|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace SilverStripe\IFrame\Tests; |
|
4
|
|
|
|
|
5
|
|
|
use SilverStripe\Core\Config\Config; |
|
6
|
|
|
use SilverStripe\Control\Director; |
|
7
|
|
|
use SilverStripe\ORM\ValidationException; |
|
8
|
|
|
use SilverStripe\Dev\SapphireTest; |
|
9
|
|
|
use SilverStripe\IFrame\IFramePage; |
|
10
|
|
|
use SilverStripe\IFrame\IFramePageController; |
|
11
|
|
|
|
|
12
|
|
|
class IFramePageTest extends SapphireTest |
|
13
|
|
|
{ |
|
14
|
|
|
protected $usesDatabase = true; |
|
15
|
|
|
|
|
16
|
|
|
public function testGetClass() |
|
17
|
|
|
{ |
|
18
|
|
|
$iframe = new IFramePage(); |
|
19
|
|
|
$iframe->AutoHeight = 1; |
|
20
|
|
|
$iframe->getClass(); |
|
21
|
|
|
|
|
22
|
|
|
$this->assertContains('iframepage-height-auto', $iframe->getClass()); |
|
23
|
|
|
|
|
24
|
|
|
$iframe->AutoHeight = 0; |
|
25
|
|
|
$iframe->getClass(); |
|
26
|
|
|
|
|
27
|
|
|
$this->assertNotContains('iframepage-height-auto', $iframe->getClass()); |
|
28
|
|
|
} |
|
29
|
|
|
|
|
30
|
|
|
public function testGetStyle() |
|
31
|
|
|
{ |
|
32
|
|
|
$iframe = new IFramePage(); |
|
33
|
|
|
|
|
34
|
|
|
$iframe->FixedHeight = 0; |
|
35
|
|
|
$iframe->getStyle(); |
|
36
|
|
|
$this->assertContains('height: 800px', $iframe->getStyle(), 'Height defaults to 800 if not set.'); |
|
37
|
|
|
|
|
38
|
|
|
$iframe->FixedHeight = 100; |
|
39
|
|
|
$iframe->getStyle(); |
|
40
|
|
|
$this->assertContains('height: 100px', $iframe->getStyle(), 'Fixed height is settable'); |
|
41
|
|
|
|
|
42
|
|
|
$iframe->AutoWidth = 1; |
|
43
|
|
|
$iframe->FixedWidth = '200'; |
|
44
|
|
|
$this->assertContains('width: 100%', $iframe->getStyle(), 'Auto width overrides fixed width'); |
|
45
|
|
|
|
|
46
|
|
|
$iframe->AutoWidth = 0; |
|
47
|
|
|
$iframe->FixedWidth = '200'; |
|
48
|
|
|
$this->assertContains('width: 200px', $iframe->getStyle(), 'Fixed width is settable'); |
|
49
|
|
|
} |
|
50
|
|
|
|
|
51
|
|
|
public function testAllowedUrls() |
|
52
|
|
|
{ |
|
53
|
|
|
$iframe = new IFramePage(); |
|
54
|
|
|
|
|
55
|
|
|
$tests = array( |
|
56
|
|
|
'allowed' => array( |
|
57
|
|
|
'http://anything', |
|
58
|
|
|
'https://anything', |
|
59
|
|
|
'page', |
|
60
|
|
|
'sub-page/link', |
|
61
|
|
|
'page/link', |
|
62
|
|
|
'page.html', |
|
63
|
|
|
'page.htm', |
|
64
|
|
|
'page.phpissoawesomewhywouldiuseanythingelse', |
|
65
|
|
|
'//url.com/page', |
|
66
|
|
|
'/root/page/link', |
|
67
|
|
|
'http://intranet:8888', |
|
68
|
|
|
'http://javascript:8080', |
|
69
|
|
|
'http://username:password@hostname/path?arg=value#anchor' |
|
70
|
|
|
), |
|
71
|
|
|
'banned' => array( |
|
72
|
|
|
'javascript:alert', |
|
73
|
|
|
'tel:0210001234', |
|
74
|
|
|
'ftp://url', |
|
75
|
|
|
'ssh://1.2.3.4', |
|
76
|
|
|
'ssh://url.com/page' |
|
77
|
|
|
) |
|
78
|
|
|
); |
|
79
|
|
|
|
|
80
|
|
|
foreach ($tests['allowed'] as $url) { |
|
81
|
|
|
$iframe->IFrameURL = $url; |
|
82
|
|
|
$iframe->write(); |
|
83
|
|
|
$this->assertContains($iframe->IFrameURL, $url); |
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
