First version of the security module
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
<?php
|
||||
|
||||
namespace MintyPHP\Tests\Module\Security\Service;
|
||||
|
||||
use MintyPHP\Module\Security\Service\SecurityMarkdownGateway;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
class SecurityMarkdownGatewayTest extends TestCase
|
||||
{
|
||||
public function testRendersBasicMarkdownToHtml(): void
|
||||
{
|
||||
$html = (new SecurityMarkdownGateway())->toHtml("**bold** text\n\n- one\n- two");
|
||||
|
||||
$this->assertStringContainsString('<strong>bold</strong>', $html);
|
||||
$this->assertStringContainsString('<li>one</li>', $html);
|
||||
$this->assertStringContainsString('<li>two</li>', $html);
|
||||
}
|
||||
|
||||
public function testEscapesRawHtmlSoItCannotInjectMarkup(): void
|
||||
{
|
||||
$html = (new SecurityMarkdownGateway())->toHtml('<script>alert(1)</script>');
|
||||
|
||||
$this->assertStringNotContainsString('<script>', $html);
|
||||
$this->assertStringContainsString('<script>', $html);
|
||||
}
|
||||
|
||||
public function testEmptyOrWhitespaceInputReturnsEmptyString(): void
|
||||
{
|
||||
$gateway = new SecurityMarkdownGateway();
|
||||
|
||||
$this->assertSame('', $gateway->toHtml(''));
|
||||
$this->assertSame('', $gateway->toHtml(" \n "));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user