mirror of
https://github.com/KnpLabs/KnpMarkdownBundle.git
synced 2024-06-24 08:20:03 +02:00
Add HTML & XSS injection tests - they fail
This commit is contained in:
parent
e6562327e3
commit
71ffc678c2
31
Tests/EscapingTest.php
Normal file
31
Tests/EscapingTest.php
Normal file
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
|
||||
namespace Knplabs\Bundle\MarkdownBundle\Tests;
|
||||
|
||||
use Knplabs\Bundle\MarkdownBundle\Parser\MarkdownParser as Parser;
|
||||
|
||||
class EscapingTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
protected $parser;
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
$this->parser = new Parser();
|
||||
}
|
||||
|
||||
public function testHtmlEscaping()
|
||||
{
|
||||
$text = '<a>a tag injection</a>';
|
||||
$html = '<p><a>a tag injection</a></p>';
|
||||
|
||||
$this->assertSame($html, $this->parser->transform($text));
|
||||
}
|
||||
|
||||
public function testScriptEscaping()
|
||||
{
|
||||
$text = '<script>alert("haha");</script>';
|
||||
$html = '<script>alert("haha");</script>';
|
||||
|
||||
$this->assertSame($html, $this->parser->transform($text));
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue