Inspection of "Update translations" - silverstripe/silverstripe-iframe - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( e3eece...4cf24a )

by Damian

created 2016-05-18 06:37 UTC

Status

Indentation +134 added lines, -134 removed lines patch added patch discarded remove patch

@@ -2,138 +2,138 @@
 block discarded – undo
 
 class IFramePageTest extends SapphireTest
 {
-    public function setUp()
-    {
-        parent::setUp();
-        Config::nest();
-    }
-
-    public function tearDown()
-    {
-        Config::unnest();
-        parent::tearDown();
-    }
-
-    public function testGetClass()
-    {
-        $iframe = new IFramePage();
-        $iframe->AutoHeight = 1;
-        $iframe->getClass();
-
-        $this->assertContains('iframepage-height-auto', $iframe->getClass());
-
-        $iframe->AutoHeight = 0;
-        $iframe->getClass();
-
-        $this->assertNotContains('iframepage-height-auto', $iframe->getClass());
-    }
-
-    public function testGetStyle()
-    {
-        $iframe = new IFramePage();
-
-        $iframe->FixedHeight = 0;
-        $iframe->getStyle();
-        $this->assertContains('height: 800px', $iframe->getStyle(), 'Height defaults to 800 if not set.');
-
-        $iframe->FixedHeight = 100;
-        $iframe->getStyle();
-        $this->assertContains('height: 100px', $iframe->getStyle(), 'Fixed height is settable');
-
-        $iframe->AutoWidth = 1;
-        $iframe->FixedWidth = '200';
-        $this->assertContains('width: 100%', $iframe->getStyle(), 'Auto width overrides fixed width');
-
-        $iframe->AutoWidth = 0;
-        $iframe->FixedWidth = '200';
-        $this->assertContains('width: 200px', $iframe->getStyle(), 'Fixed width is settable');
-    }
-
-    public function testAllowedUrls()
-    {
-        $iframe = new IFramePage();
-
-        $tests = array(
-            'allowed' => array(
-                'http://anything',
-                'https://anything',
-                'page',
-                'sub-page/link',
-                'page/link',
-                'page.html',
-                'page.htm',
-                'page.phpissoawesomewhywouldiuseanythingelse',
-                '//url.com/page',
-                '/root/page/link',
-                'http://intranet:8888',
-                'http://javascript:8080',
-                'http://username:password@hostname/path?arg=value#anchor'
-            ),
-            'banned' => array(
-                'javascript:alert',
-                'tel:0210001234',
-                'ftp://url',
-                'ssh://1.2.3.4',
-                'ssh://url.com/page'
-            )
-        );
-
-        foreach ($tests['allowed'] as $url) {
-            $iframe->IFrameURL = $url;
-            $iframe->write();
-            $this->assertContains($iframe->IFrameURL, $url);
-        }
-
-        foreach ($tests['banned'] as $url) {
-            $iframe->IFrameURL = $url;
-            $this->setExpectedException('ValidationException');
-            $iframe->write();
-        }
-    }
-
-    public function testForceProtocol()
-    {
-        $origServer = $_SERVER;
-
-        $page = new IFramePage();
-        $page->URLSegment = 'iframe';
-        $page->IFrameURL = 'http://target.com';
-
-        Config::inst()->update('Director', 'alternate_protocol', 'http');
-        Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
-        $page->ForceProtocol = '';
-        $controller = new IFramePage_Controller($page);
-        $response = $controller->init();
-        $this->assertNull($response);
-
-        Config::inst()->update('Director', 'alternate_protocol', 'https');
-        Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
-        $page->ForceProtocol = '';
-        $controller = new IFramePage_Controller($page);
-        $response = $controller->init();
-        $this->assertNull($response);
-
-        Config::inst()->update('Director', 'alternate_protocol', 'http');
-        Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
-        $page->ForceProtocol = 'http://';
-        $controller = new IFramePage_Controller($page);
-        $response = $controller->init();
-        $this->assertNull($response);
-
-        Config::inst()->update('Director', 'alternate_protocol', 'http');
-        Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
-        $page->ForceProtocol = 'https://';
-        $controller = new IFramePage_Controller($page);
-        $response = $controller->init();
-        $this->assertEquals($response->getHeader('Location'), 'https://host.com/iframe/');
-
-        Config::inst()->update('Director', 'alternate_protocol', 'https');
-        Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
-        $page->ForceProtocol = 'http://';
-        $controller = new IFramePage_Controller($page);
-        $response = $controller->init();
-        $this->assertEquals($response->getHeader('Location'), 'http://host.com/iframe/');
-
-        $_SERVER = $origServer;
-    }
+	public function setUp()
+	{
+		parent::setUp();
+		Config::nest();
+	}
+
+	public function tearDown()
+	{
+		Config::unnest();
+		parent::tearDown();
+	}
+
+	public function testGetClass()
+	{
+		$iframe = new IFramePage();
+		$iframe->AutoHeight = 1;
+		$iframe->getClass();
+
+		$this->assertContains('iframepage-height-auto', $iframe->getClass());
+
+		$iframe->AutoHeight = 0;
+		$iframe->getClass();
+
+		$this->assertNotContains('iframepage-height-auto', $iframe->getClass());
+	}
+
+	public function testGetStyle()
+	{
+		$iframe = new IFramePage();
+
+		$iframe->FixedHeight = 0;
+		$iframe->getStyle();
+		$this->assertContains('height: 800px', $iframe->getStyle(), 'Height defaults to 800 if not set.');
+
+		$iframe->FixedHeight = 100;
+		$iframe->getStyle();
+		$this->assertContains('height: 100px', $iframe->getStyle(), 'Fixed height is settable');
+
+		$iframe->AutoWidth = 1;
+		$iframe->FixedWidth = '200';
+		$this->assertContains('width: 100%', $iframe->getStyle(), 'Auto width overrides fixed width');
+
+		$iframe->AutoWidth = 0;
+		$iframe->FixedWidth = '200';
+		$this->assertContains('width: 200px', $iframe->getStyle(), 'Fixed width is settable');
+	}
+
+	public function testAllowedUrls()
+	{
+		$iframe = new IFramePage();
+
+		$tests = array(
+			'allowed' => array(
+				'http://anything',
+				'https://anything',
+				'page',
+				'sub-page/link',
+				'page/link',
+				'page.html',
+				'page.htm',
+				'page.phpissoawesomewhywouldiuseanythingelse',
+				'//url.com/page',
+				'/root/page/link',
+				'http://intranet:8888',
+				'http://javascript:8080',
+				'http://username:password@hostname/path?arg=value#anchor'
+			),
+			'banned' => array(
+				'javascript:alert',
+				'tel:0210001234',
+				'ftp://url',
+				'ssh://1.2.3.4',
+				'ssh://url.com/page'
+			)
+		);
+
+		foreach ($tests['allowed'] as $url) {
+			$iframe->IFrameURL = $url;
+			$iframe->write();
+			$this->assertContains($iframe->IFrameURL, $url);
+		}
+
+		foreach ($tests['banned'] as $url) {
+			$iframe->IFrameURL = $url;
+			$this->setExpectedException('ValidationException');
+			$iframe->write();
+		}
+	}
+
+	public function testForceProtocol()
+	{
+		$origServer = $_SERVER;
+
+		$page = new IFramePage();
+		$page->URLSegment = 'iframe';
+		$page->IFrameURL = 'http://target.com';
+
+		Config::inst()->update('Director', 'alternate_protocol', 'http');
+		Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
+		$page->ForceProtocol = '';
+		$controller = new IFramePage_Controller($page);
+		$response = $controller->init();
+		$this->assertNull($response);
+
+		Config::inst()->update('Director', 'alternate_protocol', 'https');
+		Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
+		$page->ForceProtocol = '';
+		$controller = new IFramePage_Controller($page);
+		$response = $controller->init();
+		$this->assertNull($response);
+
+		Config::inst()->update('Director', 'alternate_protocol', 'http');
+		Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
+		$page->ForceProtocol = 'http://';
+		$controller = new IFramePage_Controller($page);
+		$response = $controller->init();
+		$this->assertNull($response);
+
+		Config::inst()->update('Director', 'alternate_protocol', 'http');
+		Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
+		$page->ForceProtocol = 'https://';
+		$controller = new IFramePage_Controller($page);
+		$response = $controller->init();
+		$this->assertEquals($response->getHeader('Location'), 'https://host.com/iframe/');
+
+		Config::inst()->update('Director', 'alternate_protocol', 'https');
+		Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
+		$page->ForceProtocol = 'http://';
+		$controller = new IFramePage_Controller($page);
+		$response = $controller->init();
+		$this->assertEquals($response->getHeader('Location'), 'http://host.com/iframe/');
+
+		$_SERVER = $origServer;
+	}
 }

