mirror of
https://github.com/Combodo/iTop.git
synced 2026-02-12 23:14:18 +01:00
N°2558 Test for the HTMLDOMSanitizer white list
This commit is contained in:
Pierre Goiffon
122
.idea/inspectionProfiles/Combodo.xml
generated
122
.idea/inspectionProfiles/Combodo.xml
generated
@@ -1,6 +1,73 @@
|
||||
<component name="InspectionProjectProfileManager">
|
||||
<profile version="1.0">
|
||||
<option name="myName" value="Combodo" />
|
||||
<inspection_tool class="CascadeStringReplacementInspection" enabled="false" level="WARNING" enabled_by_default="false" />
|
||||
<inspection_tool class="ForgottenDebugOutputInspection" enabled="true" level="ERROR" enabled_by_default="true">
|
||||
<option name="configuration">
|
||||
<list>
|
||||
<option value="\Codeception\Util\Debug::debug" />
|
||||
<option value="\Codeception\Util\Debug::pause" />
|
||||
<option value="\Doctrine\Common\Util\Debug::dump" />
|
||||
<option value="\Doctrine\Common\Util\Debug::export" />
|
||||
<option value="\Illuminate\Support\Debug\Dumper::dump" />
|
||||
<option value="\Symfony\Component\Debug\Debug::enable" />
|
||||
<option value="\Symfony\Component\Debug\DebugClassLoader::enable" />
|
||||
<option value="\Symfony\Component\Debug\ErrorHandler::register" />
|
||||
<option value="\Symfony\Component\Debug\ExceptionHandler::register" />
|
||||
<option value="\TYPO3\CMS\Core\Utility\DebugUtility::debug" />
|
||||
<option value="\Zend\Debug\Debug::dump" />
|
||||
<option value="\Zend\Di\Display\Console::export" />
|
||||
<option value="dd" />
|
||||
<option value="debug_print_backtrace" />
|
||||
<option value="debug_zval_dump" />
|
||||
<option value="dpm" />
|
||||
<option value="dpq" />
|
||||
<option value="dsm" />
|
||||
<option value="dump" />
|
||||
<option value="dvm" />
|
||||
<option value="error_log" />
|
||||
<option value="kpr" />
|
||||
<option value="phpinfo" />
|
||||
<option value="print_r" />
|
||||
<option value="var_dump" />
|
||||
<option value="var_export" />
|
||||
<option value="xdebug_break" />
|
||||
<option value="xdebug_call_class" />
|
||||
<option value="xdebug_call_file" />
|
||||
<option value="xdebug_call_function" />
|
||||
<option value="xdebug_call_line" />
|
||||
<option value="xdebug_code_coverage_started" />
|
||||
<option value="xdebug_debug_zval" />
|
||||
<option value="xdebug_debug_zval_stdout" />
|
||||
<option value="xdebug_dump_superglobals" />
|
||||
<option value="xdebug_enable" />
|
||||
<option value="xdebug_get_code_coverage" />
|
||||
<option value="xdebug_get_collected_errors" />
|
||||
<option value="xdebug_get_declared_vars" />
|
||||
<option value="xdebug_get_function_stack" />
|
||||
<option value="xdebug_get_headers" />
|
||||
<option value="xdebug_get_monitored_functions" />
|
||||
<option value="xdebug_get_profiler_filename" />
|
||||
<option value="xdebug_get_stack_depth" />
|
||||
<option value="xdebug_get_tracefile_name" />
|
||||
<option value="xdebug_is_enabled" />
|
||||
<option value="xdebug_memory_usage" />
|
||||
<option value="xdebug_peak_memory_usage" />
|
||||
<option value="xdebug_print_function_stack" />
|
||||
<option value="xdebug_start_code_coverage" />
|
||||
<option value="xdebug_start_error_collection" />
|
||||
<option value="xdebug_start_function_monitor" />
|
||||
<option value="xdebug_start_trace" />
|
||||
<option value="xdebug_stop_code_coverage" />
|
||||
<option value="xdebug_stop_error_collection" />
|
||||
<option value="xdebug_stop_function_monitor" />
|
||||
<option value="xdebug_stop_trace" />
|
||||
<option value="xdebug_time_index" />
|
||||
<option value="xdebug_var_dump" />
|
||||
</list>
|
||||
</option>
|
||||
<option name="migratedIntoUserSpace" value="true" />
|
||||
