‪TYPO3CMS  11.5
EmailViewHelperTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Fluid\Tests\Functional\ViewHelpers\Link;
19 
20 use ‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder;
21 use ‪TYPO3\CMS\Core\Database\ConnectionPool;
22 use ‪TYPO3\CMS\Core\Http\ServerRequest;
23 use ‪TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait;
24 use ‪TYPO3\CMS\Fluid\View\StandaloneView;
25 use TYPO3\TestingFramework\Core\Functional\Framework\Frontend\InternalRequest;
26 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
27 
28 class ‪EmailViewHelperTest extends FunctionalTestCase
29 {
30  use ‪SiteBasedTestTrait;
31 
32  protected const ‪LANGUAGE_PRESETS = [];
33 
37  public function ‪renderCreatesProperMarkupInBackend(): void
38  {
39  ‪$GLOBALS['TYPO3_REQUEST'] = (new ‪ServerRequest())
40  ->withAttribute('applicationType', ‪SystemEnvironmentBuilder::REQUESTTYPE_BE);
41  $view = new ‪StandaloneView();
42  $view->setTemplateSource('<f:link.email email="foo@example.com">send mail</f:link.email>');
43  self::assertEquals('<a href="mailto:foo@example.com">send mail</a>', $view->render());
44  }
45 
49  public function ‪renderCreatesProperMarkupInBackendWithEmptyChild(): void
50  {
51  ‪$GLOBALS['TYPO3_REQUEST'] = (new ‪ServerRequest())
52  ->withAttribute('applicationType', ‪SystemEnvironmentBuilder::REQUESTTYPE_BE);
53  $view = new ‪StandaloneView();
54  $view->setTemplateSource('<f:link.email email="foo@example.com" />');
55  self::assertEquals('<a href="mailto:foo@example.com">foo@example.com</a>', $view->render());
56  }
57 
58  public function ‪renderEncodesEmailInFrontendDataProvider(): array
59  {
60  return [
61  'Plain email' => [
62  '<f:link.email email="some@email.tld" />',
63  ['config.spamProtectEmailAddresses = 0'],
64  '<a href="mailto:some@email.tld">some@email.tld</a>',
65  ],
66  'Plain email with spam protection' => [
67  '<f:link.email email="some@email.tld" />',
68  ['config.spamProtectEmailAddresses = 1'],
69  '<a href="#" data-mailto-token="nbjmup+tpnfAfnbjm/ume" data-mailto-vector="1">some(at)email.tld</a>',
70  ],
71  'Plain email with ascii spam protection' => [
72  '<f:link.email email="some@email.tld" />',
73  ['config.spamProtectEmailAddresses = ascii'],
74  '<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#115;&#111;&#109;&#101;&#64;&#101;&#109;&#97;&#105;&#108;&#46;&#116;&#108;&#100;">some(at)email.tld</a>',
75  ],
76  'Plain email with spam protection and markup substitution' => [
77  '<f:link.email email="some@email.tld" />',
78  [
79  'config.spamProtectEmailAddresses = 1',
80  'config.spamProtectEmailAddresses_atSubst = <span class="at"></span>',
81  'config.spamProtectEmailAddresses_lastDotSubst = <span class="dot"></span>',
82  ],
83  '<a href="#" data-mailto-token="nbjmup+tpnfAfnbjm/ume" data-mailto-vector="1">some<span class="at"></span>email<span class="dot"></span>tld</a>',
84  ],
85  'Susceptible email' => [
86  '<f:link.email email="\"><script>alert(\'email\')</script>" />',
87  ['config.spamProtectEmailAddresses = 0'],
88  // check against correct value regarding php 8.1 change of default argument values of flags for ex. htmlspecialchars()
89  // @todo remove conditional values when php 8.1 is min requirement
90  (PHP_VERSION_ID < 80100
91  // before php 8.1 - remove this for >php8.1 only
92  ? '<a href="mailto:&quot;&gt;&lt;script&gt;alert(\'email\')&lt;/script&gt;">&quot;&gt;&lt;script&gt;alert(\'email\')&lt;/script&gt;</a>'
93  // for php 8.1
94  : '<a href="mailto:&quot;&gt;&lt;script&gt;alert(&#039;email&#039;)&lt;/script&gt;">&quot;&gt;&lt;script&gt;alert(&#039;email&#039;)&lt;/script&gt;</a>'),
95  ],
96  'Susceptible email with spam protection' => [
97  '<f:link.email email="\"><script>alert(\'email\')</script>" />',
