Proyectos de Subversion Moodle

Rev

Rev 11 | Mostrar el archivo completo | | | Autoría | Ultima modificación | Ver Log |

Rev 11 Rev 1441
Línea 25... Línea 25...
25 
 * @category  test
 25 
 * @category  test
26 
 * @copyright 2015 The Open University
 26 
 * @copyright 2015 The Open University
27 
 * @license   http://www.gnu.org/copyleft/gpl.html GNU Public License
 27 
 * @license   http://www.gnu.org/copyleft/gpl.html GNU Public License
28 
 * @covers ::format_text
 28 
 * @covers ::format_text
29 
 */
 29 
 */
30 
class weblib_format_text_test extends \advanced_testcase {
 30 
final class weblib_format_text_test extends \advanced_testcase {
Línea 31... Línea 31...
31 
 
 31 
 
32 
    public function test_format_text_format_html(): void {
 32 
    public function test_format_text_format_html(): void {
33 
        $this->resetAfterTest();
 33 
        $this->resetAfterTest();
34 
        filter_set_global_state('emoticon', TEXTFILTER_ON);
 34 
        filter_set_global_state('emoticon', TEXTFILTER_ON);
Línea 147... Línea 147...
147 
    /**
 147 
    /**
148 
     * Data provider for the test_format_text_blanktarget testcase
 148 
     * Data provider for the test_format_text_blanktarget testcase
149 
     *
 149 
     *
150 
     * @return array of testcases
 150 
     * @return array of testcases
151 
     */
 151 
     */
152 
    public function format_text_blanktarget_testcases() {
 152 
    public static function format_text_blanktarget_testcases(): array {
153 
        return [
 153 
        return [
154 
            'Simple link' => [
 154 
            'Simple link' => [
155 
                '<a href="https://www.youtube.com/watch?v=JeimE8Wz6e4">Hey, that\'s pretty good!</a>',
 155 
                '<a href="https://www.youtube.com/watch?v=JeimE8Wz6e4">Hey, that\'s pretty good!</a>',
156 
                '<div class="text_to_html"><a href="https://www.youtube.com/watch?v=JeimE8Wz6e4" target="_blank"' .
 156 
                '<div class="text_to_html"><a href="https://www.youtube.com/watch?v=JeimE8Wz6e4" target="_blank"' .
157 
                    ' rel="noreferrer">Hey, that\'s pretty good!</a></div>'
 157 
                    ' rel="noreferrer">Hey, that\'s pretty good!</a></div>'
Línea 228... Línea 228...
228 
    /**
 228 
    /**
229 
     * Data provider for the test_format_text_cleaning testcase
 229 
     * Data provider for the test_format_text_cleaning testcase
230 
     *
 230 
     *
231 
     * @return array of testcases (string)testcasename => [(string)input, (string)nocleaned, (string)cleaned]
 231 
     * @return array of testcases (string)testcasename => [(string)input, (string)nocleaned, (string)cleaned]
232 
     */
 232 
     */
233 
    public function format_text_cleaning_testcases() {
 233 
    public static function format_text_cleaning_testcases(): array {
234 
        return [
 234 
        return [
235 
            'JavaScript' => [
 235 
            'JavaScript' => [
236 
                'Hello <script type="text/javascript">alert("XSS");</script> world',
 236 
                'Hello <script type="text/javascript">alert("XSS");</script> world',
237 
                'Hello <script type="text/javascript">alert("XSS");</script> world',
 237 
                'Hello <script type="text/javascript">alert("XSS");</script> world',
238 
                'Hello  world',
 238 
                'Hello  world',
Línea 260... Línea 260...
260 
            'IMG onerror and javascript alert encode' => [
 260 
            'IMG onerror and javascript alert encode' => [
261 
                '<img src=x onerror="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000083&#0000083&#0000039&#0000041">',
 261 
                '<img src=x onerror="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000083&#0000083&#0000039&#0000041">',
262 
                '<img src=x onerror="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000083&#0000083&#0000039&#0000041">',
 262 
                '<img src=x onerror="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000083&#0000083&#0000039&#0000041">',
263 
                '<img src="x" alt="x" />',
 263 
                '<img src="x" alt="x" />',
264 
            ],
 264 
            ],
- 
 
 265 
            'IMG border-radius' => [
- 
 
 266 
                '<img src=x style="border-radius: 10px;">',
- 
 
 267 
                '<img src=x style="border-radius: 10px;">',
- 
 
 268 
                '<img src="x" style="border-radius:10px;" alt="x" />',
- 
 
 269 
            ],
265 
            'DIV background-image' => [
 270 
            'DIV background-image' => [
266 
                '<DIV STYLE="background-image: url(javascript:alert(\'XSS\'))">',
 271 
                '<DIV STYLE="background-image: url(javascript:alert(\'XSS\'))">',
267 
                '<DIV STYLE="background-image: url(javascript:alert(\'XSS\'))">',
 272 
                '<DIV STYLE="background-image: url(javascript:alert(\'XSS\'))">',
268 
                '<div></div>',
 273 
                '<div></div>',
269 
            ],
 274 
            ],