|
|
jforum example source code file (SafeHtmlTest.java)
This example jforum source code file (SafeHtmlTest.java) is included in the DevDaily.com
"Java Source Code
Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.
The jforum SafeHtmlTest.java source code
package net.jforum.util;
import junit.framework.TestCase;
import net.jforum.TestCaseUtils;
import net.jforum.util.preferences.ConfigKeys;
import net.jforum.util.preferences.SystemGlobals;
/**
* @author Rafael Steil
* @version $Id: SafeHtmlTest.java,v 1.12 2007/09/19 14:08:56 rafaelsteil Exp $
*/
public class SafeHtmlTest extends TestCase
{
private static final String WELCOME_TAGS = "a, b, i, u, img";
private String input;
private String expected;
/**
* @see junit.framework.TestCase#setUp()
*/
protected void setUp() throws Exception
{
TestCaseUtils.loadEnvironment();
StringBuffer sb = new StringBuffer(512);
sb.append("<a href='http://somelink'>Some Link");
sb.append("bla <b>bla code code ");
sb.append("<script>document.location = 'xxx';");
sb.append("<img src='http://imgPath' onLoad='window.close();'>");
sb.append("<a href='javascript:alert(bleh)'>xxxx");
sb.append("<img src='javascript:alert(bloh)'>");
sb.append("<img src=\"javascript:alert('Oops');\">");
sb.append("\"> TTTTT <");
sb.append("<img src='http://some.image' onLoad=\"javascript:alert('boo')\">");
sb.append("<b>heeelooo, nurse");
sb.append("<b style='some style'>1, 2, 3");
this.input = sb.toString();
sb = new StringBuffer(512);
sb.append("<a href='http://somelink'>Some Link");
sb.append("bla <b>bla <pre>code code</pre>");
sb.append("<script>document.location = 'xxx';</script>");
sb.append("<img src='http://imgPath' >");
sb.append("<a >xxxx");
sb.append("<img >");
sb.append("<img >");
sb.append(""> TTTTT <");
sb.append("<img src='http://some.image' >");
sb.append("<b>heeelooo, nurse");
sb.append("<b >1, 2, 3");
this.expected = sb.toString();
}
public void testJavascriptInsideURLTagExpectItToBeRemoved()
{
String input = "<a class=\"snap_shots\" rel=\"nofollow\" target=\"_new\" onmouseover=\"javascript:alert('test2');\" href=\"before\">test";
String expected = "<a class=\"snap_shots\" rel=\"nofollow\" target=\"_new\" >test";
String result = new SafeHtml().ensureAllAttributesAreSafe(input);
assertEquals(expected, result);
}
public void testJavascriptInsideImageTagExpectItToBeRemoved()
{
String input = "<img border=\"0\" onmouseover=\"javascript:alert('buuuh!!!');\"\"\" src=\"javascript:alert('hi from an alert!');\"/>";
String expected = "<img border=\"0\" \"\" />";
String result = new SafeHtml().ensureAllAttributesAreSafe(input);
assertEquals(expected, result);
}
public void testIframe()
{
String input = "<iframe src='http://www.google.com' onload='javascript:parent.document.body.style.display=\'none\'; alert(\'where is the forum?\'); ' style='display:none;'>";
String output = "<iframe src='http://www.google.com' onload='javascript:parent.document.body.style.display=\'none\'; alert(\'where is the forum?\'); ' style='display:none;'></iframe>";
SystemGlobals.setValue(ConfigKeys.HTML_TAGS_WELCOME, WELCOME_TAGS);
assertEquals(output, new SafeHtml().makeSafe(input));
}
public void testMakeSafe() throws Exception
{
SystemGlobals.setValue(ConfigKeys.HTML_TAGS_WELCOME, WELCOME_TAGS);
assertEquals(this.expected, new SafeHtml().makeSafe(this.input));
}
}
Other jforum examples (source code examples)
Here is a short list of links related to this jforum SafeHtmlTest.java source code file:
|
The search page
Other jforum source code examples at this package level
Click here to learn more about this project