</inspection_tool>
|
||||
<inspection_tool class="HtmlRequiredAltAttribute" enabled="true" level="WEAK WARNING" enabled_by_default="true" />
|
||||
<inspection_tool class="HtmlRequiredLangAttribute" enabled="true" level="WEAK WARNING" enabled_by_default="true" />
|
||||
<inspection_tool class="InconsistentLineSeparators" enabled="true" level="WARNING" enabled_by_default="true" />
|
||||
@@ -23,6 +90,61 @@
|
||||
<inspection_tool class="PhpUnusedParameterInspection" enabled="true" level="WEAK WARNING" enabled_by_default="true">
|
||||
<option name="DONT_REPORT_ABSTRACT_CLASS" value="true" />
|
||||
</inspection_tool>
|
||||
<inspection_tool class="SecurityAdvisoriesInspection" enabled="true" level="WARNING" enabled_by_default="true">
|
||||
<option name="optionConfiguration">
|
||||
<list>
|
||||
<option value="barryvdh/laravel-debugbar" />
|
||||
<option value="behat/behat" />
|
||||
<option value="brianium/paratest" />
|
||||
<option value="codeception/codeception" />
|
||||
<option value="codedungeon/phpunit-result-printer" />
|
||||
<option value="composer/composer" />
|
||||
<option value="doctrine/coding-standard" />
|
||||
<option value="filp/whoops" />
|
||||
<option value="friendsofphp/php-cs-fixer" />
|
||||
<option value="humbug/humbug" />
|
||||
<option value="infection/infection" />
|
||||
<option value="jakub-onderka/php-parallel-lint" />
|
||||
<option value="johnkary/phpunit-speedtrap" />
|
||||
<option value="kalessil/production-dependencies-guard" />
|
||||
<option value="mikey179/vfsStream" />
|
||||
<option value="mockery/mockery" />
|
||||
<option value="mybuilder/phpunit-accelerator" />
|
||||
<option value="orchestra/testbench" />
|
||||
<option value="pdepend/pdepend" />
|
||||
<option value="phan/phan" />
|
||||
<option value="phing/phing" />
|
||||
<option value="phpcompatibility/php-compatibility" />
|
||||
<option value="phpmd/phpmd" />
|
||||
<option value="phpro/grumphp" />
|
||||
<option value="phpspec/phpspec" />
|
||||
<option value="phpspec/prophecy" />
|
||||
<option value="phpstan/phpstan" />
|
||||
<option value="phpunit/phpunit" />
|
||||
<option value="povils/phpmnd" />
|
||||
<option value="roave/security-advisories" />
|
||||
<option value="satooshi/php-coveralls" />
|
||||
<option value="sebastian/phpcpd" />
|
||||
<option value="slevomat/coding-standard" />
|
||||
<option value="spatie/phpunit-watcher" />
|
||||
<option value="squizlabs/php_codesniffer" />
|
||||
<option value="sstalle/php7cc" />
|
||||
<option value="symfony/debug" />
|
||||
<option value="symfony/maker-bundle" />
|
||||
<option value="symfony/phpunit-bridge" />
|
||||
<option value="symfony/var-dumper" />
|
||||
<option value="vimeo/psalm" />
|
||||
<option value="wimg/php-compatibility" />
|
||||
<option value="wp-coding-standards/wpcs" />
|
||||
<option value="yiisoft/yii2-coding-standards" />
|
||||
<option value="yiisoft/yii2-debug" />
|
||||
<option value="yiisoft/yii2-gii" />
|
||||
<option value="zendframework/zend-coding-standard" />
|
||||
<option value="zendframework/zend-debug" />
|
||||
<option value="zendframework/zend-test" />
|
||||
</list>
|
||||
</option>
|
||||
</inspection_tool>
|
||||
<inspection_tool class="SqlAddNotNullColumnInspection" enabled="false" level="WARNING" enabled_by_default="false" />
|
||||
<inspection_tool class="SqlAmbiguousColumnInspection" enabled="false" level="WARNING" enabled_by_default="false" />
|
||||
<inspection_tool class="SqlAutoIncrementDuplicateInspection" enabled="false" level="WARNING" enabled_by_default="false" />
|
||||
|
||||
@@ -12,97 +12,178 @@ use HTMLDOMSanitizer;
|
||||
*/
|
||||
class HTMLDOMSanitizerTest extends ItopTestCase
|
||||
{
|
||||
