreviations</abbr>,', $html, '<abbr> missing');
  34.     $this->assertContains('<b>bold</b>,', $html, '<b> missing');
  35.     $this->assertContains('<code>inline code</code>,', $html, '<code> missing');
  36.     $this->assertContains('<del>delete</del>,', $html, '<del> missing');
  37.     $this->assertContains('<em>emphasis</em>,', $html, '<em> missing');
  38.     $this->assertContains('<i>italics</i>,', $html, '<i> missing');
  39.     $this->assertContains('<img src="http://sanitize.example/example.jpg" alt="images are allowed" />', $html, '<img> missing');
  40.     $this->assertContains('<q>inline quote</q>,', $html, '<q> missing');
  41.     $this->assertContains('<strike>strikethrough</strike>,', $html, '<strike> missing');
  42.     $this->assertContains('<strong>strong text</strong>,', $html, '<strong> missing');
  43.     $this->assertContains('<time datetime="2016-01-01">time elements</time>', $html, '<time> missing');
  44.     $this->assertContains('<blockquote>Blockquote tags are okay</blockquote>', $html);
  45.     $this->assertContains('<pre>preformatted text is okay too', $html, '<pre> missing');
  46.     $this->assertContains('for code examples and such</pre>', $html, '<pre> missing');
  47.     $this->assertContains('<p>Paragraph tags are allowed</p>', $html, '<p> missing');
  48.     $this->assertContains('<h1>One</h1>', $html, '<h1> missing');
  49.     $this->assertContains('<h2>Two</h2>', $html, '<h2> missing');
  50.     $this->assertContains('<h3>Three</h3>', $html, '<h3> missing');
  51.     $this->assertContains('<h4>Four</h4>', $html, '<h4> missing');
  52.     $this->assertContains('<h5>Five</h5>', $html, '<h5> missing');
  53.     $this->assertContains('<h6>Six</h6>', $html, '<h6> missing');
  54.     $this->assertContains('<ul>', $html, '<ul> missing');
  55.     $this->assertContains('<li>One</li>', $html, '<li> missing');
  56.     $this->assertContains('<p>We should allow<br />break<br />tags too</p>', $html, '<br> missing');
  57.   }
  58. 

  59.   public function testRemovesUnsafeTags() {
  60.     $url = 'http://sanitize.example/entry-with-unsafe-tags';
  61.     $response = $this->parse(['url' => $url]);
  62. 

  63.     $body = $response->getContent();
  64.     $this->assertEquals(200, $response->getStatusCode());
  65.     $data = json_decode($body, true);
  66.     $html = $data['data']['content']['html'];
  67.     $text = $data['data']['content']['text'];
  68. 

  69.     $this->assertEquals('entry', $data['data']['type']);
  70.     $this->assertNotContains('<script>', $html);
  71.     $this->assertNotContains('<style>', $html);
  72.     $this->assertNotContains('visiblity', $html); // from the CSS

  73.     $this->assertNotContains('alert', $html); // from the JS

  74.     $this->assertNotContains('visiblity', $text);
  75.     $this->assertNotContains('alert', $text);
  76.   }
  77. 

  78.   public function testAllowsMF2Classes() {
  79.     $url = 'http://sanitize.example/entry-with-mf2-classes';
  80.     $response = $this->parse(['url' => $url]);
  81. 

  82.     $body = $response->getContent();
  83.     $this->assertEquals(200, $response->getStatusCode());
  84.     $data = json_decode($body, true);
  85.     $html = $data['data']['content']['html'];
  86. 

  87.     $this->assertEquals('entry', $data['data']['type']);
  88.     $this->assertContains('<h2 class="p-name">Hello World</h2>', $html);
  89.     $this->assertContains('<h3>Utility Class</h3>', $html);
  90.   }
  91. 

  92.   public function testEscapingHTMLTagsInText() {
  93.     $url = 'http://sanitize.example/html-escaping-in-text';
  94.     $response = $this->parse(['url' => $url]);
  95. 

  96.     $body = $response->getContent();
  97.     $this->assertEquals(200, $response->getStatusCode());
  98.     $data = json_decode($body, true);
  99. 

  100.     $this->assertEquals('entry', $data['data']['type']);
  101.     $this->assertEquals('This content has some HTML escaped entities such as & ampersand, " quote, escaped <code> HTML tags, an ümlaut, an @at sign.', $data['data']['content']['text']);
  102.   }
  103. 

