You are here

function AlignFilterTest::testAlignFilter in Entity Embed 7

Same name and namespace in other branches
  1. 7.2 entity_embed.test \AlignFilterTest::testAlignFilter()

Tests the embed_button administration functionality.

File

./entity_embed.test, line 352
Test integration for the entity_embed module.

Class

AlignFilterTest
Tests the align filter.

Code

function testAlignFilter() {

  // Setup dummy filter object.
  $filter = new stdClass();
  $filter->callback = '_entity_embed_filter_align';

  // No data-align attribute.
  $tests = array(
    '<img src="llama.jpg" />' => array(
      '<img src="llama.jpg" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);

  // Data-align attribute: all 3 allowed values.
  $tests = array(
    '<img src="llama.jpg" data-align="left" />' => array(
      '<img src="llama.jpg" class="align-left" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);
  $tests = array(
    '<img src="llama.jpg" data-align="center" />' => array(
      '<img src="llama.jpg" class="align-center" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);
  $tests = array(
    '<img src="llama.jpg" data-align="right" />' => array(
      '<img src="llama.jpg" class="align-right" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);

  // Data-align attribute: a disallowed value.
  $tests = array(
    '<img src="llama.jpg" data-align="left foobar" />' => array(
      '<img src="llama.jpg" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);

  // Empty data-align attribute.
  $tests = array(
    '<img src="llama.jpg" data-align="" />' => array(
      '<img src="llama.jpg" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);

  // Ensure the filter also works with uncommon yet valid attribute quoting.
  $tests = array(
    '<img src=llama.jpg data-align=right />' => array(
      '<img src="llama.jpg" class="align-right" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);

  // Security test: attempt to inject an additional class.
  $tests = array(
    '<img src="llama.jpg" data-align="center another-class-here" />' => array(
      '<img src="llama.jpg" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);

  // Security test: attempt an XSS.
  $tests = array(
    '<img src="llama.jpg" data-align="center \'onclick=\'alert(foo);" />' => array(
      '<img src="llama.jpg" />' => TRUE,
    ),
  );
  $this
    ->assertFilteredString($filter, $tests);
}