const INPUT_DIRECTORY = 'sanitizer/input';
|
||||
const OUTPUT_DIRECTORY = 'sanitizer/output';
|
||||
|
||||
/**
|
||||
* @dataProvider DoSanitizeProvider
|
||||
*
|
||||
* @param string $sFileToTest filename
|
||||
*/
|
||||
public function testDoSanitize($sHTML)
|
||||
public function testDoSanitize($sFileToTest)
|
||||
{
|
||||
$sInputHtml = $this->ReadTestFile($sFileToTest, self::INPUT_DIRECTORY);
|
||||
$sOutputHtml = $this->ReadTestFile($sFileToTest, self::OUTPUT_DIRECTORY);
|
||||
$sOutputHtml = $this->RemoveNewLines($sOutputHtml);
|
||||
|
||||
$oSanitizer = new HTMLDOMSanitizer();
|
||||
$sRes = $oSanitizer->DoSanitize($sHTML);
|
||||
$sRes = $oSanitizer->DoSanitize($sInputHtml);
|
||||
|
||||
$this->debug($sRes);
|
||||
$this->assertEquals('<div>
|
||||
<p><span>Test mit nur Unterschrift</span></p>
|
||||
<p><span>Kein bild</span></p>
|
||||
<p><span> </span></p>
|
||||
<p><span> </span></p>
|
||||
<p><b><span style=\'font-size:10.0pt;font-family:"Arial",sans-serif;color:black\'>Christel Dedman</span></b><span></span></p>
|
||||
<p><b><span style=\'font-size:10.0pt;font-family:"Arial",sans-serif;color:black\'> </span></b><span></span></p>
|
||||
<p><b><span style=\'font-size:10.0pt;font-family:"Arial",sans-serif;color:black\'>Financial Reporting Manager | G4S International Logistics (Germany) GmbH</span></b></p>
|
||||
<p><b><span style=\'font-size:10.0pt;font-family:"Arial",sans-serif;color:black\'> </span></b></p>
|
||||
<p><span> </span></p>
|
||||
<p><span style=\'font-size:10.0pt;font-family:"Arial",sans-serif;color:black\'>Rathenaustrasse 53, 63263 Neu </span></p>
|
||||
</div>', $sRes);
|
||||
$this->assertEquals($sOutputHtml, $sRes);
|
||||
}
|
||||
|
||||
private function ReadTestFile($sFileToTest, $sFolderName)
|
||||
{
|
||||
$sCurrentPath = __DIR__;
|
||||
|
||||
return file_get_contents($sCurrentPath.DIRECTORY_SEPARATOR
|
||||
.$sFolderName.DIRECTORY_SEPARATOR
|
||||
.$sFileToTest);
|
||||
}
|
||||
|
||||
private function RemoveNewLines($sText)
|
||||
{
|
||||
$sText = str_replace("\r\n", "\n", $sText);
|
||||
$sText = str_replace("\r", "\n", $sText);
|
||||
$sText = str_replace("\n", '', $sText);
|
||||
|
||||
return $sText;
|
||||
}
|
||||
|
||||
public function DoSanitizeProvider()
|
||||
{
|
||||
return array(
|
||||
array(<<< EOF
|
||||
<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"><meta name="Generator" content="Microsoft Word 15 (filtered medium)"><style><!--
|
||||
/* Font Definitions */
|
||||
@font-face
|
||||
{font-family:"Cambria Math";
|
||||
panose-1:2 4 5 3 5 4 6 3 2 4;}
|
||||
@font-face
|
||||
{font-family:Calibri;
|
||||
panose-1:2 15 5 2 2 2 4 3 2 4;}
|
||||
/* Style Definitions */
|
||||
p.MsoNormal, li.MsoNormal, div.MsoNormal
|
||||
{margin:0cm;
|
||||
margin-bottom:.0001pt;
|
||||
font-size:11.0pt;
|
||||
font-family:"Calibri",sans-serif;
|
||||
mso-fareast-language:EN-US;}
|
||||
a:link, span.MsoHyperlink
|
||||
{mso-style-priority:99;
|
||||
color:#0563C1;
|
||||
text-decoration:underline;}
|
||||
a:visited, span.MsoHyperlinkFollowed
|
||||
{mso-style-priority:99;
|
||||
color:#954F72;
|
||||
text-decoration:underline;}
|
||||
p.msonormal0, li.msonormal0, div.msonormal0
|
||||
{mso-style-name:msonormal;
|
||||
mso-margin-top-alt:auto;
|
||||
margin-right:0cm;
|
||||
mso-margin-bottom-alt:auto;
|
||||
margin-left:0cm;
|
||||
font-size:12.0pt;
|
||||
font-family:"Times New Roman",serif;}
|
||||
span.EmailStyle18
|
||||
{mso-style-type:personal;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:windowtext;}
|
||||
span.EmailStyle19
|
||||
{mso-style-type:personal;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:#1F497D;}
|
||||
span.EmailStyle20
|
||||