Please login to merge, or discard this patch.

code/IFramePage.php 1 patch

Indentation +129 added lines, -129 removed lines patch added patch discarded remove patch

@@ -6,137 +6,137 @@
 block discarded – undo
 
 class IFramePage extends Page
 {
-    public static $db = array(
-        'IFrameURL' => 'Text',
-        'AutoHeight' => 'Boolean(1)',
-        'AutoWidth' => 'Boolean(1)',
-        'FixedHeight' => 'Int(500)',
-        'FixedWidth' => 'Int(0)',
-        'AlternateContent' => 'HTMLText',
-        'BottomContent' => 'HTMLText',
-        'ForceProtocol' => 'Varchar',
-    );
-
-    public static $defaults = array(
-        'AutoHeight' => '1',
-        'AutoWidth' => '1',
-        'FixedHeight' => '500',
-        'FixedWidth' => '0'
-    );
-
-    public static $description = 'Embeds an iframe into the body of the page.';
-
-    public function getCMSFields()
-    {
-        $fields = parent::getCMSFields();
-
-        $fields->removeFieldFromTab('Root.Main', 'Content');
-        $fields->addFieldToTab('Root.Main', $url = new TextField('IFrameURL', 'Iframe URL'));
-        $url->setRightTitle('Can be absolute (<em>http://silverstripe.com</em>) or relative to this site (<em>about-us</em>).');
-        $fields->addFieldToTab(
-            'Root.Main',
-            DropdownField::create('ForceProtocol', 'Force protocol?')
-                ->setSource(array('http://' => 'http://', 'https://' => 'https://'))
-                ->setEmptyString('')
-                ->setDescription('Avoids mixed content warnings when iframe content is just available under a specific protocol'),
-            'Metadata'
-        );
-        $fields->addFieldToTab('Root.Main', new CheckboxField('AutoHeight', 'Auto height (only works with same domain URLs)'));
-        $fields->addFieldToTab('Root.Main', new CheckboxField('AutoWidth', 'Auto width (100% of the available space)'));
-        $fields->addFieldToTab('Root.Main', new NumericField('FixedHeight', 'Fixed height (in pixels)'));
-        $fields->addFieldToTab('Root.Main', new NumericField('FixedWidth', 'Fixed width (in pixels)'));
-        $fields->addFieldToTab('Root.Main', new HtmlEditorField('Content', 'Content (appears above iframe)'));
-        $fields->addFieldToTab('Root.Main', new HtmlEditorField('BottomContent', 'Content (appears below iframe)'));
-        $fields->addFieldToTab('Root.Main', new HtmlEditorField('AlternateContent', 'Alternate Content (appears when user has iframes disabled)'));
-
-        // Move the Metadata field to last position, but make a check for it's
-        // existence first.
-        //
-        // See https://github.com/silverstripe-labs/silverstripe-iframe/issues/18
-        $mainTab = $fields->findOrMakeTab('Root.Main');
-        $mainTabFields = $mainTab->FieldList();
-        $metaDataField = $mainTabFields->fieldByName('Metadata');
-        if ($metaDataField) {
-            $mainTabFields->removeByName('Metadata');
-            $mainTabFields->push($metaDataField);
-        }
-        return $fields;
-    }
-
-    /**
-     * Compute class from the size parameters.
-     */
-    public function getClass()
-    {
-        $class = '';
-        if ($this->AutoHeight) {
-            $class .= 'iframepage-height-auto';
-        }
-
-        return $class;
-    }
-
-    /**
-     * Compute style from the size parameters.
-     */
-    public function getStyle()
-    {
-        $style = '';
-
-        // Always add fixed height as a fallback if autosetting or JS fails.
-        $height = $this->FixedHeight;
-        if (!$height) {
-            $height = 800;
-        }
-        $style .= "height: {$height}px; ";
-
-        if ($this->AutoWidth) {
-            $style .= "width: 100%; ";
-        } elseif ($this->FixedWidth) {
-            $style .= "width: {$this->FixedWidth}px; ";
-        }
-
-        return $style;
-    }
-
-    /**
-     * Ensure that the IFrameURL is a valid url and prevents XSS
-     *
-     * @throws ValidationException
-     * @return ValidationResult
-     */
-    public function validate()
-    {
-        $result = parent::validate();
-
