public void ReturnTrue_WhenTheHtmlElementHasAnAttributeStartingWithOnAndItsLengthIsGreaterThanTwo()
{
// Arrange
var htmlString = "<button onclick=\"myFunction()\">Click me</button>";
var htmlElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
var actualResult = new JavaScriptRelatedAttributeSanitizer().CanSanitize(htmlElement);
// Assert
Assert.IsTrue(actualResult);
}
public void ReturnFalse_WhenTheHtmlElementHasAnAttributeWhichNameIsOn()
{
// Arrange
var htmlString = "<button on=\"true\">Click me</button>";
var htmlElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
var actualResult = new JavaScriptRelatedAttributeSanitizer().CanSanitize(htmlElement);
// Assert
Assert.IsFalse(actualResult);
}
public void ReturnTrue_WhenTheHtmlElementHasAnAttributeStartingWithXml()
{
// Arrange
var htmlString = "<p xml:space=\"preserve\">Some text</p>";
var htmlElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
var actualResult = new XmlAttributeSanitizer().CanSanitize(htmlElement);
// Assert
Assert.IsTrue(actualResult);
}
public void PreserveTheOtherPartOfTheSourceAttribute_WhenTheSourceContainsAdditionalParams()
{
// Arrange
const string ExpectedResult = "https://foo.com/iframe:8082?q=12&s=ex";
var htmlString = "<amp-iframe src=\"http://foo.com/iframe:8082?q=12&s=ex\" sandbox=\"allow-same-origin\" layout=\"fill\"></amp-iframe>";
var ampElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
new MediaSanitizerAccessor().RewriteSourceAttribute(ampElement);
// Assert
Assert.AreEqual(ExpectedResult, ampElement.GetAttribute("src"));
}
public void NotIncludeDefaultPorts_Always()
{
// Arrange
const string ExpectedResult = "https://foo.com/iframe";
var htmlString = "<amp-iframe src=\"http://foo.com/iframe\" sandbox=\"allow-same-origin\" layout=\"fill\"></amp-iframe>";
var ampElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
new MediaSanitizerAccessor().RewriteSourceAttribute(ampElement);
// Assert
Assert.AreEqual(ExpectedResult, ampElement.GetAttribute("src"));
}
public void RemoveAllXmlAttributes()
{
// Arrange
var htmlString = "<p xml:space=\"preserve\">Some text</p>";
var htmlElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
var actualResult = new XmlAttributeSanitizer().Sanitize(null, htmlElement);
var xmlAttributesExist = htmlElement.Attributes.Any(a => a.Name.StartsWith("xml"));
// Assert
Assert.IsFalse(xmlAttributesExist);
}
public void NotRemoveOnAttribute()
{
// Arrange
var htmlString = "<button onclick=\"myFunction()\" on=\"yes\">Click me</button>";
var htmlElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
var actualResult = new JavaScriptRelatedAttributeSanitizer().Sanitize(null, htmlElement);
var onAttributeExists = htmlElement.HasAttribute("on");
// Assert
Assert.IsTrue(onAttributeExists);
}
public void RemoveAllAttributesStartingWithOnAndLengthGreaterThanTwo()
{
// Arrange
var htmlString = "<button onclick=\"myFunction()\">Click me</button>";
var htmlElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
var actualResult = new JavaScriptRelatedAttributeSanitizer().Sanitize(null, htmlElement);
var onAttributesExist = htmlElement.Attributes.Any(a => a.Name.StartsWith("on") && a.Name.Length > 2);
// Assert
Assert.IsFalse(onAttributesExist);
}
public void RewriteTheSourceAttributeWithHttps_WhenItIsNotUnderHttps()
{
// Arrange
const string ExpectedResult = "https";
var htmlString = "<amp-iframe src=\"http://foo.com/iframe\" sandbox=\"allow-same-origin\" layout=\"fill\"></amp-iframe>";
var ampElement = ElementFactory.CreateFromHtmlString(htmlString);
// Act
new MediaSanitizerAccessor().RewriteSourceAttribute(ampElement);
var srcScheme = new Uri(ampElement.GetAttribute("src")).Scheme;
// Assert
Assert.AreEqual(ExpectedResult, srcScheme);
}
public void ReturnTrue_WhenElementIsIFrameElementAndTheSourceEqualsTheDocumentSourceAndAllowSameOriginIsSpecified()
{
// Arrange
var htmlString = "<iframe src=\"http://www.mywebsite.com/example-resource\" sandbox=\"allow-same-origin\" />";
var htmlElement = ElementFactory.CreateFromHtmlString(htmlString);
var runContext = new RunContext(new RunConfiguration {
RelativeUrlsHost = "https://www.mywebsite.com"
});
var iframeSanitizer = new IFrameSanitizer();
iframeSanitizer.Configure(runContext);
// Act
var actualResult = iframeSanitizer.CanSanitize(htmlElement);
// Assert
Assert.IsTrue(actualResult);
}
public void ReturnAmpIFrameElementWithNotChangedLayout_IfTheOriginalIFrameElementHasALayoutAttribute()
{
// Arrange
const string ExpectedResult = "fill";
var htmlString = "<iframe src=\"http://www.mywebsite.com/example-resource\" layout=\"fill\" />";
var iframeElement = ElementFactory.CreateFromHtmlString(htmlString);
ElementFactory.Document.Body.Append(iframeElement);
var runContext = new RunContext(new RunConfiguration {
RelativeUrlsHost = "http://test-domain.com"
});
var iframeSanitizer = new IFrameSanitizer();
iframeSanitizer.Configure(runContext);
// Act
var actualResult = iframeSanitizer.Sanitize(ElementFactory.Document, iframeElement);
// Assert
Assert.AreEqual(ExpectedResult, actualResult.GetAttribute("layout"));
}