{mso-style-type:personal;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:#1F497D;}
|
||||
span.EmailStyle21
|
||||
{mso-style-type:personal-compose;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:windowtext;}
|
||||
.MsoChpDefault
|
||||
{mso-style-type:export-only;
|
||||
font-size:10.0pt;}
|
||||
@page WordSection1
|
||||
{size:612.0pt 792.0pt;
|
||||
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
|
||||
div.WordSection1
|
||||
{page:WordSection1;}
|
||||
--></style></head><body lang="EN-GB" link="#0563C1" vlink="#954F72"><div class="WordSection1"><p class="MsoNormal"><span lang="DE">Test mit nur Unterschrift</span></p><p class="MsoNormal"><span lang="DE">Kein bild</span></p><p class="MsoNormal"><span lang="DE"> </span></p><p class="MsoNormal"><span lang="DE"> </span></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Christel Dedman</span></b><span lang="EN-US"></span></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black"> </span></b><span lang="EN-US"></span></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Financial Reporting Manager | G4S International Logistics (Germany) GmbH</span></b></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black"> </span></b></p><p class="MsoNormal"><span lang="EN-US"> </span></p><p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Rathenaustrasse 53, 63263 Neu – Isenburg, Office Tel: +49 (0) 6102 / 4393 623 | Fax: +49 (0) 6102 / 4393 619 | Mobile: +49 (0) 172 / 5687367</span><span lang="EN-US"></span></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Email:</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif"> </span><a href="mailto:christel.dedman@g4si.com"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif">christel.dedman@g4si.com</span></a><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif"> <b>|</b> <span style="color:black">Web site</span>: </span><a href="http://www.g4si.com/" target="_blank"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif">www.g4si.com</span></a><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif"> / </span><a href="http://www.g4s.com/"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif">www.g4s.com</span></a><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman",serif"></span></p><p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-US" style="font-size:9.0pt;font-family:"Arial",sans-serif;color:black">Disclaimer: G4S International Logistics (G4Si) is a division of the G4S plc group of companies. This communication contains information which may be confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s).<br>If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and G4Si does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity.</span><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black"></span></p><p class="MsoNormal"> </p></div></body></html>
|
||||
|
||||
<br>
|
||||
<div><font size="1"><font face="Verdana" color="green" style="line-height:21px;background-color:rgb(255,255,255)"><br></font></font></div><font size="1"><font face="Verdana" color="green" style="line-height:21px;background-color:rgb(255,255,255)">Please consider the environment before printing this email.</font><font face="Verdana" color="gray" style="line-height:21px;background-color:rgb(255,255,255)"><br>******************************<wbr>******************************<wbr>*********<br>This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s).<br>If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. If you have received it in error please contact the sender immediately by return e-mail. Please then delete the e-mail and any copies of it and do not use or disclose its contents to any person.<br>Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity.<br>This message has been checked for viruses on behalf of the company.<br>******************************<wbr>******************************<wbr>*********</font><font face="Verdana" color="gray" style="line-height:21px;background-color:rgb(255,255,255)"><br><br></font></font>