-        //whitelist allowed URL schemes
-        $allowed_schemes = array('http', 'https');
-        if ($matches = parse_url($this->IFrameURL)) {
-            if (isset($matches['scheme']) && !in_array($matches['scheme'], $allowed_schemes)) {
-                $result->error(_t('IFramePage.VALIDATION.BANNEDURLSCHEME', "This URL scheme is not allowed."));
-            }
-        }
-
-        return $result;
-    }
+	public static $db = array(
+		'IFrameURL' => 'Text',
+		'AutoHeight' => 'Boolean(1)',
+		'AutoWidth' => 'Boolean(1)',
+		'FixedHeight' => 'Int(500)',
+		'FixedWidth' => 'Int(0)',
+		'AlternateContent' => 'HTMLText',
+		'BottomContent' => 'HTMLText',
+		'ForceProtocol' => 'Varchar',
+	);
+
+	public static $defaults = array(
+		'AutoHeight' => '1',
+		'AutoWidth' => '1',
+		'FixedHeight' => '500',
+		'FixedWidth' => '0'
+	);
+
+	public static $description = 'Embeds an iframe into the body of the page.';
+
+	public function getCMSFields()
+	{
+		$fields = parent::getCMSFields();
+
+		$fields->removeFieldFromTab('Root.Main', 'Content');
+		$fields->addFieldToTab('Root.Main', $url = new TextField('IFrameURL', 'Iframe URL'));
+		$url->setRightTitle('Can be absolute (<em>http://silverstripe.com</em>) or relative to this site (<em>about-us</em>).');
+		$fields->addFieldToTab(
+			'Root.Main',
+			DropdownField::create('ForceProtocol', 'Force protocol?')
+				->setSource(array('http://' => 'http://', 'https://' => 'https://'))
+				->setEmptyString('')
+				->setDescription('Avoids mixed content warnings when iframe content is just available under a specific protocol'),
+			'Metadata'
+		);
+		$fields->addFieldToTab('Root.Main', new CheckboxField('AutoHeight', 'Auto height (only works with same domain URLs)'));
+		$fields->addFieldToTab('Root.Main', new CheckboxField('AutoWidth', 'Auto width (100% of the available space)'));
+		$fields->addFieldToTab('Root.Main', new NumericField('FixedHeight', 'Fixed height (in pixels)'));
+		$fields->addFieldToTab('Root.Main', new NumericField('FixedWidth', 'Fixed width (in pixels)'));
+		$fields->addFieldToTab('Root.Main', new HtmlEditorField('Content', 'Content (appears above iframe)'));
+		$fields->addFieldToTab('Root.Main', new HtmlEditorField('BottomContent', 'Content (appears below iframe)'));
+		$fields->addFieldToTab('Root.Main', new HtmlEditorField('AlternateContent', 'Alternate Content (appears when user has iframes disabled)'));
+
+		// Move the Metadata field to last position, but make a check for it's
+		// existence first.
+		//
+		// See https://github.com/silverstripe-labs/silverstripe-iframe/issues/18
+		$mainTab = $fields->findOrMakeTab('Root.Main');
+		$mainTabFields = $mainTab->FieldList();
+		$metaDataField = $mainTabFields->fieldByName('Metadata');
+		if ($metaDataField) {
+			$mainTabFields->removeByName('Metadata');
+			$mainTabFields->push($metaDataField);
+		}
+		return $fields;
+	}
+
+	/**
+	 * Compute class from the size parameters.
+	 */
+	public function getClass()
+	{
+		$class = '';
+		if ($this->AutoHeight) {
+			$class .= 'iframepage-height-auto';
+		}
+
+		return $class;
+	}
+
+	/**
+	 * Compute style from the size parameters.
+	 */
+	public function getStyle()
+	{
+		$style = '';
+
+		// Always add fixed height as a fallback if autosetting or JS fails.
+		$height = $this->FixedHeight;
+		if (!$height) {
+			$height = 800;
+		}
+		$style .= "height: {$height}px; ";
+
+		if ($this->AutoWidth) {
+			$style .= "width: 100%; ";
+		} elseif ($this->FixedWidth) {
+			$style .= "width: {$this->FixedWidth}px; ";
+		}
+
+		return $style;
+	}
+
+	/**
+	 * Ensure that the IFrameURL is a valid url and prevents XSS
+	 *
+	 * @throws ValidationException
+	 * @return ValidationResult
+	 */
+	public function validate()
+	{
+		$result = parent::validate();
+
+		//whitelist allowed URL schemes
+		$allowed_schemes = array('http', 'https');
+		if ($matches = parse_url($this->IFrameURL)) {
+			if (isset($matches['scheme']) && !in_array($matches['scheme'], $allowed_schemes)) {
+				$result->error(_t('IFramePage.VALIDATION.BANNEDURLSCHEME', "This URL scheme is not allowed."));
+			}
+		}
+
+		return $result;
+	}
 }
 
