37 lines
1.3 KiB
PHP
37 lines
1.3 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tests\Kernel;
|
|
|
|
use Netig\Netslim\Kernel\Html\Infrastructure\HtmlPurifierFactory;
|
|
use PHPUnit\Framework\TestCase;
|
|
|
|
#[\PHPUnit\Framework\Attributes\AllowMockObjectsWithoutExpectations]
|
|
|
|
final class HtmlPurifierFactoryTest extends TestCase
|
|
{
|
|
public function testCreateBuildsPurifierAndSanitizesDangerousHtml(): void
|
|
{
|
|
$cacheDir = sys_get_temp_dir() . '/htmlpurifier-test-' . bin2hex(random_bytes(4));
|
|
|
|
try {
|
|
$purifier = HtmlPurifierFactory::create($cacheDir);
|
|
$result = $purifier->purify('<p style="text-align:center">ok</p><a href="javascript:alert(1)">x</a><img src="/media/image.webp" data-media-id="42" alt=""> https://example.test');
|
|
|
|
self::assertDirectoryExists($cacheDir);
|
|
self::assertStringContainsString('text-align:center', $result);
|
|
self::assertStringNotContainsString('javascript:', $result);
|
|
self::assertStringContainsString('https://example.test', $result);
|
|
self::assertStringContainsString('data-media-id="42"', $result);
|
|
} finally {
|
|
if (is_dir($cacheDir)) {
|
|
foreach (glob($cacheDir . '/*') ?: [] as $file) {
|
|
@unlink($file);
|
|
}
|
|
@rmdir($cacheDir);
|
|
}
|
|
}
|
|
}
|
|
}
|