public void ReturnTrue_WhenTheHtmlElementHasAnAttributeStartingWithOnAndItsLengthIsGreaterThanTwo() { // Arrange var htmlString = "<button onclick=\"myFunction()\">Click me</button>"; var htmlElement = ElementFactory.CreateFromHtmlString(htmlString); // Act var actualResult = new JavaScriptRelatedAttributeSanitizer().CanSanitize(htmlElement); // Assert Assert.IsTrue(actualResult); }
public void ReturnFalse_WhenTheHtmlElementHasAnAttributeWhichNameIsOn() { // Arrange var htmlString = "<button on=\"true\">Click me</button>"; var htmlElement = ElementFactory.CreateFromHtmlString(htmlString); // Act var actualResult = new JavaScriptRelatedAttributeSanitizer().CanSanitize(htmlElement); // Assert Assert.IsFalse(actualResult); }
public void ReturnTrue_WhenTheHtmlElementHasAnAttributeStartingWithXml() { // Arrange var htmlString = "<p xml:space=\"preserve\">Some text</p>"; var htmlElement = ElementFactory.CreateFromHtmlString(htmlString); // Act var actualResult = new XmlAttributeSanitizer().CanSanitize(htmlElement); // Assert Assert.IsTrue(actualResult); }
public void PreserveTheOtherPartOfTheSourceAttribute_WhenTheSourceContainsAdditionalParams() { // Arrange const string ExpectedResult = "https://foo.com/iframe:8082?q=12&s=ex"; var htmlString = "<amp-iframe src=\"http://foo.com/iframe:8082?q=12&s=ex\" sandbox=\"allow-same-origin\" layout=\"fill\"></amp-iframe>"; var ampElement = ElementFactory.CreateFromHtmlString(htmlString); // Act new MediaSanitizerAccessor().RewriteSourceAttribute(ampElement); // Assert Assert.AreEqual(ExpectedResult, ampElement.GetAttribute("src")); }
public void NotIncludeDefaultPorts_Always() { // Arrange const string ExpectedResult = "https://foo.com/iframe"; var htmlString = "<amp-iframe src=\"http://foo.com/iframe\" sandbox=\"allow-same-origin\" layout=\"fill\"></amp-iframe>"; var ampElement = ElementFactory.CreateFromHtmlString(htmlString); // Act new MediaSanitizerAccessor().RewriteSourceAttribute(ampElement); // Assert Assert.AreEqual(ExpectedResult, ampElement.GetAttribute("src")); }
public void RemoveAllXmlAttributes() { // Arrange var htmlString = "<p xml:space=\"preserve\">Some text</p>"; var htmlElement = ElementFactory.CreateFromHtmlString(htmlString); // Act var actualResult = new XmlAttributeSanitizer().Sanitize(null, htmlElement); var xmlAttributesExist = htmlElement.Attributes.Any(a => a.Name.StartsWith("xml")); // Assert Assert.IsFalse(xmlAttributesExist); }
public void NotRemoveOnAttribute() { // Arrange var htmlString = "<button onclick=\"myFunction()\" on=\"yes\">Click me</button>"; var htmlElement = ElementFactory.CreateFromHtmlString(htmlString); // Act var actualResult = new JavaScriptRelatedAttributeSanitizer().Sanitize(null, htmlElement); var onAttributeExists = htmlElement.HasAttribute("on"); // Assert Assert.IsTrue(onAttributeExists); }
public void RemoveAllAttributesStartingWithOnAndLengthGreaterThanTwo() { // Arrange var htmlString = "<button onclick=\"myFunction()\">Click me</button>"; var htmlElement = ElementFactory.CreateFromHtmlString(htmlString); // Act var actualResult = new JavaScriptRelatedAttributeSanitizer().Sanitize(null, htmlElement); var onAttributesExist = htmlElement.Attributes.Any(a => a.Name.StartsWith("on") && a.Name.Length > 2); // Assert Assert.IsFalse(onAttributesExist); }
public void RewriteTheSourceAttributeWithHttps_WhenItIsNotUnderHttps() { // Arrange const string ExpectedResult = "https"; var htmlString = "<amp-iframe src=\"http://foo.com/iframe\" sandbox=\"allow-same-origin\" layout=\"fill\"></amp-iframe>"; var ampElement = ElementFactory.CreateFromHtmlString(htmlString); // Act new MediaSanitizerAccessor().RewriteSourceAttribute(ampElement); var srcScheme = new Uri(ampElement.GetAttribute("src")).Scheme; // Assert Assert.AreEqual(ExpectedResult, srcScheme); }
public void ReturnTrue_WhenElementIsIFrameElementAndTheSourceEqualsTheDocumentSourceAndAllowSameOriginIsSpecified() { // Arrange var htmlString = "<iframe src=\"http://www.mywebsite.com/example-resource\" sandbox=\"allow-same-origin\" />"; var htmlElement = ElementFactory.CreateFromHtmlString(htmlString); var runContext = new RunContext(new RunConfiguration { RelativeUrlsHost = "https://www.mywebsite.com" }); var iframeSanitizer = new IFrameSanitizer(); iframeSanitizer.Configure(runContext); // Act var actualResult = iframeSanitizer.CanSanitize(htmlElement); // Assert Assert.IsTrue(actualResult); }
public void ReturnAmpIFrameElementWithNotChangedLayout_IfTheOriginalIFrameElementHasALayoutAttribute() { // Arrange const string ExpectedResult = "fill"; var htmlString = "<iframe src=\"http://www.mywebsite.com/example-resource\" layout=\"fill\" />"; var iframeElement = ElementFactory.CreateFromHtmlString(htmlString); ElementFactory.Document.Body.Append(iframeElement); var runContext = new RunContext(new RunConfiguration { RelativeUrlsHost = "http://test-domain.com" }); var iframeSanitizer = new IFrameSanitizer(); iframeSanitizer.Configure(runContext); // Act var actualResult = iframeSanitizer.Sanitize(ElementFactory.Document, iframeElement); // Assert Assert.AreEqual(ExpectedResult, actualResult.GetAttribute("layout")); }