require "minitest/autorun"
require "rails-html-sanitizer"
class ScrubberTest < Minitest::Test
protected
def assert_scrubbed(html, expected = html)
output = Loofah.scrub_fragment(html, @scrubber).to_s
assert_equal expected, output
end
def to_node(text)
Loofah.fragment(text).children.first
end
def assert_node_skipped(text)
assert_scrub_returns(Loofah::Scrubber::CONTINUE, text)
end
def assert_scrub_stopped(text)
assert_scrub_returns(Loofah::Scrubber::STOP, text)
end
def assert_scrub_returns(return_value, text)
node = to_node(text)
assert_equal return_value, @scrubber.scrub(node)
end
end
class PermitScrubberTest < ScrubberTest
def setup
@scrubber = Rails::Html::PermitScrubber.new
end
def test_responds_to_scrub
assert @scrubber.respond_to?(:scrub)
end
def test_default_scrub_behavior
assert_scrubbed 'hello', 'hello'
end
def test_default_attributes_removal_behavior
assert_scrubbed '
hello
', 'hello
'
end
def test_leaves_supplied_tags
@scrubber.tags = %w(a)
assert_scrubbed 'hello'
end
def test_leaves_only_supplied_tags
html = 'leave me now'
@scrubber.tags = %w(tag)
assert_scrubbed html, 'leave me now'
end
def test_leaves_only_supplied_tags_nested
html = 'leave me now'
@scrubber.tags = %w(tag)
assert_scrubbed html, 'leave me now'
end
def test_leaves_supplied_attributes
@scrubber.attributes = %w(cooler)
assert_scrubbed ''
end
def test_leaves_only_supplied_attributes
@scrubber.attributes = %w(cooler)
assert_scrubbed '', ''
end
def test_leaves_supplied_tags_and_attributes
@scrubber.tags = %w(tag)
@scrubber.attributes = %w(cooler)
assert_scrubbed ''
end
def test_leaves_only_supplied_tags_and_attributes
@scrubber.tags = %w(tag)
@scrubber.attributes = %w(cooler)
html = ''
assert_scrubbed html, ''
end
def test_leaves_text
assert_scrubbed('some text')
end
def test_skips_text_nodes
assert_node_skipped('some text')
end
def test_tags_accessor_validation
e = assert_raises(ArgumentError) do
@scrubber.tags = 'tag'
end
assert_equal "You should pass :tags as an Enumerable", e.message
assert_nil @scrubber.tags, "Tags should be nil when validation fails"
end
def test_attributes_accessor_validation
e = assert_raises(ArgumentError) do
@scrubber.attributes = 'cooler'
end
assert_equal "You should pass :attributes as an Enumerable", e.message
assert_nil @scrubber.attributes, "Attributes should be nil when validation fails"
end
end
class TargetScrubberTest < ScrubberTest
def setup
@scrubber = Rails::Html::TargetScrubber.new
end
def test_targeting_tags_removes_only_them
@scrubber.tags = %w(a h1)
html = ''
assert_scrubbed html, ''
end
def test_targeting_tags_removes_only_them_nested
@scrubber.tags = %w(a)
html = ''
assert_scrubbed html, ''
end
def test_targeting_attributes_removes_only_them
@scrubber.attributes = %w(class id)
html = ''
assert_scrubbed html, ''
end
def test_targeting_tags_and_attributes_removes_only_them
@scrubber.tags = %w(tag)
@scrubber.attributes = %w(remove)
html = ''
assert_scrubbed html, ''
end
end
class TextOnlyScrubberTest < ScrubberTest
def setup
@scrubber = Rails::Html::TextOnlyScrubber.new
end
def test_removes_all_tags_and_keep_the_content
assert_scrubbed 'hello', 'hello'
end
def test_skips_text_nodes
assert_node_skipped('some text')
end
end
class ReturningStopFromScrubNodeTest < ScrubberTest
class ScrubStopper < Rails::Html::PermitScrubber
def scrub_node(node)
Loofah::Scrubber::STOP
end
end
def setup
@scrubber = ScrubStopper.new
end
def test_returns_stop_from_scrub_if_scrub_node_does
assert_scrub_stopped ''
end
end