Skip to content

Commit

Permalink
rufo formatting
Browse files Browse the repository at this point in the history
  • Loading branch information
flavorjones committed Oct 9, 2019
1 parent 1bdf276 commit a5bd819
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 21 deletions.
3 changes: 1 addition & 2 deletions lib/loofah/html5/safelist.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
require 'set'
require "set"

module Loofah
module HTML5 # :nodoc:
Expand Down Expand Up @@ -45,7 +45,6 @@ module HTML5 # :nodoc:
#
# </html5_license>
module SafeList

ACCEPTABLE_ELEMENTS = Set.new([
"a",
"abbr",
Expand Down
36 changes: 17 additions & 19 deletions test/integration/test_ad_hoc.rb
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
require "helper"

class IntegrationTestAdHoc < Loofah::TestCase

context "blank input string" do
context "fragment" do
it "return a blank string" do
Expand Down Expand Up @@ -33,9 +32,9 @@ def test_removal_of_illegal_attribute
html = "<p class=bar foo=bar abbr=bar />"
sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
node = sane.xpath("//p").first
assert node.attributes['class']
assert node.attributes['abbr']
assert_nil node.attributes['foo']
assert node.attributes["class"]
assert node.attributes["abbr"]
assert_nil node.attributes["foo"]
end

def test_removal_of_illegal_url_in_href
Expand All @@ -45,14 +44,14 @@ def test_removal_of_illegal_url_in_href
HTML
sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
nodes = sane.xpath("//a")
assert_nil nodes.first.attributes['href']
assert nodes.last.attributes['href']
assert_nil nodes.first.attributes["href"]
assert nodes.last.attributes["href"]
end

def test_css_sanitization
html = "<p style='background-color: url(\"http://foo.com/\") ; background-color: #000 ;' />"
sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
assert_match %r/#000/, sane.inner_html
assert_match %r/#000/, sane.inner_html
refute_match %r/foo\.com/, sane.inner_html
end

Expand All @@ -75,7 +74,7 @@ def test_fragment_with_text_nodes_leading_and_trailing
def test_whitewash_on_fragment
html = "safe<frameset rows=\"*\"><frame src=\"http://example.com\"></frameset> <b>description</b>"
whitewashed = Loofah.scrub_document(html, :whitewash).xpath("/html/body/*").to_s
assert_equal "<p>safe</p><b>description</b>", whitewashed.gsub("\n","")
assert_equal "<p>safe</p><b>description</b>", whitewashed.gsub("\n", "")
end

def test_fragment_whitewash_on_microsofty_markup
Expand All @@ -86,11 +85,11 @@ def test_fragment_whitewash_on_microsofty_markup
def test_document_whitewash_on_microsofty_markup
whitewashed = Loofah.document(MSWORD_HTML).scrub!(:whitewash)
assert_match %r(<p>Foo <b>BOLD</b></p>), whitewashed.to_s
assert_equal "<p>Foo <b>BOLD</b></p>", whitewashed.xpath("/html/body/*").to_s
assert_equal "<p>Foo <b>BOLD</b></p>", whitewashed.xpath("/html/body/*").to_s
end

def test_return_empty_string_when_nothing_left
assert_equal "", Loofah.scrub_document('<script>test</script>', :prune).text
assert_equal "", Loofah.scrub_document("<script>test</script>", :prune).text
end

def test_nested_script_cdata_tags_should_be_scrubbed
Expand Down Expand Up @@ -145,21 +144,20 @@ def test_dont_remove_whitespace_between_tags
#
# https://git.gnome.org/browse/libxml2/tree/HTMLtree.c?h=v2.9.2#n714
#
{tag: "a", attr: "href"},
{tag: "div", attr: "href"},
{tag: "a", attr: "action"},
{tag: "div", attr: "action"},
{tag: "a", attr: "src"},
{tag: "div", attr: "src"},
{tag: "a", attr: "name"},
{ tag: "a", attr: "href" },
{ tag: "div", attr: "href" },
{ tag: "a", attr: "action" },
{ tag: "div", attr: "action" },
{ tag: "a", attr: "src" },
{ tag: "div", attr: "src" },
{ tag: "a", attr: "name" },
#
# note that div+name is _not_ affected by the libxml2 issue.
# but we test it anyway to ensure our logic isn't modifying
# attributes that don't need modifying.
#
{tag: "div", attr: "name", unescaped: true},
{ tag: "div", attr: "name", unescaped: true },
].each do |config|

define_method "test_uri_escaping_of_#{config[:attr]}_attr_in_#{config[:tag]}_tag" do
html = %{<#{config[:tag]} #{config[:attr]}='examp<!--" unsafeattr=foo()>-->le.com'>test</#{config[:tag]}>}

Expand Down

0 comments on commit a5bd819

Please sign in to comment.