diff options
author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-05-04 01:04:03 +0200 |
---|---|---|
committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-05-04 01:04:03 +0200 |
commit | 89de367fc8351e0738e39ca579eeb8f2bd1f8491 (patch) | |
tree | ad40aab4779210f5fcdb3f3f0f10f7493be0568b | |
parent | 9a5a0c5d6e8f9a8f4d309045e369804fb82525a6 (diff) |
also sanitize imported json
-rw-r--r-- | dependencyinjection/dicontainer.php | 2 | ||||
-rw-r--r-- | tests/unit/utility/ImportParserTest.php | 29 | ||||
-rw-r--r-- | utility/importparser.php | 11 |
3 files changed, 34 insertions, 8 deletions
diff --git a/dependencyinjection/dicontainer.php b/dependencyinjection/dicontainer.php index 71a0779bd..cee84f35e 100644 --- a/dependencyinjection/dicontainer.php +++ b/dependencyinjection/dicontainer.php @@ -226,7 +226,7 @@ class DIContainer extends BaseContainer { }); $this['ImportParser'] = $this->share(function($c){ - return new ImportParser($c['TimeFactory']); + return new ImportParser($c['TimeFactory'], $c['HTMLPurifier']); }); $this['StatusFlag'] = $this->share(function($c){ diff --git a/tests/unit/utility/ImportParserTest.php b/tests/unit/utility/ImportParserTest.php index 1a14479fd..04dc4ebc8 100644 --- a/tests/unit/utility/ImportParserTest.php +++ b/tests/unit/utility/ImportParserTest.php @@ -35,9 +35,11 @@ class ImportParserTest extends \OCA\AppFramework\Utility\TestUtility { private $parser; private $time; private $in; + private $purifier; protected function setUp(){ $this->time = 222; + $this->purifier = $this->getMock('purifier', array('purify')); $timeFactory = $this->getMockBuilder( '\OCA\AppFramework\Utility\TimeFactory') ->disableOriginalConstructor() @@ -46,7 +48,7 @@ class ImportParserTest extends \OCA\AppFramework\Utility\TestUtility { ->method('getTime') ->will($this->returnValue($this->time)); - $this->parser = new ImportParser($timeFactory); + $this->parser = new ImportParser($timeFactory, $this->purifier); $this->in = array( 'items' => array( array( @@ -74,12 +76,18 @@ class ImportParserTest extends \OCA\AppFramework\Utility\TestUtility { public function testParsesItems() { + $body = $this->in['items'][0]['summary']['content']; + $this->purifier->expects($this->once()) + ->method('purify') + ->with($this->equalTo($body)) + ->will($this->returnValue($body)); + $result = $this->parser->parse($this->in); $out = new Item(); $out->setTitle($this->in['items'][0]['title']); $out->setPubDate($this->in['items'][0]['published']); - $out->setBody($this->in['items'][0]['summary']['content']); + $out->setBody($body); $out->setUrl($this->in['items'][0]['alternate'][0]['href']); $out->setGuid($this->in['items'][0]['id']); $out->setGuidHash(md5($this->in['items'][0]['id'])); @@ -93,13 +101,20 @@ class ImportParserTest extends \OCA\AppFramework\Utility\TestUtility { public function testParsesItemsNoSummary() { $this->in['items'][0]['content']['content'] = 'hi'; + $body = $this->in['items'][0]['content']['content']; + + $this->purifier->expects($this->once()) + ->method('purify') + ->with($this->equalTo($body)) + ->will($this->returnValue($body)); + unset($this->in['items'][0]['summary']); $result = $this->parser->parse($this->in); $out = new Item(); $out->setTitle($this->in['items'][0]['title']); $out->setPubDate($this->in['items'][0]['published']); - $out->setBody($this->in['items'][0]['content']['content']); + $out->setBody($body); $out->setUrl($this->in['items'][0]['alternate'][0]['href']); $out->setGuid($this->in['items'][0]['id']); $out->setGuidHash(md5($this->in['items'][0]['id'])); @@ -129,13 +144,19 @@ class ImportParserTest extends \OCA\AppFramework\Utility\TestUtility { } public function testParsesItemsNoPubDate() { + $body = $this->in['items'][0]['summary']['content']; + $this->purifier->expects($this->once()) + ->method('purify') + ->with($this->equalTo($body)) + ->will($this->returnValue($body)); + unset($this->in['items'][0]['published']); $result = $this->parser->parse($this->in); $out = new Item(); $out->setTitle($this->in['items'][0]['title']); $out->setPubDate($this->time); - $out->setBody($this->in['items'][0]['summary']['content']); + $out->setBody($body); $out->setUrl($this->in['items'][0]['alternate'][0]['href']); $out->setGuid($this->in['items'][0]['id']); $out->setGuidHash(md5($this->in['items'][0]['id'])); diff --git a/utility/importparser.php b/utility/importparser.php index 38dec4b44..36e196ae4 100644 --- a/utility/importparser.php +++ b/utility/importparser.php @@ -33,9 +33,11 @@ use \OCA\News\Db\Item; class ImportParser { private $timeFactory; + private $purifier; - public function __construct(TimeFactory $timeFactory) { + public function __construct(TimeFactory $timeFactory, $purifier) { $this->timeFactory = $timeFactory; + $this->purifier = $purifier; } public function parse($json){ @@ -76,9 +78,12 @@ class ImportParser { } if(array_key_exists('summary', $entry)) { - $item->setBody($entry['summary']['content']); + $item->setBody($this->purifier->purify( + $entry['summary']['content'])); + } elseif(array_key_exists('content', $entry)) { - $item->setBody($entry['content']['content']); + $item->setBody($this->purifier->purify( + $entry['content']['content'])); } |