link", "test link"),
array("some data", "some dataalert('xss!')"),
array("some data", "some data"),
array("some data", "some data"),
array('some data before
some data after', 'some data beforesome data after'),
array('some data beforesome data after', 'some data beforesome data after'),
array('some data beforesome data after', 'some data beforesome data after'),
array('Roger Smith
', 'Roger Smith
'),
array('some data before
some data after', 'some data beforesome data after'),
);
}
protected function clean($str) {
$potentials = clean_xss($str, false);
if(is_array($potentials) && !empty($potentials)) {
foreach($potentials as $bad) {
$str = str_replace($bad, "", $str);
}
}
return $str;
}
/**
* @dataProvider xssData
*/
public function testXssFilter($before, $after)
{
$this->assertEquals($after, $this->clean($before));
}
/**
* @dataProvider xssData
*/
public function testXssFilterBean($before, $after)
{
$bean = new EmailTemplate();
$bean->body_html = to_html($before);
$bean->cleanBean();
$this->assertEquals(to_html($after), $bean->body_html);
}
}