 class IFramePage_Controller extends Page_Controller
 {
-    public function init()
-    {
-        parent::init();
-
-        if ($this->ForceProtocol) {
-            if ($this->ForceProtocol == 'http://' && Director::protocol() != 'http://') {
-                return $this->redirect(preg_replace('#https://#', 'http://', $this->AbsoluteLink()));
-            } elseif ($this->ForceProtocol == 'https://' && Director::protocol() != 'https://') {
-                return $this->redirect(preg_replace('#http://#', 'https://', $this->AbsoluteLink()));
-            }
-        }
-
-        if ($this->IFrameURL) {
-            Requirements::javascript('iframe/javascript/iframe_page.js');
-        }
-    }
+	public function init()
+	{
+		parent::init();
+
+		if ($this->ForceProtocol) {
+			if ($this->ForceProtocol == 'http://' && Director::protocol() != 'http://') {
+				return $this->redirect(preg_replace('#https://#', 'http://', $this->AbsoluteLink()));
+			} elseif ($this->ForceProtocol == 'https://' && Director::protocol() != 'https://') {
+				return $this->redirect(preg_replace('#http://#', 'https://', $this->AbsoluteLink()));
+			}
+		}
+
+		if ($this->IFrameURL) {
+			Requirements::javascript('iframe/javascript/iframe_page.js');
+		}
+	}
 }

Please login to merge, or discard this patch.

