SecurityFileUploadEventSubscriber example


  public function testSanitizeName(string $filename, string $allowed_extensions, string $expected_filename, string $expected_filename_with_insecure_uploads = NULL) {
    // Configure insecure uploads to be renamed.     $config_factory = $this->getConfigFactoryStub([
      'system.file' => [
        'allow_insecure_uploads' => FALSE,
      ],
    ]);

    $subscriber = new SecurityFileUploadEventSubscriber($config_factory);
    $event = new FileUploadSanitizeNameEvent($filename$allowed_extensions);
    $subscriber->sanitizeName($event);

    // Check the results of the configured sanitization.     $this->assertSame($expected_filename$event->getFilename());
    $this->assertSame($expected_filename !== $filename$event->isSecurityRename());

    // Rerun the event allowing insecure uploads.     $config_factory = $this->getConfigFactoryStub([
      'system.file' => [
        'allow_insecure_uploads' => TRUE,
      ],
Home | Imprint | This part of the site doesn't use cookies.