Foobar 'i'
and 'div' not closed"]
+ aa_true [ns_quotehtml $result] {$result eq "Foobar 'i' and 'div' not closed
"}
+
+ #
+ # wrong nesting of tags and unclosed tags
+ #
+ set text {1 2 3 4 5 6}
+ set result [util_close_html_tags $text]
+ aa_log "Input:
[ns_quotehtml $text]
"
+ aa_log "Result:
[ns_quotehtml $result]
"
+ if {[::acs::icanuse "ns_parsehtml"]} {
+ aa_true "tags are closed:" {[string range $result end-14 end] eq "
spaces} $result]
+ aa_false "Now html='$result'" [regexp {inter
spaces} $result]
- #convert more than 2 breaks
+ # convert more than 2 breaks
set html "\r\n inter\r\n\r\n\r\nbreaks \r\n"
- aa_log "html= \"$html\" - Contains more than 2 breaks"
+ aa_log "html= '$html' - Contains more than 2 breaks"
set result [util_convert_line_breaks_to_html $html]
- aa_false "Now html=\"$result\"" [regexp {inter\n\n\nspaces} $result]
+ aa_false "Now html='$result'" [regexp {inter\n\n\nspaces} $result]
+
+ # do not trim spaces before and after some tags
+ set html "We could use a
instead than a
layout\r\nfor the list for example."
+ aa_log "html= '[ns_quotehtml $html]' - Contains more than 2 breaks"
+ set result [util_convert_line_breaks_to_html $html]
+ aa_true "Now html='[ns_quotehtml $result]'" [regexp {a layout} $result]
+
+ # do not add
inside
+ set text "text begin\r\n\nline1\nline2\n
text\nend\n"
+ aa_log "Input: [ns_quotehtml $text]
"
+ set result [util_convert_line_breaks_to_html -contains_pre $text]
+ aa_log "result is [ns_quotehtml $result]
"
+ set nrBr [regsub -all
$result
.]
+ aa_true "text contains some [ns_quotehtml
] tags" {$nrBr > 0}
+
+ if {[::acs::icanuse "ns_parsehtml"]} {
+ aa_true "text contains $nrBr [ns_quotehtml
] tags" {$nrBr == 2}
+ }
+
+
}
@@ -312,10 +420,10 @@
util_remove_html_tags {
Test if it remove all between tags
} {
- set html "some text to probe if it
remove all between \"<\" and \">\"
"
+ set html "some text to probe if it
remove all between '<' and '>'
"
set result [util_remove_html_tags $html]
- aa_equals "Without all between \"<\" and \">\" html=\"$result\""\
- "some text to probe if it remove all between \"\"" $result
+ aa_equals "Without all between '<' and '>' html='$result'"\
+ "some text to probe if it remove all between ''" $result
}
aa_register_case \
@@ -332,9 +440,9 @@
set result [ad_parse_html_attributes $html $pos]
aa_equals "Attributes - $result" $result {foo bar}
- # One Attribute with value and one whitout value
+ # One attribute with value and one without value
set html ""
- aa_log "A tag with one Attribute with value and one whitout value - $html"
+ aa_log "A tag with one attribute with value and one without value - $html"
set result [ad_parse_html_attributes $html $pos]
aa_equals "Attributes - $result" $result {{foo bar} tob}
@@ -477,6 +585,45 @@
}
aa_register_case \
+ -cats {api smoke} \
+ -procs {
+ ad_text_to_html
+ util_convert_line_breaks_to_html
+ } \
+ ad_text_to_html {
+ Test rendering of a more or less standard HTML text
+} {
+ set text {We could use a instead than a
layout » for the list for example.»}
+ set result [ad_text_to_html -no_quote -includes_html -- $text]
+ aa_log "Input:\n[ns_quotehtml $text]"
+ aa_log "Result:\n[ns_quotehtml $result]"
+ if {[::acs::icanuse "ns_parsehtml"]} {
+ aa_true "text contains sample code" [string match ** $result]
+ }
+ aa_true "gullimet » preserved" [string match *»* $result]
+
+ #
+ # This calls util_convert_line_breaks_to_html as well, but
+ # strangely when this is called with -includes_html" it removes
+ # newlines around although "pre" is not included in the
+ # regular expression.
+ #
+ set text "text begin\n\nline1\nline2\n
text\nend\n"
+ aa_log "Input: [ns_quotehtml $text]
"
+ set result [ad_text_to_html -includes_html -no_quote $text]
+ aa_log "result is [ns_quotehtml $result]
"
+ set nrBr [regsub -all
$result
.]
