email_xss = $sugar_config['email_xss']; $sugar_config['email_xss'] = ''; } if(isset($GLOBALS['sugar_config']['html_allow_objects'])) { $this->html_allow_objects = $GLOBALS['sugar_config']['html_allow_objects']; } $GLOBALS['sugar_config']['html_allow_objects'] = true; SugarCleaner::$instance = null; } public function tearDown() { $GLOBALS['sugar_config']['html_allow_objects'] = $this->html_allow_objects; if(!empty($this->email_xss)) { global $sugar_config; $sugar_config['email_xss'] = $this->email_xss; } } public function xssData() { return array( // before, after array("some data", "some data"), // a href array("test link", "test link"), // xss array("some data", "some data"), // script with src array("some data and more", "some data and more"), // applet & script array("some datamore data", "some data and more data"), // onload array('some data beforesome data after', 'some data beforesome data after'), // JS array('some data beforesome data after', 'some data beforesome data after'), array('some data beforesome data after', 'some data beforesome data after'), array('
some data'), // youtube video array('', ''), // another youtube video array('', ''), // stuff inside iframe array('', ''), // body/html/head array("