Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-11 18:32:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix phpunit

Browse Source
This commit is contained in:
Laurent Destailleur
2023-11-29 20:32:03 +01:00
parent 09c7b1e270
commit 0d61ee74c7
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
test/phpunit/SecurityTest.php
View File

@@ -600,12 +600,13 @@ class SecurityTest extends PHPUnit\Framework\TestCase
$result=GETPOST("param15", 'restricthtml'); // param15 = <img onerror<=alert(document.domain)> src=>0xbeefed that is a dangerous string
print __METHOD__." result for param15=".$result."\n";
//$this->assertEquals('InvalidHTMLStringCantBeCleaned', $result, 'Test 15b'); // With some PHP and libxml version, we got this result when parsing invalid HTML, but ...
//$this->assertEquals('InvalidHTMLStringCantBeCleaned', $result, 'Test 15b'); // With some PHP and libxml version, we got this result when parsing invalid HTML, but ...
//$this->assertEquals('<img onerror> src=&gt;0xbeefed', $result, 'Test 15b'); // ... on other PHP and libxml versions, we got a HTML that has been cleaned
$result=GETPOST("param6", 'restricthtml'); // param6 = "&gt;
$result=GETPOST("param6", 'restricthtml'); // param6 = "&quot;&gt;<svg o&#110;load='console.log(&quot;123&quot;)'&gt;"
print __METHOD__." result for param6=".$result." - before=".$_POST["param6"]."\n";
$this->assertEquals('"&gt;', $result);
//$this->assertEquals('InvalidHTMLStringCantBeCleaned', $result, 'Test 15b'); // With some PHP and libxml version, we got this result when parsing invalid HTML, but ...
//$this->assertEquals('"&gt;', $result); // ... on other PHP and libxml versions, we got a HTML that has been cleaned
$result=GETPOST("param7", 'restricthtml'); // param7 = "c:\this is a path~1\aaa&#110; &#x&#x31;&#x31;&#x30;;" abc<bad>def</bad>
print __METHOD__." result param7 = ".$result."\n";