		@@ -2,138 +2,138 @@
		block discarded – undo
2	2
3	3	class IFramePageTest extends SapphireTest
4	4	{
5		- public function setUp()
6		- {
7		- parent::setUp();
8		- Config::nest();
9		- }
10		-
11		- public function tearDown()
12		- {
13		- Config::unnest();
14		- parent::tearDown();
15		- }
16		-
17		- public function testGetClass()
18		- {
19		- $iframe = new IFramePage();
20		- $iframe->AutoHeight = 1;
21		- $iframe->getClass();
22		-
23		- $this->assertContains('iframepage-height-auto', $iframe->getClass());
24		-
25		- $iframe->AutoHeight = 0;
26		- $iframe->getClass();
27		-
28		- $this->assertNotContains('iframepage-height-auto', $iframe->getClass());
29		- }
30		-
31		- public function testGetStyle()
32		- {
33		- $iframe = new IFramePage();
34		-
35		- $iframe->FixedHeight = 0;
36		- $iframe->getStyle();
37		- $this->assertContains('height: 800px', $iframe->getStyle(), 'Height defaults to 800 if not set.');
38		-
39		- $iframe->FixedHeight = 100;
40		- $iframe->getStyle();
41		- $this->assertContains('height: 100px', $iframe->getStyle(), 'Fixed height is settable');
42		-
43		- $iframe->AutoWidth = 1;
44		- $iframe->FixedWidth = '200';
45		- $this->assertContains('width: 100%', $iframe->getStyle(), 'Auto width overrides fixed width');
46		-
47		- $iframe->AutoWidth = 0;
48		- $iframe->FixedWidth = '200';
49		- $this->assertContains('width: 200px', $iframe->getStyle(), 'Fixed width is settable');
50		- }
51		-
52		- public function testAllowedUrls()
53		- {
54		- $iframe = new IFramePage();
55		-
56		- $tests = array(
57		- 'allowed' => array(
58		- 'http://anything',
59		- 'https://anything',
60		- 'page',
61		- 'sub-page/link',
62		- 'page/link',
63		- 'page.html',
64		- 'page.htm',
65		- 'page.phpissoawesomewhywouldiuseanythingelse',
66		- '//url.com/page',
67		- '/root/page/link',
68		- 'http://intranet:8888',
69		- 'http://javascript:8080',
70		- 'http://username:password@hostname/path?arg=value#anchor'
71		- ),
72		- 'banned' => array(
73		- 'javascript:alert',
74		- 'tel:0210001234',
75		- 'ftp://url',
76		- 'ssh://1.2.3.4',
77		- 'ssh://url.com/page'
78		- )
79		- );
80		-
81		- foreach ($tests['allowed'] as $url) {
82		- $iframe->IFrameURL = $url;
83		- $iframe->write();
84		- $this->assertContains($iframe->IFrameURL, $url);
85		- }
86		-
87		- foreach ($tests['banned'] as $url) {
88		- $iframe->IFrameURL = $url;
89		- $this->setExpectedException('ValidationException');
90		- $iframe->write();
91		- }
92		- }
93		-
94		- public function testForceProtocol()
95		- {
96		- $origServer = $_SERVER;
97		-
98		- $page = new IFramePage();
99		- $page->URLSegment = 'iframe';
100		- $page->IFrameURL = 'http://target.com';
101		-
102		- Config::inst()->update('Director', 'alternate_protocol', 'http');
103		- Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
104		- $page->ForceProtocol = '';
105		- $controller = new IFramePage_Controller($page);
106		- $response = $controller->init();
107		- $this->assertNull($response);
108		-
109		- Config::inst()->update('Director', 'alternate_protocol', 'https');
110		- Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
111		- $page->ForceProtocol = '';
112		- $controller = new IFramePage_Controller($page);
113		- $response = $controller->init();
114		- $this->assertNull($response);
115		-
116		- Config::inst()->update('Director', 'alternate_protocol', 'http');
117		- Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
118		- $page->ForceProtocol = 'http://';
119		- $controller = new IFramePage_Controller($page);
120		- $response = $controller->init();
121		- $this->assertNull($response);
122		-
123		- Config::inst()->update('Director', 'alternate_protocol', 'http');
124		- Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
125		- $page->ForceProtocol = 'https://';
126		- $controller = new IFramePage_Controller($page);
127		- $response = $controller->init();
128		- $this->assertEquals($response->getHeader('Location'), 'https://host.com/iframe/');
129		-
130		- Config::inst()->update('Director', 'alternate_protocol', 'https');
131		- Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
132		- $page->ForceProtocol = 'http://';
133		- $controller = new IFramePage_Controller($page);
134		- $response = $controller->init();
135		- $this->assertEquals($response->getHeader('Location'), 'http://host.com/iframe/');
136		-
137		- $_SERVER = $origServer;