|
||||
EOF
|
||||
array(
|
||||
'utf-8_wrong_character_email_truncated.txt',
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @dataProvider WhiteListProvider
|
||||
*
|
||||
* @param string $sHtmlToTest HTML content
|
||||
*/
|
||||
public function testDoSanitizeWhiteList($sHtmlToTest)
|
||||
{
|
||||
$oSanitizer = new HTMLDOMSanitizer();
|
||||
$sRes = $oSanitizer->DoSanitize($sHtmlToTest);
|
||||
|
||||
$this->debug($sRes);
|
||||
$this->assertEquals($sHtmlToTest, $sRes);
|
||||
}
|
||||
|
||||
public function WhiteListProvider()
|
||||
{
|
||||
// This is a copy of \HTMLDOMSanitizer::$aTagsWhiteList
|
||||
// should stay a copy as we want to check we're not removing something by mistake as it was done with the CENTER tag (N°2558)
|
||||
$aTagsWhiteList = array(
|
||||
// we don't test HTML and BODY as the parser removes them if context isn't appropriate
|
||||
'a' => array('href', 'name', 'style', 'target', 'title'),
|
||||
'p' => array('style'),
|
||||
'blockquote' => array('style'),
|
||||
'br' => array(),
|
||||
'span' => array('style'),
|
||||
'div' => array('style'),
|
||||
'b' => array(),
|
||||
'i' => array(),
|
||||
'u' => array(),
|
||||
'em' => array(),
|
||||
'strong' => array(),
|
||||
'img' => array('src', 'style', 'alt', 'title'),
|
||||
'ul' => array('style'),
|
||||
'ol' => array('style'),
|
||||
'li' => array('style'),
|
||||
'h1' => array('style'),
|
||||
'h2' => array('style'),
|
||||
'h3' => array('style'),
|
||||
'h4' => array('style'),
|
||||
'nav' => array('style'),
|
||||
'section' => array('style'),
|
||||
'code' => array('style'),
|
||||
'table' => array('style', 'width', 'summary', 'align', 'border', 'cellpadding', 'cellspacing'),
|
||||
'thead' => array('style'),
|
||||
'tbody' => array('style'),
|
||||
'tr' => array('style', 'colspan', 'rowspan'),
|
||||
'td' => array('style', 'colspan', 'rowspan'),
|
||||
'th' => array('style', 'colspan', 'rowspan'),
|
||||
'fieldset' => array('style'),
|
||||
'legend' => array('style'),
|
||||
'font' => array('face', 'color', 'style', 'size'),
|
||||
'big' => array(),
|
||||
'small' => array(),
|
||||
'tt' => array(),
|
||||
'kbd' => array(),
|
||||
'samp' => array(),
|
||||
'var' => array(),
|
||||
'del' => array(),
|
||||
's' => array(), // strikethrough
|
||||
'ins' => array(),
|
||||
'cite' => array(),
|
||||
'q' => array(),
|
||||
'hr' => array('style'),
|
||||
'pre' => array(),
|
||||
'center' => array(),
|
||||
);
|
||||
$aTestCaseArray = array();
|
||||
|
||||
$sInputText = $this->ReadTestFile('whitelist_test.html', self::INPUT_DIRECTORY);
|
||||
foreach ($aTagsWhiteList as $sTag => $aTagAttributes)
|
||||
{
|
||||
$sTestCaseText = $sInputText;
|
||||
$sStartTag = "<$sTag";
|
||||
$iAttrCounter = 0;
|
||||
foreach ($aTagAttributes as $sTagAttribute)
|
||||
{
|
||||
$sStartTag .= $this->GetTagAttributeValue($sTagAttribute, $iAttrCounter);
|
||||
$iAttrCounter++;
|
||||
}
|
||||
$sStartTag .= '>';
|
||||
$sTestCaseText = str_replace('##START_TAG##', $sStartTag, $sTestCaseText);
|
||||
|
||||
$sClosingTag = $this->IsClosingTag($sTag) ? "</$sTag>" : '';
|
||||
$sTestCaseText = str_replace('##END_TAG##', $sClosingTag, $sTestCaseText);
|
||||
|
||||
$aTestCaseArray[$sTag] = array($sTestCaseText);
|
||||
}
|
||||
|
||||
return $aTestCaseArray;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates an appropriate value for the given attribute, or use the counter if needed.
