first commit

tests/Kernel/HtmlPurifierFactoryTest.php

@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Kernel;
+
+use Netig\Netslim\Kernel\Html\Infrastructure\HtmlPurifierFactory;
+use PHPUnit\Framework\TestCase;
+
+#[\PHPUnit\Framework\Attributes\AllowMockObjectsWithoutExpectations]
+
+final class HtmlPurifierFactoryTest extends TestCase
+{
+    public function testCreateBuildsPurifierAndSanitizesDangerousHtml(): void
+    {
+        $cacheDir = sys_get_temp_dir() . '/htmlpurifier-test-' . bin2hex(random_bytes(4));
+
+        try {
+            $purifier = HtmlPurifierFactory::create($cacheDir);
+            $result = $purifier->purify('<p style="text-align:center">ok</p><a href="javascript:alert(1)">x</a><img src="/media/image.webp" data-media-id="42" alt=""> https://example.test');
+
+            self::assertDirectoryExists($cacheDir);
+            self::assertStringContainsString('text-align:center', $result);
+            self::assertStringNotContainsString('javascript:', $result);
+            self::assertStringContainsString('https://example.test', $result);
+            self::assertStringContainsString('data-media-id="42"', $result);
+        } finally {
+            if (is_dir($cacheDir)) {
+                foreach (glob($cacheDir . '/*') ?: [] as $file) {
+                    @unlink($file);
+                }
+                @rmdir($cacheDir);
+            }
+        }
+    }
+}