+ aa_true "text contains [ns_quotehtml
] tags" {$nrBr > 0}
+
+ if {[::acs::icanuse "ns_parsehtml"]} {
+ aa_true "text contains $nrBr [ns_quotehtml
] tags" {$nrBr == 1}
+ }
+ #aa_equals "new: $html _version should be the same" $html_version $string_with_img
+
+}
+
+
+aa_register_case \
-cats {api} \
-bugs 1450 \
-procs {ad_enhanced_text_to_html} \
@@ -490,7 +637,7 @@
aa_log "Original string is $string_with_img"
set html_version [ad_enhanced_text_to_html $string_with_img]
aa_equals "new: $html_version should be the same" $html_version $string_with_img
-}
+ }
aa_register_case \
-cats {api smoke} \
@@ -515,7 +662,7 @@
# Test offending post sent by Dave Bauer
set offending_post {
-I have a dynamically assigned ip address, so I use dyndns.org to
+I have a dynamically assigned IP address, so I use dyndns.org to
change
addresses for my acs server.
Mail is sent to any yahoo address fine. Mail sent to aol fails. I am
|
|
,
+ This is a text with a regular image 
,
and an embedded image 
.
@@ -88,39 +100,112 @@
# make sure the desired text is in there and _before_ the
# footnotes
- aa_true "contains link" [regexp {linktext.*\[1\]} $result]
- aa_true "contains following text" [regexp {following text.*\[1\]} $result]
+ aa_false "contains link" [regexp {linktext.*\[1\]} $result]
+ aa_false "contains following text" [regexp {following text.*\[1\]} $result]
}
}
aa_register_case \
-cats {api smoke} \
- -procs {ad_html_security_check} \
+ -procs {
+ ad_html_security_check
+
+ ad_parse_html_attributes_upvar
+ } \
ad_html_security_check_href_allowed {
- tests is href attribute is allowed of A tags
+ Tests is href attribute is allowed
} {
- set html "An Link"
- aa_equals "href is allowed for A tags" [ad_html_security_check $html] ""
+ set html "An Link"
+ aa_equals "href with http:// is allowed for 'a' tags" [ad_html_security_check $html] ""
+ set html "An Link"
+ aa_equals "href with https:// is allowed for 'a' tags" [ad_html_security_check $html] ""
}
aa_register_case \
-cats {api smoke} \
+ -procs {
+ ad_html_security_check
+
+ ad_parse_html_attributes_upvar
+ } \
+ ad_html_security_check_forbidden_protolcols {
+ Tests is href contains allowed protocols
+} {
+ set html {An Link}
+ aa_true "protocol 'foo' is not allowed" {[ad_html_security_check $html] ne ""}
+ set html {An Link}
+ aa_true "protocol 'javascript' is not allowed" {[ad_html_security_check $html] ne ""}
+ set html {An Link}
+ aa_true "protocol 'javascript' is not allowed" {[ad_html_security_check $html] ne ""}
+ set html {An Link}
+ aa_true "protocol 'data' is not allowed" {[ad_html_security_check $html] ne ""}
+ set html {An Link}
+ aa_true "protocol 'blob' is not allowed" {[ad_html_security_check $html] ne ""}
+ set html "An Link"
+ aa_true "protocol 'blob' is not allowed" {[ad_html_security_check $html] ne ""}
+}
+
+aa_register_case \
+ -cats {api smoke} \
+ -procs {
+ ad_html_security_check
+ } \
+ ad_html_security_check_forbidden_tags {
+ tests is text contains allowed tags
+} {
+ set html "hello An Link world."
+ aa_true "Tag a is not allowed - empty tag list" {[ad_html_security_check -allowed_tags "" $html] ne {}}
+
+ set html "hello An Link world."
+ aa_true "Tag a is not allowed - nonempty tag list" {[ad_html_security_check -allowed_tags "b h1" $html] ne {}}
+
+ set html "hello An Link world."
+ aa_equals "Tag 'a' is allowed" [ad_html_security_check -allowed_tags "a b h1" $html] ""
+}
+
+
+aa_register_case \
+ -cats {api smoke} \
-procs {util_close_html_tags} \
util_close_html_tags {
Tests closing HTML tags.
} {
aa_equals "" [util_close_html_tags "Foobar"] "Foobar"
aa_equals "" [util_close_html_tags "Foobar"] "Foobar"
- aa_equals "" [util_close_html_tags "Foobar is a very long word"] "Foobar is a very long word"
- aa_equals "" [util_close_html_tags "Foobar is a very long word" 15] "Foobar is a"
- aa_equals "" [util_close_html_tags "Foobar is a very long word" 0 20 "..."] "Foobar is a very..."
+ aa_equals "" [util_close_html_tags "Foobar is a very long word"] \
+ "Foobar is a very long word"
+ aa_equals "" [util_close_html_tags "Foobar is a very long word" 15] \
+ "Foobar is a"
+ aa_equals "" [util_close_html_tags "Foobar is a very long word" 0 20 "..."] \
+ "Foobar is a very..."
+ set result [util_close_html_tags "