|
||||
* This is necessary as most of the attributes with empty or inappropriate values (like a numeric for a href) are removed by the parser
|
||||
*
|
||||
* @param string $sTagAttribute
|
||||
* @param int $iAttributeCounter
|
||||
*
|
||||
* @return string attribute value
|
||||
*/
|
||||
private function GetTagAttributeValue($sTagAttribute, $iAttributeCounter)
|
||||
{
|
||||
$sTagAttrValue = ' '.$sTagAttribute.'="';
|
||||
if (in_array($sTagAttribute, array('href', 'src')))
|
||||
{
|
||||
return $sTagAttrValue.'http://www.combodo.com"';
|
||||
}
|
||||
|
||||
if ($sTagAttribute === 'style')
|
||||
{
|
||||
return $sTagAttrValue.'color: black"';
|
||||
}
|
||||
|
||||
return $sTagAttrValue.$iAttributeCounter.'"';
|
||||
}
|
||||
|
||||
private function IsClosingTag($sTag)
|
||||
{
|
||||
if (in_array($sTag, array('br', 'img', 'hr')))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
1
test/core/sanitizer/README.txt
Normal file
1
test/core/sanitizer/README.txt
Normal file
@@ -0,0 +1 @@
|
||||
Sample data for the HTMLDOMSanitizerTest class
|
||||
@@ -0,0 +1,56 @@
|
||||
<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"><meta name="Generator" content="Microsoft Word 15 (filtered medium)"><style><!--
|
||||
/* Font Definitions */
|
||||
@font-face
|
||||
{font-family:"Cambria Math";
|
||||
panose-1:2 4 5 3 5 4 6 3 2 4;}
|
||||
@font-face
|
||||
{font-family:Calibri;
|
||||
panose-1:2 15 5 2 2 2 4 3 2 4;}
|
||||
/* Style Definitions */
|
||||
p.MsoNormal, li.MsoNormal, div.MsoNormal
|
||||
{margin:0cm;
|
||||
margin-bottom:.0001pt;
|
||||
font-size:11.0pt;
|
||||
font-family:"Calibri",sans-serif;
|
||||
mso-fareast-language:EN-US;}
|
||||
a:link, span.MsoHyperlink
|
||||
{mso-style-priority:99;
|
||||
color:#0563C1;
|
||||
text-decoration:underline;}
|
||||
a:visited, span.MsoHyperlinkFollowed
|
||||
{mso-style-priority:99;
|
||||
color:#954F72;
|
||||
text-decoration:underline;}
|
||||
p.msonormal0, li.msonormal0, div.msonormal0
|
||||
{mso-style-name:msonormal;
|
||||
mso-margin-top-alt:auto;
|
||||
margin-right:0cm;
|
||||
mso-margin-bottom-alt:auto;
|
||||
margin-left:0cm;
|
||||
font-size:12.0pt;
|
||||
font-family:"Times New Roman",serif;}
|
||||
span.EmailStyle18
|
||||
{mso-style-type:personal;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:windowtext;}
|
||||
span.EmailStyle19
|
||||
{mso-style-type:personal;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:#1F497D;}
|
||||
span.EmailStyle20
|
||||
{mso-style-type:personal;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:#1F497D;}
|
||||
span.EmailStyle21
|
||||
{mso-style-type:personal-compose;
|
||||
font-family:"Calibri",sans-serif;
|
||||
color:windowtext;}
|
||||
.MsoChpDefault
|
||||
{mso-style-type:export-only;
|
||||
font-size:10.0pt;}
|
||||
@page WordSection1
|
||||
{size:612.0pt 792.0pt;
|
||||
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
|
||||
div.WordSection1
|
||||
{page:WordSection1;}
|
||||
--></style></head><body lang="EN-GB" link="#0563C1" vlink="#954F72"><div class="WordSection1"><p class="MsoNormal"><span lang="DE">Test mit nur Unterschrift</span></p><p class="MsoNormal"><span lang="DE">Kein bild</span></p><p class="MsoNormal"><span lang="DE"> </span></p><p class="MsoNormal"><span lang="DE"> </span></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Christel Dedman</span></b><span lang="EN-US"></span></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black"> </span></b><span lang="EN-US"></span></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Financial Reporting Manager | G4S International Logistics (Germany) GmbH</span></b></p><p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black"> </span></b></p><p class="MsoNormal"><span lang="EN-US"> </span></p><p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Rathenaustrasse 53, 63263 Neu – Isenburg, Office Tel: +49 (0) 6102 / 4393 623 | Fax: +49 (0) 6102 / 4393 619 | Mobile: +49 (0) 