Exemplo n.º 1
0
        /// <summary>
        /// A MemoryCache is used as an alternative to a unit-test unfriendly static HtmlWhiteList.
        /// </summary>
        private HtmlWhiteList GetCachedWhiteList()
        {
            HtmlWhiteList whiteList = _memoryCache.Get(_cacheKey) as HtmlWhiteList;

            if (whiteList == null)
            {
                whiteList = HtmlWhiteList.Deserialize(_applicationSettings);
                _memoryCache.Add(_cacheKey, whiteList, new CacheItemPolicy());
            }

            return(whiteList);
        }
Exemplo n.º 2
0
        public static HtmlWhiteList Deserialize(ApplicationSettings settings)
        {
            if (string.IsNullOrEmpty(settings.HtmlElementWhiteListPath) || !File.Exists(settings.HtmlElementWhiteListPath))
            {
                if (!string.IsNullOrEmpty(settings.HtmlElementWhiteListPath))
                {
                    Log.Warn("The custom HTML white list tokens file does not exist in path '{0}' - using Default white list.", settings.HtmlElementWhiteListPath);
                }

                return(CreateDefaultWhiteList());
            }

            try
            {
                using (FileStream stream = new FileStream(settings.HtmlElementWhiteListPath, FileMode.Open, FileAccess.Read))
                {
                    XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));
                    HtmlWhiteList whiteList  = (HtmlWhiteList)serializer.Deserialize(stream);

                    if (whiteList == null)
                    {
                        return(CreateDefaultWhiteList());
                    }
                    else
                    {
                        return(whiteList);
                    }
                }
            }
            catch (IOException e)
            {
                Log.Warn(e, "An IO error occurred loading the html element white list file {0}", settings.HtmlElementWhiteListPath);
                return(CreateDefaultWhiteList());
            }
            catch (FormatException e)
            {
                Log.Warn(e, "A FormatException error occurred loading the html element white list file {0}", settings.HtmlElementWhiteListPath);
                return(CreateDefaultWhiteList());
            }
            catch (Exception e)
            {
                Log.Warn(e, "An unhandled exception error occurred loading the html element white list file {0}", settings.HtmlElementWhiteListPath);
                return(CreateDefaultWhiteList());
            }
        }
Exemplo n.º 3
0
		public void GenerateTestXmlFile()
		{
			// Arrange
			MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

			using (FileStream stream = new FileStream("test.xml", FileMode.Create, FileAccess.Write))
			{
				//XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));
				//serializer.Serialize(stream, MarkupSanitizer._htmlWhiteList);

				XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));

				List<HtmlElement> list = new List<HtmlElement>();
				list.Add(new HtmlElement("blah", new string[] { "id", "class" }));
				list.Add(new HtmlElement("test", new string[] { "href" }));

				HtmlWhiteList whiteList = new HtmlWhiteList();
				whiteList.ElementWhiteList = list;

				serializer.Serialize(stream, whiteList);
			}
		}
Exemplo n.º 4
0
        public void ShouldDeserializeWhiteListFromGeneratedXmlFile()
        {
            // Arrange
            string whitelistFile = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "whitelistgenerated.xml");
            ApplicationSettings settings = new ApplicationSettings();
            settings.HtmlElementWhiteListPath = whitelistFile;

            using (FileStream stream = new FileStream(whitelistFile, FileMode.Create, FileAccess.Write))
            {
                XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));

                List<HtmlElement> list = new List<HtmlElement>();
                list.Add(new HtmlElement("blah", new string[] { "id", "class" }));
                list.Add(new HtmlElement("test", new string[] { "href" }));

                HtmlWhiteList whiteList = new HtmlWhiteList();
                whiteList.ElementWhiteList = list;

                serializer.Serialize(stream, whiteList);
            }

            string htmlFragment = "<test href=\"http://www.google.com\">link</test> <blah id=\"myid\" class=\"class1 class2\">somediv</blah><a href=\"test\">test</a>";

            // Act
            MarkupSanitizer sanitizer = new MarkupSanitizer(settings);
            sanitizer.SetWhiteListCacheKey("ShouldDeserializeWhiteListFromGeneratedXmlFile");
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<test href=\"http&#x3A;&#x2F;&#x2F;www&#x2E;google&#x2E;com\">link</test> <blah id=\"myid\" class=\"class1&#x20;class2\">somediv</blah>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }