‪TYPO3CMS  11.5
UrlencodeViewHelperTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format;
19 
20 use ‪TYPO3\CMS\Fluid\View\StandaloneView;
21 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
22 
23 class ‪UrlencodeViewHelperTest extends FunctionalTestCase
24 {
28  protected ‪$initializeDatabase = false;
29 
30  public function ‪renderDataProvider(): array
31  {
32  return [
33  'renderUsesValueAsSourceIfSpecified' => [
34  '<f:format.urlencode value="Source" />',
35  'Source',
36  ],
37  'renderUsesChildnodesAsSourceIfSpecified' => [
38  '<f:format.urlencode>Source</f:format.urlencode>',
39  'Source',
40  ],
41  'renderDoesNotModifyValueIfItDoesNotContainSpecialCharacters' => [
42  '<f:format.urlencode>StringWithoutSpecialCharacters</f:format.urlencode>',
43  'StringWithoutSpecialCharacters',
44  ],
45  'renderEncodesString' => [
46  '<f:format.urlencode>Foo @+%/ "</f:format.urlencode>',
47  'Foo%20%40%2B%25%2F%20%22',
48  ],
49  ];
50  }
51 
56  public function ‪render(string $template, string $expected): void
57  {
58  $view = new ‪StandaloneView();
59  $view->setTemplateSource($template);
60  self::assertEquals($expected, $view->render());
61  }
62 
69  public function ‪renderEscapesObjectIfPossible(): void
70  {
71  $toStringClass = new class () {
72  public function __toString(): string
73  {
74  return '<script>alert(\'"xss"\')</script>';
75  }
76  };
77  $view = new StandaloneView();
78  $view->assign('value', $toStringClass);
79  $view->setTemplateSource('<f:format.urlencode>{value}</f:format.urlencode>');
80  self::assertEquals('%3Cscript%3Ealert%28%27%22xss%22%27%29%3C%2Fscript%3E', $view->render());
81  }
82 }
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\UrlencodeViewHelperTest\render
‪render(string $template, string $expected)
Definition: UrlencodeViewHelperTest.php:55
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format
Definition: BytesViewHelperTest.php:18
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\UrlencodeViewHelperTest\renderEscapesObjectIfPossible
‪renderEscapesObjectIfPossible()
Definition: UrlencodeViewHelperTest.php:68
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\UrlencodeViewHelperTest
Definition: UrlencodeViewHelperTest.php:24
‪TYPO3\CMS\Fluid\View\StandaloneView
Definition: StandaloneView.php:31
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\UrlencodeViewHelperTest\renderDataProvider
‪renderDataProvider()
Definition: UrlencodeViewHelperTest.php:29
‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Format\UrlencodeViewHelperTest\$initializeDatabase
‪bool $initializeDatabase
Definition: UrlencodeViewHelperTest.php:27