172 / 5687367</span><span lang="EN-US"></span></p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Email:</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif"> </span><a href="mailto:christel.dedman@g4si.com"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif">christel.dedman@g4si.com</span></a><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif"> <b>|</b> <span style="color:black">Web site</span>: </span><a href="http://www.g4si.com/" target="_blank"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif">www.g4si.com</span></a><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif"> / </span><a href="http://www.g4s.com/"><span lang="EN-US" style="font-size:10.0pt;font-family:"Arial",sans-serif">www.g4s.com</span></a><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman",serif"></span></p><p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-US" style="font-size:9.0pt;font-family:"Arial",sans-serif;color:black">Disclaimer: G4S International Logistics (G4Si) is a division of the G4S plc group of companies. This communication contains information which may be confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s).<br>If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and G4Si does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity.</span><span lang="EN-US" style="font-size:12.0pt;font-family:"Times New Roman",serif;color:black"></span></p><p class="MsoNormal"> </p></div></body></html>
|
||||
14
test/core/sanitizer/input/whitelist_test.html
Normal file
14
test/core/sanitizer/input/whitelist_test.html
Normal file
@@ -0,0 +1,14 @@
|
||||
##START_TAG##
|
||||
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam luctus semper diam et fermentum. Cras nisi mauris, rutrum id turpis at,
|
||||
sagittis tempus erat. Sed tempus vel purus id sagittis. Suspendisse ullamcorper eros vel semper malesuada. Vivamus malesuada tellus quis
|
||||
nisi consequat, quis tristique magna eleifend. Quisque eget turpis lacinia, vehicula turpis vel, aliquet diam. Aenean eu nunc ac velit
|
||||
condimentum posuere. Vivamus congue velit cursus eros mollis, vitae eleifend urna finibus.
|
||||
|
||||
In accumsan sed sem nec sollicitudin. Sed pretium, neque et rhoncus volutpat, urna massa semper ex, et faucibus mauris sapien eu libero.
|
||||
Sed vel accumsan nibh, tempus accumsan mi. Maecenas gravida imperdiet leo id euismod. Mauris pharetra mattis facilisis. Suspendisse
|
||||
dictum vel orci ac luctus. Proin ultricies erat sit amet leo sollicitudin, quis lacinia felis volutpat. Praesent molestie quam et magna
|
||||
tempor aliquet. Sed quam nisi, dictum ac gravida et, suscipit et augue. Fusce ac purus eget leo scelerisque bibendum. Proin in semper
|
||||
erat, eu congue diam. Vivamus purus eros, consectetur laoreet gravida in, ultricies eget nibh. Mauris hendrerit euismod ex at facilisis.
|
||||
Integer lacus eros, posuere finibus libero facilisis, eleifend gravida neque. Integer feugiat elit vel leo aliquet suscipit. Etiam
|
||||
auctor ligula sed eros vulputate tristique ac eget magna.
|
||||
##END_TAG##
|
||||
@@ -0,0 +1,12 @@
|
||||
<div>
|
||||
<p><span>Test mit nur Unterschrift</span></p>
|
||||
<p><span>Kein bild</span></p>
|
||||
<p><span> </span></p>
|
||||
<p><span> </span></p>
|
||||
<p><b><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:black'>Christel Dedman</span></b><span></span></p>
|
||||
<p><b><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:black'> </span></b><span></span></p>
|
||||
<p><b><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:black'>Financial Reporting Manager | G4S International Logistics (Germany) GmbH</span></b></p>
|
||||
<p><b><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:black'> </span></b></p>
|
||||
<p><span> </span></p>
|
||||
<p><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:black'>Rathenaustrasse 53, 63263 Neu </span></p>
|
||||
</div>
|
||||
Reference in New Issue
Block a user