138		- }
	5	+ public function setUp()
	6	+ {
	7	+ parent::setUp();
	8	+ Config::nest();
	9	+ }
	10	+
	11	+ public function tearDown()
	12	+ {
	13	+ Config::unnest();
	14	+ parent::tearDown();
	15	+ }
	16	+
	17	+ public function testGetClass()
	18	+ {
	19	+ $iframe = new IFramePage();
	20	+ $iframe->AutoHeight = 1;
	21	+ $iframe->getClass();
	22	+
	23	+ $this->assertContains('iframepage-height-auto', $iframe->getClass());
	24	+
	25	+ $iframe->AutoHeight = 0;
	26	+ $iframe->getClass();
	27	+
	28	+ $this->assertNotContains('iframepage-height-auto', $iframe->getClass());
	29	+ }
	30	+
	31	+ public function testGetStyle()
	32	+ {
	33	+ $iframe = new IFramePage();
	34	+
	35	+ $iframe->FixedHeight = 0;
	36	+ $iframe->getStyle();
	37	+ $this->assertContains('height: 800px', $iframe->getStyle(), 'Height defaults to 800 if not set.');
	38	+
	39	+ $iframe->FixedHeight = 100;
	40	+ $iframe->getStyle();
	41	+ $this->assertContains('height: 100px', $iframe->getStyle(), 'Fixed height is settable');
	42	+
	43	+ $iframe->AutoWidth = 1;
	44	+ $iframe->FixedWidth = '200';
	45	+ $this->assertContains('width: 100%', $iframe->getStyle(), 'Auto width overrides fixed width');
	46	+
	47	+ $iframe->AutoWidth = 0;
	48	+ $iframe->FixedWidth = '200';
	49	+ $this->assertContains('width: 200px', $iframe->getStyle(), 'Fixed width is settable');
	50	+ }
	51	+
	52	+ public function testAllowedUrls()
	53	+ {
	54	+ $iframe = new IFramePage();
	55	+
	56	+ $tests = array(
	57	+ 'allowed' => array(
	58	+ 'http://anything',
	59	+ 'https://anything',
	60	+ 'page',
	61	+ 'sub-page/link',
	62	+ 'page/link',
	63	+ 'page.html',
	64	+ 'page.htm',
	65	+ 'page.phpissoawesomewhywouldiuseanythingelse',
	66	+ '//url.com/page',
	67	+ '/root/page/link',
	68	+ 'http://intranet:8888',
	69	+ 'http://javascript:8080',
	70	+ 'http://username:password@hostname/path?arg=value#anchor'
	71	+ ),
	72	+ 'banned' => array(
	73	+ 'javascript:alert',
	74	+ 'tel:0210001234',
	75	+ 'ftp://url',
	76	+ 'ssh://1.2.3.4',
	77	+ 'ssh://url.com/page'
	78	+ )
	79	+ );
	80	+
	81	+ foreach ($tests['allowed'] as $url) {
	82	+ $iframe->IFrameURL = $url;
	83	+ $iframe->write();
	84	+ $this->assertContains($iframe->IFrameURL, $url);
	85	+ }
	86	+
	87	+ foreach ($tests['banned'] as $url) {
	88	+ $iframe->IFrameURL = $url;
	89	+ $this->setExpectedException('ValidationException');
	90	+ $iframe->write();
	91	+ }
	92	+ }
	93	+
	94	+ public function testForceProtocol()
	95	+ {
	96	+ $origServer = $_SERVER;
	97	+
	98	+ $page = new IFramePage();
	99	+ $page->URLSegment = 'iframe';
	100	+ $page->IFrameURL = 'http://target.com';
	101	+
	102	+ Config::inst()->update('Director', 'alternate_protocol', 'http');
	103	+ Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
	104	+ $page->ForceProtocol = '';
	105	+ $controller = new IFramePage_Controller($page);
	106	+ $response = $controller->init();
	107	+ $this->assertNull($response);
	108	+
	109	+ Config::inst()->update('Director', 'alternate_protocol', 'https');
	110	+ Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
	111	+ $page->ForceProtocol = '';
	112	+ $controller = new IFramePage_Controller($page);
	113	+ $response = $controller->init();
	114	+ $this->assertNull($response);
	115	+
	116	+ Config::inst()->update('Director', 'alternate_protocol', 'http');
	117	+ Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
	118	+ $page->ForceProtocol = 'http://';
	119	+ $controller = new IFramePage_Controller($page);
	120	+ $response = $controller->init();
	121	+ $this->assertNull($response);
	122	+
	123	+ Config::inst()->update('Director', 'alternate_protocol', 'http');
	124	+ Config::inst()->update('Director', 'alternate_base_url', 'http://host.com');
	125	+ $page->ForceProtocol = 'https://';
	126	+ $controller = new IFramePage_Controller($page);
	127	+ $response = $controller->init();
	128	+ $this->assertEquals($response->getHeader('Location'), 'https://host.com/iframe/');
	129	+
	130	+ Config::inst()->update('Director', 'alternate_protocol', 'https');
	131	+ Config::inst()->update('Director', 'alternate_base_url', 'https://host.com');
	132	+ $page->ForceProtocol = 'http://';
	133	+ $controller = new IFramePage_Controller($page);
	134	+ $response = $controller->init();
	135	+ $this->assertEquals($response->getHeader('Location'), 'http://host.com/iframe/');
	136	+
	137	+ $_SERVER = $origServer;
	138	+ }
139	139	}

