*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Tests\HtmlSanitizer;
use HtmlSanitizer\Sanitizer;
use HtmlSanitizer\SanitizerInterface;
class FullSanitizerTest extends AbstractSanitizerTest
{
public function createSanitizer(): SanitizerInterface
{
return Sanitizer::create([
'extensions' => ['basic', 'code', 'details', 'image', 'list', 'table', 'iframe', 'extra'],
'tags' => [
'abbr' => [
'allowed_attributes' => ['data-attr'],
],
'a' => [
'allowed_attributes' => ['href', 'title', 'data-attr'],
'allowed_hosts' => ['trusted.com', 'external.com'],
'allow_mailto' => true,
'force_https' => false,
'rel' => 'noopener',
],
'blockquote' => [
'allowed_attributes' => ['data-attr'],
],
'br' => [
'allowed_attributes' => ['data-attr'],
],
'caption' => [
'allowed_attributes' => ['data-attr'],
],
'code' => [
'allowed_attributes' => ['data-attr'],
],
'dd' => [
'allowed_attributes' => ['data-attr'],
],
'del' => [
'allowed_attributes' => ['data-attr'],
],
'details' => [
'allowed_attributes' => ['open', 'data-attr'],
],
'div' => [
'allowed_attributes' => ['data-attr'],
],
'dl' => [
'allowed_attributes' => ['data-attr'],
],
'dt' => [
'allowed_attributes' => ['data-attr'],
],
'em' => [
'allowed_attributes' => ['data-attr'],
],
'figcaption' => [
'allowed_attributes' => ['data-attr'],
],
'figure' => [
'allowed_attributes' => ['data-attr'],
],
'h1' => [
'allowed_attributes' => ['data-attr'],
],
'h2' => [
'allowed_attributes' => ['data-attr'],
],
'h3' => [
'allowed_attributes' => ['data-attr'],
],
'h4' => [
'allowed_attributes' => ['data-attr'],
],
'h5' => [
'allowed_attributes' => ['data-attr'],
],
'h6' => [
'allowed_attributes' => ['data-attr'],
],
'hr' => [
'allowed_attributes' => ['data-attr'],
],
'iframe' => [
'allowed_attributes' => ['src', 'width', 'height', 'frameborder', 'title', 'allow', 'allowfullscreen', 'data-attr'],
'allowed_hosts' => ['trusted.com'],
'force_https' => true,
],
'img' => [
'allowed_attributes' => ['src', 'alt', 'title', 'data-attr'],
'allowed_hosts' => ['trusted.com'],
'allow_data_uri' => false,
'force_https' => true,
],
'i' => [
'allowed_attributes' => ['data-attr'],
],
'li' => [
'allowed_attributes' => ['data-attr'],
],
'mark' => [
'allowed_attributes' => ['data-attr'],
],
'ol' => [
'allowed_attributes' => ['data-attr'],
],
'pre' => [
'allowed_attributes' => ['data-attr'],
],
'p' => [
'allowed_attributes' => ['data-attr'],
],
'q' => [
'allowed_attributes' => ['data-attr'],
],
'rp' => [
'allowed_attributes' => ['data-attr'],
],
'rt' => [
'allowed_attributes' => ['data-attr'],
],
'ruby' => [
'allowed_attributes' => ['data-attr'],
],
'small' => [
'allowed_attributes' => ['data-attr'],
],
'span' => [
'allowed_attributes' => ['data-attr'],
],
'strong' => [
'allowed_attributes' => ['data-attr'],
],
'sub' => [
'allowed_attributes' => ['data-attr'],
],
'summary' => [
'allowed_attributes' => ['data-attr'],
],
'sup' => [
'allowed_attributes' => ['data-attr'],
],
'table' => [
'allowed_attributes' => ['data-attr'],
],
'tbody' => [
'allowed_attributes' => ['data-attr'],
],
'td' => [
'allowed_attributes' => ['data-attr'],
],
'tfoot' => [
'allowed_attributes' => ['data-attr'],
],
'thead' => [
'allowed_attributes' => ['data-attr'],
],
'th' => [
'allowed_attributes' => ['data-attr'],
],
'time' => [
'allowed_attributes' => ['data-attr', 'datetime'],
],
'tr' => [
'allowed_attributes' => ['data-attr'],
],
'u' => [
'allowed_attributes' => ['data-attr'],
],
'ul' => [
'allowed_attributes' => ['data-attr'],
],
],
]);
}
public function provideFixtures(): array
{
return array_merge(parent::provideFixtures(), [
/*
* Normal tags
*/
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
dolor sit amet
consectetur adipisicing.',
'Lorem ipsum
dolor sit amet
consectetur adipisicing.',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum ',
'Lorem ipsum ',
],
[
'Lorem ipsum ',
'Lorem ipsum ',
],
[
'Lorem ipsum ',
'Lorem ipsum ',
],
[
'Lorem ipsum dolor sit amet, consectetur adipisicing elit.
',
'Lorem ipsum dolor sit amet, consectetur adipisicing elit.
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'
',
'
',
],
[
'',
'',
],
[
'',
'',
],
[
'',
'',
],
[
'',
'',
],
[
'
',
'![Image alternative text]( "Image title")
',
],
[
'
',
'
',
],
[
'
',
'![Image alternative text]( "Image title")
',
],
[
'![]()
',
'![]()
',
],
[
'![]()
',
'![]()
',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'',
'',
],
[
'',
'',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'',
'',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'',
'',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum | ',
'Lorem ipsum | ',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum | ',
'Lorem ipsum | ',
],
[
'Lorem ipsum
',
'Lorem ipsum
',
],
[
'',
'',
],
/*
* Links
*/
[
'Test',
'Test',
],
[
'Test',
'Test',
],
[
'Test',
'Test',
],
[
'Test',
'Test',
],
[
'Test',
'Test',
],
[
'Test',
'Test',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
[
'Lorem ipsum',
'Lorem ipsum',
],
// Inspired by https://twitter.com/brutelogic/status/1066333383276593152?s=19
[
'">