  104.   public function testEscapingHTMLTagsInHTML() {
  105.     $url = 'http://sanitize.example/html-escaping-in-html';
  106.     $response = $this->parse(['url' => $url]);
  107. 

  108.     $body = $response->getContent();
  109.     $this->assertEquals(200, $response->getStatusCode());
  110.     $data = json_decode($body, true);
  111. 

  112.     $this->assertEquals('entry', $data['data']['type']);
  113.     $this->assertArrayNotHasKey('name', $data['data']);
  114.     $this->assertEquals('This content has some HTML escaped entities such as & ampersand, " quote, escaped <code> HTML tags, an ümlaut, an @at sign.', $data['data']['content']['text']);
  115.     $this->assertEquals('This content has some <i>HTML escaped</i> entities such as &amp; ampersand, " quote, escaped &lt;code&gt; HTML tags, an ümlaut, an @at sign.', $data['data']['content']['html']);
  116.   }
  117. 

  118.   public function testAllowIframeVideo()  {
  119.     $url = 'http://sanitize.example/entry-with-iframe-video';
  120.     $response = $this->parse(['url' => $url]);
  121.     $body = $response->getContent();
  122.     $data = json_decode($body, true);
  123.     $html = $data['data']['content']['html'];
  124.     $this->assertNotContains('<iframe>', $html);
  125. 

  126.     $response = $this->parse(['url' => $url, 'allow-iframe-video' => 'true']);
  127.     $body = $response->getContent();
  128.     $data = json_decode($body, true);
  129.     $html = $data['data']['content']['html'];
  130.     file_put_contents('html', $html);
  131.     $this->assertContains('youtube.com', $html);
  132.     $this->assertNotContains('https://attack-domain.com', $html);
  133.     $this->assertNotContains('<iframe width="580" height="345"', $html);
  134.   }
  135. 

  136.   public function testSanitizeJavascriptURLs() {
  137.     $url = 'http://sanitize.example/h-entry-with-javascript-urls';
  138.     $response = $this->parse(['url' => $url]);
  139. 

  140.     $body = $response->getContent();
  141.     $this->assertEquals(200, $response->getStatusCode());
  142.     $data = json_decode($body, true);
  143. 

  144.     $this->assertEquals('entry', $data['data']['type']);
  145.     $this->assertEquals('', $data['data']['author']['url']);
  146.     $this->assertArrayNotHasKey('url', $data['data']);
  147.     $this->assertArrayNotHasKey('photo', $data['data']);
  148.     $this->assertArrayNotHasKey('audio', $data['data']);
  149.     $this->assertArrayNotHasKey('video', $data['data']);
  150.     $this->assertArrayNotHasKey('syndication', $data['data']);
  151.     $this->assertArrayNotHasKey('in-reply-to', $data['data']);
  152.     $this->assertArrayNotHasKey('like-of', $data['data']);
  153.     $this->assertArrayNotHasKey('repost-of', $data['data']);
  154.     $this->assertArrayNotHasKey('bookmark-of', $data['data']);
  155.     $this->assertEquals('Author', $data['data']['author']['name']);
  156.     $this->assertEquals('', $data['data']['author']['photo']);
  157.   }
  158. 

  159.   public function testSanitizeEmailAuthorURL() {
  160.     $url = 'http://sanitize.example/h-entry-with-email-author';
  161.     $response = $this->parse(['url' => $url]);
  162. 

  163.     $body = $response->getContent();
  164.     $this->assertEquals(200, $response->getStatusCode());
  165.     $data = json_decode($body);
  166. 

  167.     $this->assertEquals('entry', $data->data->type);
  168.     $this->assertEquals('', $data->data->author->url);
  169.     $this->assertEquals('Author', $data->data->author->name);
  170.     $this->assertEquals('http://sanitize.example/photo.jpg', $data->data->author->photo);
  171.   }
  172. 

  173.   public function testPhotoInContentNoAlt() {
  174.     // https://github.com/aaronpk/XRay/issues/52

  175. 

  176.     $url = 'http://sanitize.example/photo-in-content';
  177.     $response = $this->parse(['url' => $url]);
  178. 

