Fixed issue with HTML tags in custom head scripts

Fixes a strange issue of HTML tags within script tags being malformed
when part of the HTML custom head content due to the PHP parsing we do.
DOMDocument seemed to cause this upon load.
Adding LIBXML_SCHEMA_CREATE to the ->loadHTML call seems to fix this but
not really sure why. Doesn't seem to cause further issues though.
Tested with multiple scripts and styles and comments and meta tags.

- Also added new testing class to cover.
- As part of testing, added new folder within tests to house setting
  specific tests.

For #2914

diff --git a/app/Util/HtmlNonceApplicator.php b/app/Util/HtmlNonceApplicator.php
index e66625bf2675311999e7ed87fc920918c58feafb..52f334394c7b835e77a032aa0608b5ba60807e95 100644 (file)
--- a/app/Util/HtmlNonceApplicator.php
+++ b/app/Util/HtmlNonceApplicator.php
@@ -24,7 +24,7 @@ class HtmlNonceApplicator
         $html = '<body>' . $html . '</body>';
         libxml_use_internal_errors(true);
         $doc = new DOMDocument();
-        $doc->loadHTML(mb_convert_encoding($html, 'HTML-ENTITIES', 'UTF-8'));
+        $doc->loadHTML(mb_convert_encoding($html, 'HTML-ENTITIES', 'UTF-8'), LIBXML_SCHEMA_CREATE);
         $xPath = new DOMXPath($doc);
 
         // Apply to scripts
@@ -38,7 +38,8 @@ class HtmlNonceApplicator
         $returnHtml = '';
         $topElems = $doc->documentElement->childNodes->item(0)->childNodes;
         foreach ($topElems as $child) {
-            $returnHtml .= $doc->saveHTML($child);
+            $content =  $doc->saveHTML($child);
+            $returnHtml .= $content;
         }
 
         return $returnHtml;

diff --git a/tests/Settings/CustomHeadContentTest.php b/tests/Settings/CustomHeadContentTest.php
new file mode 100644 (file)
index 0000000..0e44e3e
--- /dev/null
+++ b/tests/Settings/CustomHeadContentTest.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace Tests\Settings;
+
+use Tests\TestCase;
+
+class CustomHeadContentTest extends TestCase
+{
+
+    public function test_configured_content_shows_on_pages()
+    {
+        $this->setSettings(['app-custom-head' => '<script>console.log("cat");</script>']);
+        $resp = $this->get('/login');
+        $resp->assertSee('console.log("cat")');
+    }
+
+    public function test_configured_content_does_not_show_on_settings_page()
+    {
+        $this->setSettings(['app-custom-head' => '<script>console.log("cat");</script>']);
+        $resp = $this->asAdmin()->get('/settings');
+        $resp->assertDontSee('console.log("cat")');
+    }
+
+    public function test_divs_in_js_preserved_in_configured_content()
+    {
+        $this->setSettings(['app-custom-head' => '<script><div id="hello">cat</div></script>']);
+        $resp = $this->get('/login');
+        $resp->assertSee('<div id="hello">cat</div>');
+    }
+}
\ No newline at end of file

diff --git a/tests/FooterLinksTest.php b/tests/Settings/FooterLinksTest.php
similarity index 98%
rename from tests/FooterLinksTest.php
rename to tests/Settings/FooterLinksTest.php
index cb2959411cf49be89ef99a104bf781799e6a3cb7..f26f809d5392b71a34045455e2cf3debc000226b 100644 (file)
--- a/tests/FooterLinksTest.php
+++ b/tests/Settings/FooterLinksTest.php
@@ -1,4 +1,4 @@
-<?php
+<?php namespace Tests\Settings;
 
 use Tests\TestCase;