<style> <em> <blockquote> <xmp> is disallowed. <XMP> is also disallowed. </blockquote> MD; $expected = <<<'HTML' <p><strong> <title> <style> <em></p> <blockquote> <xmp> is disallowed. <XMP> is also disallowed. </blockquote> HTML; $environment = new Environment(); $environment->addExtension(new CommonMarkCoreExtension()); $environment->addExtension(new DisallowedRawHtmlExtension()); $converter = new MarkdownConverter($environment); $this->assertSame($expected, (string) $converter->convert($input)); } public function testIndividualHtmlTagsAsBlocks(): void { $input = <<<'MD' <title>My Cool Website

* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace League\CommonMark\Tests\Functional\Extension\DisallowedRawHtml; use League\CommonMark\Environment\Environment; use League\CommonMark\Extension\CommonMark\CommonMarkCoreExtension; use League\CommonMark\Extension\DisallowedRawHtml\DisallowedRawHtmlExtension; use League\CommonMark\MarkdownConverter; use PHPUnit\Framework\TestCase; final class DisallowedRawHtmlExtensionTest extends TestCase { public function testDisallowedRawHtmlExtensionWithSpecExample(): void { $input = <<<'MD' <style> <em> <blockquote> <xmp> is disallowed. <XMP> is also disallowed. </blockquote> MD; $expected = <<<'HTML' <p><strong> <title> <style> <em></p> <blockquote> <xmp> is disallowed. <XMP> is also disallowed. </blockquote> HTML; $environment = new Environment(); $environment->addExtension(new CommonMarkCoreExtension()); $environment->addExtension(new DisallowedRawHtmlExtension()); $converter = new MarkdownConverter($environment); $this->assertSame($expected, (string) $converter->convert($input)); } public function testIndividualHtmlTagsAsBlocks(): void { $input = <<<'MD' <title>My Cool Website foo=bar
foo</plaintext> MD; $expected = <<<'HTML' <title>My Cool Website</title> <textarea> foo=bar </textarea> <style>* { display: none; </style> <p><xmp>Itallic font should be marked up using the <i> and </i> tags.</xmp></p> <iframe width="560" height="315" src="https://www.youtube.com/embed/dQw4w9WgXcQ" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe> <p><noembed><h1>Alternative content</h1></noembed></p> <noframes><h1>Alternative content</h1></noframes> <hr> <script type="application/javascript">alert('XSS is fun!')</script> <plaintext>foo</plaintext> HTML; $environment = new Environment(); $environment->addExtension(new CommonMarkCoreExtension()); $environment->addExtension(new DisallowedRawHtmlExtension()); $converter = new MarkdownConverter($environment); $this->assertSame($expected, (string) $converter->convert($input)); } }