		@@ -6,137 +6,137 @@
		block discarded – undo
6	6
7	7	class IFramePage extends Page
8	8	{
9		- public static $db = array(
10		- 'IFrameURL' => 'Text',
11		- 'AutoHeight' => 'Boolean(1)',
12		- 'AutoWidth' => 'Boolean(1)',
13		- 'FixedHeight' => 'Int(500)',
14		- 'FixedWidth' => 'Int(0)',
15		- 'AlternateContent' => 'HTMLText',
16		- 'BottomContent' => 'HTMLText',
17		- 'ForceProtocol' => 'Varchar',
18		- );
19		-
20		- public static $defaults = array(
21		- 'AutoHeight' => '1',
22		- 'AutoWidth' => '1',
23		- 'FixedHeight' => '500',
24		- 'FixedWidth' => '0'
25		- );
26		-
27		- public static $description = 'Embeds an iframe into the body of the page.';
28		-
29		- public function getCMSFields()
30		- {
31		- $fields = parent::getCMSFields();
32		-
33		- $fields->removeFieldFromTab('Root.Main', 'Content');
34		- $fields->addFieldToTab('Root.Main', $url = new TextField('IFrameURL', 'Iframe URL'));
35		- $url->setRightTitle('Can be absolute (<em>http://silverstripe.com</em>) or relative to this site (<em>about-us</em>).');
36		- $fields->addFieldToTab(
37		- 'Root.Main',
38		- DropdownField::create('ForceProtocol', 'Force protocol?')
39		- ->setSource(array('http://' => 'http://', 'https://' => 'https://'))
40		- ->setEmptyString('')
41		- ->setDescription('Avoids mixed content warnings when iframe content is just available under a specific protocol'),
42		- 'Metadata'
43		- );
44		- $fields->addFieldToTab('Root.Main', new CheckboxField('AutoHeight', 'Auto height (only works with same domain URLs)'));
45		- $fields->addFieldToTab('Root.Main', new CheckboxField('AutoWidth', 'Auto width (100% of the available space)'));
46		- $fields->addFieldToTab('Root.Main', new NumericField('FixedHeight', 'Fixed height (in pixels)'));
47		- $fields->addFieldToTab('Root.Main', new NumericField('FixedWidth', 'Fixed width (in pixels)'));
48		- $fields->addFieldToTab('Root.Main', new HtmlEditorField('Content', 'Content (appears above iframe)'));
49		- $fields->addFieldToTab('Root.Main', new HtmlEditorField('BottomContent', 'Content (appears below iframe)'));
50		- $fields->addFieldToTab('Root.Main', new HtmlEditorField('AlternateContent', 'Alternate Content (appears when user has iframes disabled)'));
51		-
52		- // Move the Metadata field to last position, but make a check for it's
53		- // existence first.
54		- //
55		- // See https://github.com/silverstripe-labs/silverstripe-iframe/issues/18
56		- $mainTab = $fields->findOrMakeTab('Root.Main');
57		- $mainTabFields = $mainTab->FieldList();
58		- $metaDataField = $mainTabFields->fieldByName('Metadata');
59		- if ($metaDataField) {
60		- $mainTabFields->removeByName('Metadata');
61		- $mainTabFields->push($metaDataField);
62		- }
63		- return $fields;
64		- }
65		-
66		- /**
67		- * Compute class from the size parameters.
68		- */
69		- public function getClass()
70		- {
71		- $class = '';
72		- if ($this->AutoHeight) {
73		- $class .= 'iframepage-height-auto';
74		- }
75		-
76		- return $class;
77		- }
78		-
79		- /**
80		- * Compute style from the size parameters.
81		- */
82		- public function getStyle()
83		- {
84		- $style = '';
85		-
86		- // Always add fixed height as a fallback if autosetting or JS fails.
87		- $height = $this->FixedHeight;
88		- if (!$height) {
89		- $height = 800;
90		- }
91		- $style .= "height: {$height}px; ";
92		-
93		- if ($this->AutoWidth) {
94		- $style .= "width: 100%; ";
95		- } elseif ($this->FixedWidth) {
96		- $style .= "width: {$this->FixedWidth}px; ";
97		- }
98		-
99		- return $style;
100		- }
101		-
102		- /**
103		- * Ensure that the IFrameURL is a valid url and prevents XSS
104		- *
105		- * @throws ValidationException
106		- * @return ValidationResult
107		- */
108		- public function validate()
109		- {
110		- $result = parent::validate();
111		-
112		- //whitelist allowed URL schemes
113		- $allowed_schemes = array('http', 'https');
114		- if ($matches = parse_url($this->IFrameURL)) {
115		- if (isset($matches['scheme']) && !in_array($matches['scheme'], $allowed_schemes)) {
116		- $result->error(_t('IFramePage.VALIDATION.BANNEDURLSCHEME', "This URL scheme is not allowed."));
117		- }
118		- }
119		-
120		- return $result;
121		- }
	9	+ public static $db = array(
	10	+ 'IFrameURL' => 'Text',
	11	+ 'AutoHeight' => 'Boolean(1)',
	12	+ 'AutoWidth' => 'Boolean(1)',
	13	+ 'FixedHeight' => 'Int(500)',
	14	+ 'FixedWidth' => 'Int(0)',
	15	+ 'AlternateContent' => 'HTMLText',
	16	+ 'BottomContent' => 'HTMLText',
	17	+ 'ForceProtocol' => 'Varchar',
	18	+ );
	19	+
	20	+ public static $defaults = array(
	21	+ 'AutoHeight' => '1',
	22	+ 'AutoWidth' => '1',
	23	+ 'FixedHeight' => '500',
	24	+ 'FixedWidth' => '0'
	25	+ );
	26	+
	27	+ public static $description = 'Embeds an iframe into the body of the page.';
	28	+
	29	+ public function getCMSFields()
	30	+ {
	31	+ $fields = parent::getCMSFields();
	32	+
	33	+ $fields->removeFieldFromTab('Root.Main', 'Content');