foreach ($tests['banned'] as $url) { |
|
87
|
|
|
$iframe->IFrameURL = $url; |
|
88
|
|
|
$this->setExpectedException(ValidationException::class); |
|
|
|
|
|
|
89
|
|
|
$iframe->write(); |
|
90
|
|
|
} |
|
91
|
|
|
} |
|
92
|
|
|
|
|
93
|
|
|
public function testForceProtocol() |
|
94
|
|
|
{ |
|
95
|
|
|
$origServer = $_SERVER; |
|
96
|
|
|
|
|
97
|
|
|
$page = new IFramePage(); |
|
98
|
|
|
$page->URLSegment = 'iframe'; |
|
99
|
|
|
$page->IFrameURL = 'http://target.com'; |
|
100
|
|
|
|
|
101
|
|
|
Config::modify()->set(Director::class, 'alternate_protocol', 'http'); |
|
102
|
|
|
Config::modify()->set(Director::class, 'alternate_base_url', 'http://host.com'); |
|
103
|
|
|
$page->ForceProtocol = ''; |
|
104
|
|
|
$controller = new IFramePageController($page); |
|
105
|
|
|
$controller->doInit(); |
|
106
|
|
|
$response = $controller->getResponse(); |
|
107
|
|
|
$this->assertNull($response->getHeader('Location')); |
|
108
|
|
|
|
|
109
|
|
|
Config::modify()->set(Director::class, 'alternate_protocol', 'https'); |
|
110
|
|
|
Config::modify()->set(Director::class, 'alternate_base_url', 'https://host.com'); |
|
111
|
|
|
$page->ForceProtocol = ''; |
|
112
|
|
|
$controller = new IFramePageController($page); |
|
113
|
|
|
$controller->doInit(); |
|
114
|
|
|
$response = $controller->getResponse(); |
|
115
|
|
|
$this->assertNull($response->getHeader('Location')); |
|
116
|
|
|
|
|
117
|
|
|
Config::modify()->set(Director::class, 'alternate_protocol', 'http'); |
|
118
|
|
|
Config::modify()->set(Director::class, 'alternate_base_url', 'http://host.com'); |
|
119
|
|
|
$page->ForceProtocol = 'http://'; |
|
120
|
|
|
$controller = new IFramePageController($page); |
|
121
|
|
|
$controller->doInit(); |
|
122
|
|
|
$response = $controller->getResponse(); |
|
123
|
|
|
$this->assertNull($response->getHeader('Location')); |
|
124
|
|
|
|
|
125
|
|
|
Config::modify()->set(Director::class, 'alternate_protocol', 'http'); |
|
126
|
|
|
Config::modify()->set(Director::class, 'alternate_base_url', 'http://host.com'); |
|
127
|
|
|
$page->ForceProtocol = 'https://'; |
|
128
|
|
|
$controller = new IFramePageController($page); |
|
129
|
|
|
$controller->doInit(); |
|
130
|
|
|
$response = $controller->getResponse(); |
|
131
|
|
|
$this->assertEquals($response->getHeader('Location'), 'https://host.com/iframe/'); |
|
132
|
|
|
|
|
133
|
|
|
Config::modify()->set(Director::class, 'alternate_protocol', 'https'); |
|
134
|
|
|
Config::modify()->set(Director::class, 'alternate_base_url', 'https://host.com'); |
|
135
|
|
|
$page->ForceProtocol = 'http://'; |
|
136
|
|
|
$controller = new IFramePageController($page); |
|
137
|
|
|
$controller->doInit(); |
|
138
|
|
|
$response = $controller->getResponse(); |
|
139
|
|
|
$this->assertEquals($response->getHeader('Location'), 'http://host.com/iframe/'); |
|
140
|
|
|
|
|
141
|
|
|
$_SERVER = $origServer; |
|
142
|
|
|
} |
|
143
|
|
|
} |
|
144
|
|
|
|
silverstripe /
silverstripe-iframe
Marco Hermo
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.