98  ['config.spamProtectEmailAddresses = 1'],
99  // check against correct value regarding php 8.1 change of default argument values of flags for ex. htmlspecialchars()
100  // @todo remove conditional values when php 8.1 is min requirement
101  (PHP_VERSION_ID < 80100
102  // before php 8.1 - remove this for >php8.1 only
103  ? '<a href="#" data-mailto-token="nbjmup+&quot;&gt;&lt;tdsjqu&gt;bmfsu(\'fnbjm\')&lt;0tdsjqu&gt;" data-mailto-vector="1">&quot;&gt;&lt;script&gt;alert(\'email\')&lt;/script&gt;</a>'
104  // for php 8.1
105  : '<a href="#" data-mailto-token="nbjmup+&quot;&gt;&lt;tdsjqu&gt;bmfsu(&#039;fnbjm&#039;)&lt;0tdsjqu&gt;" data-mailto-vector="1">&quot;&gt;&lt;script&gt;alert(&#039;email&#039;)&lt;/script&gt;</a>'),
106  ],
107  'Susceptible email with ascii spam protection' => [
108  '<f:link.email email="\"><script>alert(\'email\')</script>" />',
109  ['config.spamProtectEmailAddresses = ascii'],
110  // check against correct value regarding php 8.1 change of default argument values of flags for ex. htmlspecialchars()
111  // @todo remove conditional values when php 8.1 is min requirement
112  (PHP_VERSION_ID < 80100
113  // before php 8.1 - remove this for >php8.1 only
114  ? '<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#34;&#62;&#60;&#115;&#99;&#114;&#105;&#112;&#116;&#62;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#101;&#109;&#97;&#105;&#108;&#39;&#41;&#60;&#47;&#115;&#99;&#114;&#105;&#112;&#116;&#62;">&quot;&gt;&lt;script&gt;alert(\'email\')&lt;/script&gt;</a>'
115  // for php 8.1
116  : '<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#34;&#62;&#60;&#115;&#99;&#114;&#105;&#112;&#116;&#62;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#101;&#109;&#97;&#105;&#108;&#39;&#41;&#60;&#47;&#115;&#99;&#114;&#105;&#112;&#116;&#62;">&quot;&gt;&lt;script&gt;alert(&#039;email&#039;)&lt;/script&gt;</a>'),
117  ],
118  ];
119  }
120 
125  public function ‪renderEncodesEmailInFrontend(string $template, array $typoScript, string $expected): void
126  {
127  $this->setUpBackendUserFromFixture(1);
128  $this->importCSVDataSet(__DIR__ . '/../../Fixtures/pages.csv');
129  $this->‪writeSiteConfiguration(
130  'test',
131  $this->‪buildSiteConfiguration(1, '/'),
132  );
133  (new ‪ConnectionPool())->getConnectionForTable('sys_template')->insert('sys_template', [
134  'pid' => 1,
135  'root' => 1,
136  'clear' => 1,
137  'config' => implode("\n", $typoScript) . "\n" . <<<EOT
138 page = PAGE
139 page.10 = FLUIDTEMPLATE
140 page.10 {
141  template = TEXT
142  template.value = $template
143 }
144 EOT
145  ]);
146  $response = $this->executeFrontendSubRequest((new InternalRequest())->withPageId(1));
147  self::assertStringContainsString($expected, (string)$response->getBody());
148  }
149 }
‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder
Definition: SystemEnvironmentBuilder.php:41
‪TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait
Definition: SiteBasedTestTrait.php:36
‪TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait\writeSiteConfiguration
‪writeSiteConfiguration(string $identifier, array $site=[], array $languages=[], array $errorHandling=[])
Definition: SiteBasedTestTrait.php:58
‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder\REQUESTTYPE_BE
‪const REQUESTTYPE_BE
Definition: SystemEnvironmentBuilder.php:45
‪TYPO3\CMS\Core\Http\ServerRequest
Definition: ServerRequest.php:37
‪TYPO3\CMS\Fluid\View\StandaloneView
Definition: StandaloneView.php:31
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait\buildSiteConfiguration
‪array buildSiteConfiguration(int $rootPageId, string $base='')
Definition: SiteBasedTestTrait.php:111
‪TYPO3\CMS\Core\Database\ConnectionPool
Definition: ConnectionPool.php:46