TYPO3 CMS  TYPO3_7-6
ProductionExceptionHandlerTest.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
21 {
25  protected $subject = null;
26 
30  protected function setUp()
31  {
32  $this->subject = $this->getMock(\TYPO3\CMS\Core\Error\ProductionExceptionHandler::class, ['discloseExceptionInformation', 'sendStatusHeaders', 'writeLogEntries'], [], '', false);
33  $this->subject->expects($this->any())->method('discloseExceptionInformation')->will($this->returnValue(true));
34  }
35 
40  {
41  $message = '<b>b</b><script>alert(1);</script>';
42  $exception = new \Exception($message);
43  ob_start();
44  $this->subject->echoExceptionWeb($exception);
45  $output = ob_get_contents();
46  ob_end_clean();
47  $this->assertContains(htmlspecialchars($message), $output);
48  $this->assertNotContains($message, $output);
49  }
50 
54  public function echoExceptionWebEscapesExceptionTitle()
55  {
56  $title = '<b>b</b><script>alert(1);</script>';
58  $exception = $this->getMock('Exception', ['getTitle'], ['some message']);
59  $exception->expects($this->any())->method('getTitle')->will($this->returnValue($title));
60  ob_start();
61  $this->subject->echoExceptionWeb($exception);
62  $output = ob_get_contents();
63  ob_end_clean();
64  $this->assertContains(htmlspecialchars($title), $output);
65  $this->assertNotContains($title, $output);
66  }
67 }