function test_filtering_malicious_html()
{
$this->assert_equal(InputFilter::filter_html_elements('<p onclick=\\"window.alert(\'boo\')\\">Hey.</p><a href=\\"#\\" style=\\"position: absolute; left: 1px; top: 3px;\\">Whee!</a>'), '<p>Hey.</p><a href=\\"#\\">Whee!</a>');
$this->assert_equal(InputFilter::filter_html_elements('<a href=\\"javascript:alert(\'yay\')\\" style=\\"text-decoration: none;\\">Whee!</a>'), '<a>Whee!</a>');
}
public function testFilter_html_elements()
{
// test stripping malicious code
$this->assertEquals('<p>Hey.</p><a href=\\"#\\">Whee!</a>', InputFilter::filter_html_elements('<p onclick=\\"window.alert(\'boo\')\\">Hey.</p><a href=\\"#\\" style=\\"position: absolute; left: 1px; top: 3px;\\">Whee!</a>'));
$this->assertEquals('<a>Whee!</a>', InputFilter::filter_html_elements('<a href=\\"javascript:alert(\'yay\')\\" style=\\"text-decoration: none;\\">Whee!</a>'));
}