  179.     $body = $response->getContent();
  180.     $this->assertEquals(200, $response->getStatusCode());
  181.     $data = json_decode($body);
  182. 

  183.     $this->assertObjectNotHasAttribute('name', $data->data);
  184.     $this->assertEquals('http://target.example.com/photo.jpg', $data->data->photo[0]);
  185.     $this->assertEquals('This is a photo post with an img tag inside the content.', $data->data->content->text);
  186.     $this->assertEquals('This is a photo post with an <code>img</code> tag inside the content.', $data->data->content->html);
  187.   }
  188. 

  189.   /*
  190.   // Commented out until #56 is resolved

  191.   // https://github.com/aaronpk/XRay/issues/56

  192.   public function testPhotoInTextContentNoAlt() {
  193.     $url = 'http://sanitize.example/photo-in-text-content';
  194.     $response = $this->parse(['url' => $url]);
  195. 

  196.     $body = $response->getContent();
  197.     $this->assertEquals(200, $response->getStatusCode());
  198.     $data = json_decode($body);
  199. 

  200.     $this->assertObjectNotHasAttribute('name', $data->data);
  201.     $this->assertEquals('http://target.example.com/photo.jpg', $data->data->photo[0]);
  202.     $this->assertEquals('This is a photo post with an img tag inside the content.', $data->data->content->text);
  203.     $this->assertEquals('This is a photo post with an <code>img</code> tag inside the content.', $data->data->content->html);
  204.   }
  205.   */
  206. 

  207.   public function testRelativePhotoInContent() {
  208.     $url = 'http://sanitize.example/photo-in-content-relative';
  209.     $response = $this->parse(['url' => $url]);
  210. 

  211.     $body = $response->getContent();
  212.     $this->assertEquals(200, $response->getStatusCode());
  213.     $data = json_decode($body);
  214. 

  215.     $this->assertContains('http://sanitize.example/photo1.jpg', $data->data->content->html);
  216.   }
  217. 

  218.   public function testRelativePhotoProperty() {
  219.     $url = 'http://sanitize.example/photo-relative';
  220.     $response = $this->parse(['url' => $url]);
  221. 

  222.     $body = $response->getContent();
  223.     $this->assertEquals(200, $response->getStatusCode());
  224.     $data = json_decode($body);
  225. 

  226.     $this->assertEquals('http://sanitize.example/photo.jpg', $data->data->photo[0]);
  227.   }
  228. 

  229.   public function testPhotoInContentEmptyAltAttribute() {
  230.     // https://github.com/aaronpk/XRay/issues/52

  231. 

  232.     $url = 'http://sanitize.example/photo-in-content-empty-alt';
  233.     $response = $this->parse(['url' => $url]);
  234. 

  235.     $body = $response->getContent();
  236.     $this->assertEquals(200, $response->getStatusCode());
  237.     $data = json_decode($body);
  238. 

  239.     $this->assertObjectNotHasAttribute('name', $data->data);
  240.     $this->assertEquals('http://target.example.com/photo.jpg', $data->data->photo[0]);
  241.     $this->assertEquals('This is a photo post with an img tag inside the content.', $data->data->content->text);
  242.     $this->assertEquals('This is a photo post with an <code>img</code> tag inside the content.', $data->data->content->html);
  243.   }
  244. 

  245.   public function testPhotoInContentWithAlt() {
  246.     // https://github.com/aaronpk/XRay/issues/52

  247. 

  248.     $url = 'http://sanitize.example/photo-in-content-with-alt';
  249.     $response = $this->parse(['url' => $url]);
  250. 

  251.     $body = $response->getContent();
  252.     $this->assertEquals(200, $response->getStatusCode());
  253.     $data = json_decode($body);
  254. 

  255.     $this->assertObjectNotHasAttribute('name', $data->data);
  256.     $this->assertEquals('http://target.example.com/photo.jpg', $data->data->photo[0]);
  257.     $this->assertEquals('This is a photo post with an img tag inside the content.', $data->data->content->text);
  258.     $this->assertEquals('This is a photo post with an <code>img</code> tag inside the content.', $data->data->content->html);
  259.   }
  260. 

  261.   public function testPhotoInContentWithNameAndNoText() {
  262.     $url = 'http://sanitize.example/cleverdevil';
  263.     $response = $this->parse(['url' => $url]);
  264. 

