client = new Parse(); $this->client->http = new p3k\HTTP\Test(dirname(__FILE__).'/data/'); $this->client->mc = null; } private function parse($params) { $request = new Request($params); $response = new Response(); return $this->client->parse($request, $response); } public function testAllowsWhitelistedTags() { $url = 'http://sanitize.example/entry-with-valid-tags'; $response = $this->parse(['url' => $url]); $body = $response->getContent(); $this->assertEquals(200, $response->getStatusCode()); $data = json_decode($body, true); $html = $data['data']['content']['html']; $this->assertEquals('entry', $data['data']['type']); $this->assertStringContainsString('This content has only valid tags.', $html); $this->assertStringContainsString('links,', $html, ' missing'); $this->assertStringContainsString('abbreviations,', $html, ' missing'); $this->assertStringContainsString('bold,', $html, ' missing'); $this->assertStringContainsString('inline code,', $html, 'missing'); $this->assertStringContainsString('delete,', $html, ' missing'); $this->assertStringContainsString('emphasis,', $html, ' missing'); $this->assertStringContainsString('italics,', $html, ' missing'); $this->assertStringContainsString('', $html, ' missing'); $this->assertStringContainsString('inline quote,', $html, ' missing'); $this->assertStringContainsString('strikethrough,', $html, ' missing'); $this->assertStringContainsString('strong text,', $html, ' missing'); $this->assertStringContainsString('time elements', $html, ' missing'); $this->assertStringContainsString('Blockquote tags are okay', $html); $this->assertStringContainsString('preformatted text is okay too', $html, ' missing'); $this->assertStringContainsString('for code examples and such ', $html, ' missing'); $this->assertStringContainsString('Paragraph tags are allowed ', $html, ' missing'); $this->assertStringContainsString(' One ', $html, ' missing'); $this->assertStringContainsString(' Two ', $html, ' missing'); $this->assertStringContainsString(' Three ', $html, ' missing'); $this->assertStringContainsString(' Four ', $html, ' missing'); $this->assertStringContainsString(' Five ', $html, ' missing'); $this->assertStringContainsString(' Six ', $html, ' missing'); $this->assertStringContainsString('', $html, ' missing'); $this->assertStringContainsString('One ', $html, ' missing'); $this->assertStringContainsString('We should allow break tags too ', $html, ' missing'); } public function testRemovesUnsafeTags() { $url = 'http://sanitize.example/entry-with-unsafe-tags'; $response = $this->parse(['url' => $url]); $body = $response->getContent(); $this->assertEquals(200, $response->getStatusCode()); $data = json_decode($body, true); $html = $data['data']['content']['html']; $text = $data['data']['content']['text']; $this->assertEquals('entry', $data['data']['type']); $this->assertStringNotContainsString('