Code
Explorer
You are a developer and looking for Shopware projects?
Apply Now!
HtmlSanitizer example
namespace Symfony\Component\HtmlSanitizer\Tests;
use
PHPUnit\Framework\TestCase;
use
Symfony\Component\HtmlSanitizer\HtmlSanitizer;
use
Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;
class
HtmlSanitizerAllTest
extends
TestCase
{
private
function
createSanitizer
(
)
: HtmlSanitizer
{
return
new
HtmlSanitizer
(
(
new
HtmlSanitizerConfig
(
)
)
->
allowStaticElements
(
)
->
allowLinkHosts
(
[
'trusted.com', 'external.com'
]
)
->
allowMediaHosts
(
[
'trusted.com', 'external.com'
]
)
->
allowRelativeLinks
(
)
->
allowRelativeMedias
(
)
->
forceHttpsUrls
(
)
)
;
}
/** * @dataProvider provideSanitizeHead */
public
function
testAllowedElementAllowedAttribute
(
)
: void
{
$filteredString
=
$this
->sanitizer->
sanitize
(
$this
->unfilteredString,
[
'div' =>
[
'style'
]
]
, true
)
;
static
::
assertSame
(
$filteredString
,
$this
->unfilteredString
)
;
}
public
function
testIfCacheIsDisabled
(
)
: void
{
$cacheDir
=
$this
->
getContainer
(
)
->
getParameter
(
'kernel.cache_dir'
)
;
$sanitizer
=
new
HtmlSanitizer
(
$cacheDir
,
false
)
;
$sanitizer
->
sanitize
(
$this
->unfilteredString
)
;
$reflObj
=
new
\
ReflectionObject
(
$sanitizer
)
;
$reflProp
=
$reflObj
->
getProperty
(
'purifiers'
)
;
$reflProp
->
setAccessible
(
true
)
;
$purifiers
=
$reflProp
->
getValue
(
$sanitizer
)
;
class
HtmlSanitizerTest
extends
TestCase
{
public
function
testAllowDisablingHtmlSanitizer
(
)
: void
{
$sets
=
$this
->
getDefaultSets
(
)
;
$fieldSets
=
$this
->
getDefaultFieldsSets
(
)
;
$sanitizer
=
new
HtmlSanitizer
(
null, false,
$sets
,
$fieldSets
, false
)
;
$unfilteredString
= '<invalid-tag>Lorem Ipsum dolor sit amet</invalid-tag>';
$filteredString
=
$sanitizer
->
sanitize
(
$unfilteredString
, null
)
;
static
::
assertSame
(
$unfilteredString
,
$filteredString
)
;
$sanitizer
=
new
HtmlSanitizer
(
null, false,
$sets
,
$fieldSets
, true
)
;
$filteredString
=
$sanitizer
->
sanitize
(
$unfilteredString
, null
)
;
static
::
assertSame
(
'Lorem Ipsum dolor sit amet',
$filteredString
)
;
}
class
HtmlSanitizerCustomTest
extends
TestCase
{
public
function
testSanitizeForHead
(
)
{
$config
=
(
new
HtmlSanitizerConfig
(
)
)
->
allowElement
(
'div'
)
;
$this
->
assertSame
(
' world',
(
new
HtmlSanitizer
(
$config
)
)
->
sanitizeFor
(
'head', '<div style="width: 100px">Hello</div> world'
)
)
;
}
public
function
testSanitizeForTextarea
(
)
{
$config
=
(
new
HtmlSanitizerConfig
(
)
)
->
allowElement
(
'div'
)
;
$this
->
assertSame
(
'<div style="width: 100px">Hello</div> world',
(
public
function
getAccessorBuilder
(
string
$accessorBuilderClass
)
: FieldAccessorBuilderInterface
{
return
new
DefaultFieldAccessorBuilder
(
)
;
}
private
function
setUpSerializers
(
)
: void
{
$this
->serializers =
[
IdFieldSerializer::
class
=>
new
IdFieldSerializer
(
$this
->validator,
$this
)
,
FkFieldSerializer::
class
=>
new
FkFieldSerializer
(
$this
->validator,
$this
)
,
StringFieldSerializer::
class
=>
new
StringFieldSerializer
(
$this
->validator,
$this
,
new
HtmlSanitizer
(
)
)
,
IntFieldSerializer::
class
=>
new
IntFieldSerializer
(
$this
->validator,
$this
)
,
FloatFieldSerializer::
class
=>
new
FloatFieldSerializer
(
$this
->validator,
$this
)
,
BoolFieldSerializer::
class
=>
new
BoolFieldSerializer
(
$this
->validator,
$this
)
,
JsonFieldSerializer::
class
=>
new
JsonFieldSerializer
(
$this
->validator,
$this
)
,
CreatedAtFieldSerializer::
class
=>
new
CreatedAtFieldSerializer
(
$this
->validator,
$this
)
,
UpdatedAtFieldSerializer::
class
=>
new
UpdatedAtFieldSerializer
(
$this
->validator,
$this
)
,
CustomFieldsSerializer::
class
=>
new
CustomFieldsSerializer
(
$this
,
$this
->validator,
new
CustomFieldService
(
new
FakeConnection
(
[
[
'foo', 'int'
]
]
)
)
)
,
public
function
getAccessorBuilder
(
string
$accessorBuilderClass
)
: FieldAccessorBuilderInterface
{
return
new
DefaultFieldAccessorBuilder
(
)
;
}
private
function
setUpSerializers
(
)
: void
{
$this
->serializers =
[
IdFieldSerializer::
class
=>
new
IdFieldSerializer
(
$this
->validator,
$this
)
,
FkFieldSerializer::
class
=>
new
FkFieldSerializer
(
$this
->validator,
$this
)
,
StringFieldSerializer::
class
=>
new
StringFieldSerializer
(
$this
->validator,
$this
,
new
HtmlSanitizer
(
)
)
,
IntFieldSerializer::
class
=>
new
IntFieldSerializer
(
$this
->validator,
$this
)
,
FloatFieldSerializer::
class
=>
new
FloatFieldSerializer
(
$this
->validator,
$this
)
,
BoolFieldSerializer::
class
=>
new
BoolFieldSerializer
(
$this
->validator,
$this
)
,
JsonFieldSerializer::
class
=>
new
JsonFieldSerializer
(
$this
->validator,
$this
)
,
CreatedAtFieldSerializer::
class
=>
new
CreatedAtFieldSerializer
(
$this
->validator,
$this
)
,
UpdatedAtFieldSerializer::
class
=>
new
UpdatedAtFieldSerializer
(
$this
->validator,
$this
)
,
CustomFieldsSerializer::
class
=>
new
CustomFieldsSerializer
(
$this
,
$this
->validator,
new
CustomFieldService
(
new
FakeConnection
(
[
[
'foo', 'int'
]
]
)
)
)
,
throw
SnippetException::
duplicatedFirstLevelKey
(
$duplicatedKeys
)
;
}
}
/** * @param array<string, mixed> $snippets * * @return array<string, mixed> */
private
function
sanitizeAppSnippets
(
array
$snippets
)
: array
{
$sanitizer
=
new
HtmlSanitizer
(
)
;
$sanitizedSnippets
=
[
]
;
foreach
(
$snippets
as
$key
=>
$value
)
{
if
(
\
is_string
(
$value
)
)
{
$sanitizedSnippets
[
$key
]
=
$sanitizer
->
sanitize
(
$value
)
;
continue
;
}
if
(
\
is_array
(
$value
)
)
{
$sanitizedSnippets
[
$key
]
=
$this
->
sanitizeAppSnippets
(
$value
)
;
}