  265.     $body = $response->getContent();
  266.     $this->assertEquals(200, $response->getStatusCode());
  267.     $data = json_decode($body);
  268. 

  269.     $this->assertObjectHasAttribute('name', $data->data);
  270.     $this->assertEquals('Oh, how well they know me! 🥃', $data->data->name);
  271.     $this->assertObjectNotHasAttribute('content', $data->data);
  272.     $this->assertEquals('https://cleverdevil.io/file/5bf2fa91c3d4c592f9978200923cb56e/thumb.jpg', $data->data->photo[0]);
  273.   }
  274. 

  275.   public function testPhotoWithDupeNameAndAlt1() {
  276.     // https://github.com/aaronpk/XRay/issues/57

  277.     $url = 'http://sanitize.example/photo-with-dupe-name-alt';
  278.     $response = $this->parse(['url' => $url]);
  279. 

  280.     $body = $response->getContent();
  281.     $this->assertEquals(200, $response->getStatusCode());
  282.     $data = json_decode($body);
  283. 

  284.     $this->assertObjectHasAttribute('name', $data->data);
  285.     $this->assertEquals('Photo caption', $data->data->name);
  286.     $this->assertObjectNotHasAttribute('content', $data->data);
  287.     $this->assertEquals('http://sanitize.example/photo.jpg', $data->data->photo[0]);
  288.   }
  289. 

  290.   public function testPhotoWithDupeNameAndAlt2() {
  291.     // This is simliar to adactio's markup

  292.     // https://adactio.com/notes/13301

  293.     $url = 'http://sanitize.example/photo-with-dupe-name-alt-2';
  294.     $response = $this->parse(['url' => $url]);
  295. 

  296.     $body = $response->getContent();
  297.     $this->assertEquals(200, $response->getStatusCode());
  298.     $data = json_decode($body);
  299. 

  300.     $this->assertObjectHasAttribute('content', $data->data);
  301.     $this->assertEquals('Photo caption', $data->data->content->text);
  302.     $this->assertObjectNotHasAttribute('name', $data->data);
  303.     $this->assertEquals('http://sanitize.example/photo.jpg', $data->data->photo[0]);
  304.   }
  305. 

  306.   public function testPhotoInContentWithNoText() {
  307.     $url = 'http://sanitize.example/photo-in-content-with-alt-no-text';
  308.     $response = $this->parse(['url' => $url]);
  309. 

  310.     $body = $response->getContent();
  311.     $this->assertEquals(200, $response->getStatusCode());
  312.     $data = json_decode($body, true);
  313. 

  314.     $this->assertEquals('<p><img src="http://sanitize.example/photo.jpg" alt="test" /></p>', $data['data']['content']['html']);
  315.     $this->assertEquals('', $data['data']['content']['text']);
  316.   }
  317. 

  318.   public function testPhotoInContentWithPNoAlt() {
  319.     $url = 'http://sanitize.example/photo-in-content-with-p-no-alt';
  320.     $response = $this->parse(['url' => $url]);
  321. 

  322.     $body = $response->getContent();
  323.     $this->assertEquals(200, $response->getStatusCode());
  324.     $data = json_decode($body, true);
  325. 

  326.     $this->assertEquals('<p><img src="http://sanitize.example/photo.jpg" alt="photo.jpg" /></p>', $data['data']['content']['html']);
  327.     $this->assertEquals('', $data['data']['content']['text']);
  328.   }
  329. 

  330.   public function testPhotoInContentNoPWithURLPhoto() {
  331.     $url = 'http://sanitize.example/photo-in-content-no-p-with-url-photo';
  332.     $response = $this->parse(['url' => $url]);
  333. 

  334.     $body = $response->getContent();
  335.     $this->assertEquals(200, $response->getStatusCode());
  336.     $data = json_decode($body, true);
  337. 

  338.     $this->assertEquals('<img src="http://sanitize.example/photo.jpg" alt="test" />', $data['data']['content']['html']);
  339.     $this->assertEquals('', $data['data']['content']['text']);
  340.   }
  341. 

  342.   public function testPhotoInContentNoPWithAlt() {
  343.     // This h-entry has no u-url so has an implied u-photo. we don't actually care what happens with it because

  344.     // this should never happen in the wild

  345.     $url = 'http://sanitize.example/photo-in-content-no-p-with-alt';
  346.     $response = $this->parse(['url' => $url]);
  347. 

