| 1209 | |
| 1210 | /** |
| 1211 | * Filter for disallowed characters never matches thus allowing all characters. |
| 1212 | */ |
| 1213 | function _safe_style_disallowed_chars_filter( $regex ) { |
| 1214 | return '%a^%'; // Regex with no matches. |
| 1215 | |
| 1216 | } |
| 1217 | /** |
| 1218 | * Testing the safecss_filter_attr() function with the safe_style_disallowed_chars filter. |
| 1219 | * |
| 1220 | * @ticket 37134 |
| 1221 | * |
| 1222 | * @dataProvider data_test_safecss_filter_attr_filtered |
| 1223 | * |
| 1224 | * @param string $css A string of CSS rules. |
| 1225 | * @param string $expected Expected string of CSS rules. |
| 1226 | */ |
| 1227 | public function test_safecss_filter_attr_filtered( $css, $expected ) { |
| 1228 | add_filter( 'safe_style_disallowed_chars', array( $this, '_safe_style_disallowed_chars_filter' ) ); |
| 1229 | $this->assertSame( $expected, safecss_filter_attr( $css ) ); |
| 1230 | } |
| 1231 | |
| 1232 | /** |
| 1233 | * Data Provider for test_safecss_filter_attr_filtered(). |
| 1234 | * |
| 1235 | * @return array { |
| 1236 | * @type array { |
| 1237 | * @string string $css A string of CSS rules. |
| 1238 | * @string string $expected Expected string of CSS rules. |
| 1239 | * } |
| 1240 | * } |
| 1241 | */ |
| 1242 | public function data_test_safecss_filter_attr_filtered() { |
| 1243 | return array( |
| 1244 | |
| 1245 | // A single attribute name, with a single value. |
| 1246 | array( |
| 1247 | 'css' => 'margin-top: 2px', |
| 1248 | 'expected' => 'margin-top: 2px', |
| 1249 | ), |
| 1250 | // Backslash \ can be allowed with the 'safe_style_disallowed_chars' filter. |
| 1251 | array( |
| 1252 | 'css' => 'margin-top: \2px', |
| 1253 | 'expected' => 'margin-top: \2px', |
| 1254 | ), |
| 1255 | // Curly bracket } can be allowed with the 'safe_style_disallowed_chars' filter. |
| 1256 | array( |
| 1257 | 'css' => 'margin-bottom: 2px}', |
| 1258 | 'expected' => 'margin-bottom: 2px}', |
| 1259 | ), |
| 1260 | // Parenthesis ) can be allowed with the 'safe_style_disallowed_chars' filter. |
| 1261 | array( |
| 1262 | 'css' => 'margin-bottom: 2px)', |
| 1263 | 'expected' => 'margin-bottom: 2px)', |
| 1264 | ), |
| 1265 | // Ampersand & can be allowed with the 'safe_style_disallowed_chars' filter. |
| 1266 | array( |
| 1267 | 'css' => 'margin-bottom: 2px&', |
| 1268 | 'expected' => 'margin-bottom: 2px&', |
| 1269 | ), |
| 1270 | // Expressions can be allowed with the 'safe_style_disallowed_chars' filter. |
| 1271 | array( |
| 1272 | 'css' => 'height: expression( body.scrollTop + 50 + "px" )', |
| 1273 | 'expected' => 'height: expression( body.scrollTop + 50 + "px" )', |
| 1274 | ), |
| 1275 | // RGB color values can be allowed with the 'safe_style_disallowed_chars' filter. |
| 1276 | array( |
| 1277 | 'css' => 'color: rgb( 100, 100, 100 )', |
| 1278 | 'expected' => 'color: rgb( 100, 100, 100 )', |
| 1279 | ), |
| 1280 | // RGBA color values can be allowed with the 'safe_style_disallowed_chars' filter. |
| 1281 | array( |
| 1282 | 'css' => 'color: rgb( 100, 100, 100, .4 )', |
| 1283 | 'expected' => 'color: rgb( 100, 100, 100, .4 )', |
| 1284 | ), |
| 1285 | ); |
| 1286 | } |