diff --git a/tests/DefaultsTest.php b/tests/DefaultsTest.php index f0f0290..551a4d3 100644 --- a/tests/DefaultsTest.php +++ b/tests/DefaultsTest.php @@ -89,4 +89,64 @@ public function testDenyAttribute() { '
...
' ); } + + /** + * Allow lists to be nested by default. + */ + public function testDirectNestList() { + $html = << +
  • one
  • +
      +
    1. two
    2. +
    + +HTML; + $this->assertFiltered($html, $html); + } + + /** + * Provide the elements for {@link testElements()}. + * + * @return array Returns an array for testing. + */ + public function provideInvalidElements() { + $elements = explode('-', 'applet-button-form-input-textarea-iframe-script-style-embed-object'); + $result = []; + foreach ($elements as $element) { + $result[$element] = [$element]; + } + return $result; + } + + /** + * Test that default invalid elements are removed. + * + * @param string $element The element that should be removed. + * @dataProvider provideInvalidElements + */ + public function testInvalidElements($element) { + $html = "
    <$element>hi
    "; + $this->assertFiltered('
    hi
    ', $html); + } + + /** + * Test to make sure `javascript:` isn't allowed in an href. + */ + public function testBadScheme() { + $this->assertFiltered( + 'click', + 'click' + ); + } + + /** + * Make sure duplicate ID checks aren't being done. + */ + public function testAllowDuplicateIDs() { + $this->assertFiltered( + 'onetwo', + 'onetwo' + ); + } }