  348.     $body = $response->getContent();
  349.     $this->assertEquals(200, $response->getStatusCode());
  350.     $data = json_decode($body, true);
  351.   }
  352. 

  353.   /*
  354.   // TODO: add support for embedded video and audio tags in html content

  355.   public function testContentIsOnlyVideo() {
  356.     $url = 'http://sanitize.example/content-is-only-video';
  357.     $response = $this->parse(['url' => $url]);
  358. 

  359.     $body = $response->getContent();
  360.     $this->assertEquals(200, $response->getStatusCode());
  361.     $data = json_decode($body, true);
  362. 

  363.     print_r($data);
  364.   }
  365.   */
  366. 

  367.   public function testPhotosWithAlt() {
  368.     // https://github.com/microformats/microformats2-parsing/issues/16

  369. 

  370.     $url = 'http://sanitize.example/photos-with-alt';
  371.     $response = $this->parse(['url' => $url]);
  372. 

  373.     $body = $response->getContent();
  374.     $this->assertEquals(200, $response->getStatusCode());
  375.     $data = json_decode($body);
  376. 

  377.     $this->assertEquals('🌆 Made it to the first #NPSF #earlygang of the year, did in-betweeners abs, and 6:30 workout with a brutal burnout that was really its own workout. But wow pretty sunrise. Plus 50+ deg F? I’ll take it. #100PDPD'."\n\n".'#justshowup #darknesstodawn #wakeupthesun #fromwhereirun #NovemberProject #sunrise #latergram #nofilter', $data->data->content->text);
  378.     $this->assertObjectNotHasAttribute('name', $data->data);
  379.     $this->assertEquals('https://igx.4sqi.net/img/general/original/476_g7yruXflacsGr7PyVmECefyTBMB_R99zmPQxW7pftzA.jpg', $data->data->photo[0]);
  380.     $this->assertEquals('https://igx.4sqi.net/img/general/original/476_zM3UgU9JHNhom907Ac_1WCEcUhGOJZaNWGlRmev86YA.jpg', $data->data->photo[1]);
  381.   }
  382. 

  383.   // Ignoring this issue for now. This should not happen in the wild.

  384.   // https://github.com/aaronpk/XRay/issues/55

  385.   // Skipping the implied photo check because in the wild, h-entrys should not exist withou a u-url, which stops implied parsing.

  386.   public function testEntryWithImgNoImpliedPhoto() {
  387.     // See https://github.com/microformats/microformats2-parsing/issues/6#issuecomment-357286985

  388.     // and https://github.com/aaronpk/XRay/issues/52#issuecomment-357269683

  389.     // and https://github.com/microformats/microformats2-parsing/issues/16

  390.     $url = 'http://sanitize.example/entry-with-img-no-implied-photo';
  391.     $response = $this->parse(['url' => $url]);
  392. 

  393.     $body = $response->getContent();
  394.     $this->assertEquals(200, $response->getStatusCode());
  395.     $data = json_decode($body);
  396. 

  397.     $this->assertObjectNotHasAttribute('photo', $data->data);
  398.     $this->assertObjectNotHasAttribute('name', $data->data);
  399.     $this->assertEquals('This is a photo post with an img tag inside the content, which does not have a u-photo class so should not be removed.', $data->data->content->text);
  400.     $this->assertEquals('This is a photo post with an <code>img</code> tag inside the content, which does not have a u-photo class so should not be removed. <img src="http://target.example.com/photo.jpg" alt="a photo" />', $data->data->content->html);
  401.   }
  402. 

  403.   public function testWhitespaceWithBreakTags() {
  404.     $url = 'http://sanitize.example/entry-with-br-tags';
  405.     $response = $this->parse(['url' => $url]);
  406. 

  407.     $body = $response->getContent();
  408.     $this->assertEquals(200, $response->getStatusCode());
  409.     $data = json_decode($body);
  410. 

  411.     $this->assertEquals('This content has two break tags to indicate a paragraph break.<br /><br />This is how tantek\'s autolinker works.', $data->data->content->html);
  412.     $this->assertEquals("This content has two break tags to indicate a paragraph break.\n\nThis is how tantek's autolinker works.", $data->data->content->text);
  413.   }
  414. 

  415. }