*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Tests\HtmlSanitizer;
use HtmlSanitizer\SanitizerBuilder;
use HtmlSanitizer\SanitizerInterface;
use PHPUnit\Framework\TestCase;
abstract class AbstractSanitizerTest extends TestCase
{
abstract public function createSanitizer(): SanitizerInterface;
public function provideFixtures(): array
{
// Fixtures shared by all sanitizers
return [
[
'hello world',
'hello world',
],
[
'<hello world>',
'<hello world>',
],
[
'< Hello',
' Hello',
],
[
'Lorem & Ipsum',
'Lorem & Ipsum',
],
// Unknown tag
[
'Lorem ipsum',
'Lorem ipsum',
],
// Scripts
[
'',
'',
],
[
'',
'',
],
// Idea from Barry Dorrans (https://www.youtube.com/watch?v=kz7wmRV9xsU)
[
'<script>alert(\'ok\');</script>',
'<script>alert('ok');</script>',
],
// Styles
[
'',
'',
],
// Comments
[
'Lorem ipsum dolor sit amet, consectetur',
'Lorem ipsum dolor sit amet, consectetur',
],
[
'Lorem ipsum ',
'Lorem ipsum ',
],
];
}
public function provideSanitizerInput()
{
foreach ($this->provideFixtures() as $fixture) {
yield $fixture[0] => [$fixture[0], $fixture[1]];
}
}
/**
* @dataProvider provideSanitizerInput
*/
public function testSanitize($input, $expectedOutput)
{
$this->assertEquals($expectedOutput, $this->createSanitizer()->sanitize($input));
}
public function testRemoveNullByte()
{
$this->assertSame('Null byte', $this->createSanitizer()->sanitize("Null byte\0"));
$this->assertSame('Null byte', $this->createSanitizer()->sanitize('Null byte�'));
}
public function testDeeplyNestedTagDos()
{
$this->assertNotEmpty($this->createSanitizer()->sanitize(str_repeat('
T', 10000)));
}
/**
* @expectedException \InvalidArgumentException
*/
public function testThrowInvalidExtension()
{
$builder = new SanitizerBuilder();
$builder->build(['extensions' => ['invalid']]);
}
}