‪TYPO3CMS  11.5
StripTagsViewHelperTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format;
19 
20 use ‪TYPO3\CMS\Fluid\View\StandaloneView;
21 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
22 
23 class ‪StripTagsViewHelperTest extends FunctionalTestCase
24 {
28  protected ‪$initializeDatabase = false;
29 
30  public function ‪renderDataProvider(): array
31  {
32  return [
33  'renderUsesValueAsSourceIfSpecified' => [
34  '<f:format.stripTags value="Some string" />',
35  'Some string',
36  ],
37  'renderUsesChildnodesAsSourceIfSpecified' => [
38  '<f:format.stripTags>Some string</f:format.stripTags>',
39  'Some string',
40  ],
41  'no special chars' => [
42  '<f:format.stripTags>This is a sample text without special characters.</f:format.stripTags>',
43  'This is a sample text without special characters.',
44  ],
45  'some tags' => [
46  '<f:format.stripTags>This is a sample text <b>with <i>some</i> tags</b>.</f:format.stripTags>',
47  'This is a sample text with some tags.',
48  ],
49  'some umlauts' => [
50  '<f:format.stripTags>This text contains some &quot;&Uuml;mlaut&quot;.</f:format.stripTags>',
51  'This text contains some &quot;&Uuml;mlaut&quot;.',
52  ],
53  'allowed tags' => [
54  '<f:format.stripTags allowedTags="<strong>">This text <i>contains</i> some <strong>allowed</strong> tags.</f:format.stripTags>',
55  'This text contains some <strong>allowed</strong> tags.',
56  ],
57  ];
58  }
59 
64  public function ‪render(string $template, string $expected): void
65  {
66  $view = new ‪StandaloneView();
67  $view->setTemplateSource($template);
68  self::assertEquals($expected, $view->render());
69  }
70 
77  public function ‪renderEscapesObjectIfPossible(): void
78  {
79  $toStringClass = new class () {
80  public function __toString(): string
81  {
82  return '<script>alert(\'"xss"\')</script>';
83  }
84  };
85  $view = new StandaloneView();
86  $view->assign('value', $toStringClass);
87  $view->setTemplateSource('<f:format.stripTags>{value}</f:format.stripTags>');
88  self::assertEquals('alert(\'"xss"\')', $view->render());
89  }
90 }
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\StripTagsViewHelperTest\$initializeDatabase
‪bool $initializeDatabase
Definition: StripTagsViewHelperTest.php:27
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\StripTagsViewHelperTest\renderDataProvider
‪renderDataProvider()
Definition: StripTagsViewHelperTest.php:29
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\StripTagsViewHelperTest
Definition: StripTagsViewHelperTest.php:24
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format
Definition: BytesViewHelperTest.php:18
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\StripTagsViewHelperTest\renderEscapesObjectIfPossible
‪renderEscapesObjectIfPossible()
Definition: StripTagsViewHelperTest.php:76
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\StripTagsViewHelperTest\render
‪render(string $template, string $expected)
Definition: StripTagsViewHelperTest.php:63
‪TYPO3\CMS\Fluid\View\StandaloneView
Definition: StandaloneView.php:31