	34	+ $fields->addFieldToTab('Root.Main', $url = new TextField('IFrameURL', 'Iframe URL'));
	35	+ $url->setRightTitle('Can be absolute (<em>http://silverstripe.com</em>) or relative to this site (<em>about-us</em>).');
	36	+ $fields->addFieldToTab(
	37	+ 'Root.Main',
	38	+ DropdownField::create('ForceProtocol', 'Force protocol?')
	39	+ ->setSource(array('http://' => 'http://', 'https://' => 'https://'))
	40	+ ->setEmptyString('')
	41	+ ->setDescription('Avoids mixed content warnings when iframe content is just available under a specific protocol'),
	42	+ 'Metadata'
	43	+ );
	44	+ $fields->addFieldToTab('Root.Main', new CheckboxField('AutoHeight', 'Auto height (only works with same domain URLs)'));
	45	+ $fields->addFieldToTab('Root.Main', new CheckboxField('AutoWidth', 'Auto width (100% of the available space)'));
	46	+ $fields->addFieldToTab('Root.Main', new NumericField('FixedHeight', 'Fixed height (in pixels)'));
	47	+ $fields->addFieldToTab('Root.Main', new NumericField('FixedWidth', 'Fixed width (in pixels)'));
	48	+ $fields->addFieldToTab('Root.Main', new HtmlEditorField('Content', 'Content (appears above iframe)'));
	49	+ $fields->addFieldToTab('Root.Main', new HtmlEditorField('BottomContent', 'Content (appears below iframe)'));
	50	+ $fields->addFieldToTab('Root.Main', new HtmlEditorField('AlternateContent', 'Alternate Content (appears when user has iframes disabled)'));
	51	+
	52	+ // Move the Metadata field to last position, but make a check for it's
	53	+ // existence first.
	54	+ //
	55	+ // See https://github.com/silverstripe-labs/silverstripe-iframe/issues/18
	56	+ $mainTab = $fields->findOrMakeTab('Root.Main');
	57	+ $mainTabFields = $mainTab->FieldList();
	58	+ $metaDataField = $mainTabFields->fieldByName('Metadata');
	59	+ if ($metaDataField) {
	60	+ $mainTabFields->removeByName('Metadata');
	61	+ $mainTabFields->push($metaDataField);
	62	+ }
	63	+ return $fields;
	64	+ }
	65	+
	66	+ /**
	67	+ * Compute class from the size parameters.
	68	+ */
	69	+ public function getClass()
	70	+ {
	71	+ $class = '';
	72	+ if ($this->AutoHeight) {
	73	+ $class .= 'iframepage-height-auto';
	74	+ }
	75	+
	76	+ return $class;
	77	+ }
	78	+
	79	+ /**
	80	+ * Compute style from the size parameters.
	81	+ */
	82	+ public function getStyle()
	83	+ {
	84	+ $style = '';
	85	+
	86	+ // Always add fixed height as a fallback if autosetting or JS fails.
	87	+ $height = $this->FixedHeight;
	88	+ if (!$height) {
	89	+ $height = 800;
	90	+ }
	91	+ $style .= "height: {$height}px; ";
	92	+
	93	+ if ($this->AutoWidth) {
	94	+ $style .= "width: 100%; ";
	95	+ } elseif ($this->FixedWidth) {
	96	+ $style .= "width: {$this->FixedWidth}px; ";
	97	+ }
	98	+
	99	+ return $style;
	100	+ }
	101	+
	102	+ /**
	103	+ * Ensure that the IFrameURL is a valid url and prevents XSS
	104	+ *
	105	+ * @throws ValidationException
	106	+ * @return ValidationResult
	107	+ */
	108	+ public function validate()
	109	+ {
	110	+ $result = parent::validate();
	111	+
	112	+ //whitelist allowed URL schemes
	113	+ $allowed_schemes = array('http', 'https');
	114	+ if ($matches = parse_url($this->IFrameURL)) {
	115	+ if (isset($matches['scheme']) && !in_array($matches['scheme'], $allowed_schemes)) {
	116	+ $result->error(_t('IFramePage.VALIDATION.BANNEDURLSCHEME', "This URL scheme is not allowed."));
	117	+ }
	118	+ }
	119	+
	120	+ return $result;
	121	+ }
122	122	}
123	123
124	124	class IFramePage_Controller extends Page_Controller
125	125	{
126		- public function init()
127		- {
128		- parent::init();
129		-
130		- if ($this->ForceProtocol) {
131		- if ($this->ForceProtocol == 'http://' && Director::protocol() != 'http://') {
132		- return $this->redirect(preg_replace('#https://#', 'http://', $this->AbsoluteLink()));
133		- } elseif ($this->ForceProtocol == 'https://' && Director::protocol() != 'https://') {
134		- return $this->redirect(preg_replace('#http://#', 'https://', $this->AbsoluteLink()));
135		- }
136		- }
137		-
138		- if ($this->IFrameURL) {
139		- Requirements::javascript('iframe/javascript/iframe_page.js');
140		- }
141		- }
	126	+ public function init()
	127	+ {
	128	+ parent::init();
	129	+
	130	+ if ($this->ForceProtocol) {
	131	+ if ($this->ForceProtocol == 'http://' && Director::protocol() != 'http://') {
	132	+ return $this->redirect(preg_replace('#https://#', 'http://', $this->AbsoluteLink()));
	133	+ } elseif ($this->ForceProtocol == 'https://' && Director::protocol() != 'https://') {
	134	+ return $this->redirect(preg_replace('#http://#', 'https://', $this->AbsoluteLink()));
	135	+ }
	136	+ }
	137	+
	138	+ if ($this->IFrameURL) {
	139	+ Requirements::javascript('iframe/javascript/iframe_page.js');
	140	+ }
	141	+ }
142	142	}

silverstripe / silverstripe-iframe

Push — master ( e3eece...4cf24a )

Status

Category

Indentation +134 added lines, -134 removed lines patch added patch discarded remove patch

Indentation +129 added lines, -129 removed lines patch added patch discarded remove patch