public function testSanitize()
{
$string = '<b>one</b> <a href="javascript:alert(xss)" target="_blank" style="style">two</a> <em class="test" onclick="xss">three</em> four <script>javascript</script><style>style</style><link rel="stylesheet" type="text/css" />';
$ok = '<b>one</b> <a target="_blank">two</a> <em class="test">three</em> four ';
$clean = FilterComponent::sanitize($string);
$this->assertEqual($clean, $ok);
$string = '<b>one</b> <a href="javascript: alert(xss)" target="_blank" style=\'style\'>two</a> <em class="test" onclick = "xss">three</em> four <script>javascript</script><style>style</style><link rel="stylesheet" type="text/css" />';
$ok = '<b>one</b> <a target="_blank">two</a> <em class="test">three</em> four ';
$clean = FilterComponent::sanitize($string);
$this->assertEqual($clean, $ok);
$array = array('one' => '<b>bold</bold>', 'two' => array('one' => '<script type="text/javascript">alert("xss")</script>', 'two' => '<a href="javascript:alert(\'xss\')" target="_blank">link</a>', 'three' => '<body style="display:none">xss</body>'), 'three' => '<span style="display:none">test</span>');
$ok = array('one' => '<b>bold</bold>', 'two' => array('one' => '', 'two' => '<a target="_blank">link</a>', 'three' => '<body>xss</body>'), 'three' => '<span>test</span>');
$clean = FilterComponent::sanitize($array);
$this->assertEqual($clean, $ok);
}
private function process($data)
{
$data = FilterComponent::sanitize($data);
$data = $this->smartDates($data);
return $data;
}
