Bug #23377 » 15461-tests-v2.diff
| tests/contrib/removexssTest.php (working copy) | ||
|---|---|---|
|
$this->assertEquals($expectedString, $actualString);
|
||
|
}
|
||
|
/**
|
||
|
* @return array<array> input strings and expected output strings to test
|
||
|
*
|
||
|
* @see processWithDataProvider
|
||
|
*/
|
||
|
public function processDataProvider() {
|
||
|
return array(
|
||
|
'attackWithHexEncodedCharacter' => array(
|
||
|
'<a href="javascript:alert(123);">click</a>',
|
||
|
'<a href="ja<x>vascript:alert(123);">click</a>',
|
||
|
),
|
||
|
'attackWithNestedHexEncodedCharacter' => array(
|
||
|
'<a href="j1;vascript:alert(123);">click</a>',
|
||
|
'<a href="ja<x>vascript:alert(123);">click</a>',
|
||
|
),
|
||
|
'attackWithUnicodeNumericalEncodedCharacter' => array(
|
||
|
'<a href="j1;vascript:alert(123);">click</a>',
|
||
|
'<a href="ja<x>vascript:alert(123);">click</a>',
|
||
|
),
|
||
|
'attackWithNestedUnicodeNumericalEncodedCharacter' => array(
|
||
|
'<a href="j5;vascript:alert(123);">click</a>',
|
||
|
'<a href="ja<x>vascript:alert(123);">click</a>',
|
||
|
),
|
||
|
);
|
||
|
}
|
||
|
/**
|
||
|
* @test
|
||
|
*
|
||
|
* @param string $input input value to test
|
||
|
* @param string $expected expected output value
|
||
|
*
|
||
|
* @dataProvider processDataProvider
|
||
|
*/
|
||
|
public function processWithDataProvider($input, $expected) {
|
||
|
$this->assertEquals(
|
||
|
$expected,
|
||
|
RemoveXSS::process($input)
|
||
|
);
|
||
|
}
|
||
|
}
|
||
|
?>
|
||
- « Previous
- 1
- …
- 6
- 7
- 8
- Next »