/// <summary>
/// A MemoryCache is used as an alternative to a unit-test unfriendly static HtmlWhiteList.
/// </summary>
private HtmlWhiteList GetCachedWhiteList()
{
HtmlWhiteList whiteList = _memoryCache.Get(_cacheKey) as HtmlWhiteList;
if (whiteList == null)
{
whiteList = HtmlWhiteList.Deserialize(_applicationSettings);
_memoryCache.Add(_cacheKey, whiteList, new CacheItemPolicy());
}
return(whiteList);
}
public static HtmlWhiteList Deserialize(ApplicationSettings settings)
{
if (string.IsNullOrEmpty(settings.HtmlElementWhiteListPath) || !File.Exists(settings.HtmlElementWhiteListPath))
{
if (!string.IsNullOrEmpty(settings.HtmlElementWhiteListPath))
{
Log.Warn("The custom HTML white list tokens file does not exist in path '{0}' - using Default white list.", settings.HtmlElementWhiteListPath);
}
return(CreateDefaultWhiteList());
}
try
{
using (FileStream stream = new FileStream(settings.HtmlElementWhiteListPath, FileMode.Open, FileAccess.Read))
{
XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));
HtmlWhiteList whiteList = (HtmlWhiteList)serializer.Deserialize(stream);
if (whiteList == null)
{
return(CreateDefaultWhiteList());
}
else
{
return(whiteList);
}
}
}
catch (IOException e)
{
Log.Warn(e, "An IO error occurred loading the html element white list file {0}", settings.HtmlElementWhiteListPath);
return(CreateDefaultWhiteList());
}
catch (FormatException e)
{
Log.Warn(e, "A FormatException error occurred loading the html element white list file {0}", settings.HtmlElementWhiteListPath);
return(CreateDefaultWhiteList());
}
catch (Exception e)
{
Log.Warn(e, "An unhandled exception error occurred loading the html element white list file {0}", settings.HtmlElementWhiteListPath);
return(CreateDefaultWhiteList());
}
}
public void GenerateTestXmlFile()
{
// Arrange
MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);
using (FileStream stream = new FileStream("test.xml", FileMode.Create, FileAccess.Write))
{
//XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));
//serializer.Serialize(stream, MarkupSanitizer._htmlWhiteList);
XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));
List<HtmlElement> list = new List<HtmlElement>();
list.Add(new HtmlElement("blah", new string[] { "id", "class" }));
list.Add(new HtmlElement("test", new string[] { "href" }));
HtmlWhiteList whiteList = new HtmlWhiteList();
whiteList.ElementWhiteList = list;
serializer.Serialize(stream, whiteList);
}
}
public void ShouldDeserializeWhiteListFromGeneratedXmlFile()
{
// Arrange
string whitelistFile = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "whitelistgenerated.xml");
ApplicationSettings settings = new ApplicationSettings();
settings.HtmlElementWhiteListPath = whitelistFile;
using (FileStream stream = new FileStream(whitelistFile, FileMode.Create, FileAccess.Write))
{
XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));
List<HtmlElement> list = new List<HtmlElement>();
list.Add(new HtmlElement("blah", new string[] { "id", "class" }));
list.Add(new HtmlElement("test", new string[] { "href" }));
HtmlWhiteList whiteList = new HtmlWhiteList();
whiteList.ElementWhiteList = list;
serializer.Serialize(stream, whiteList);
}
string htmlFragment = "<test href=\"http://www.google.com\">link</test> <blah id=\"myid\" class=\"class1 class2\">somediv</blah><a href=\"test\">test</a>";
// Act
MarkupSanitizer sanitizer = new MarkupSanitizer(settings);
sanitizer.SetWhiteListCacheKey("ShouldDeserializeWhiteListFromGeneratedXmlFile");
string actual = sanitizer.SanitizeHtml(htmlFragment);
// Assert
string expected = "<test href=\"http://www.google.com\">link</test> <blah id=\"myid\" class=\"class1 class2\">somediv</blah>";
Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
}