View GitHub Repository sylar

Schedule Inspection
Subscribe

PHPIDSConverterTest::testConversion()   B
last analyzed

↳ Parent: PHPIDSConverterTest

Complexity

Conditions 2
Paths 2

Size

Total Lines 25
Code Lines 13

Duplication

Lines 0
Ratio 0 %

Importance

Changes 1
Bugs 0 Features 0
Metric Value
c 1
b 0
f 0
dl 0
loc 25
rs 8.8571
cc 2
eloc 13
nc 2
nop 0
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
namespace Ionut\Sylar\Tests\Unit\Normalizers;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                
use Ionut\Sylar\Normalizers\PHPIDSConverter;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                
use Ionut\Sylar\Tests\TestCase;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
class PHPIDSConverterTest extends TestCase

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                
     * @var PHPIDSConverter

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
     */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                
    protected $converter;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                
    public function setUp()

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                
        $this->converter = new PHPIDSConverter();

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                
    public function testConversion()

            


            
                                                        
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                
    {

            


            
                                                        
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
        $exploits = [

            


            
                                                        
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                
            "<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>" => '<IMG SRC=javascript:alert("XSS")>',

            


            
                                                        
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                
            "<IMG SRC=\"jav	ascript:alert('XSS');\">" => '<IMG SRC="javascript:alert("XSS");',

            


            
                                                        
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                
            "<IMG SRC=\"jav&#x09;ascript:alert('XSS');\">" => '<IMG SRC="javascript:alert("XSS");">',

            


            
                                                        
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                
            "\ntest\n" => '  test  ',

            


            
                                                        
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                
            "\\ntest\\n" => ';test;',

            


            
                                                        
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                
            "t--damn-est" => "t;est",

            


            
                                                        
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
            "damn#test\na" => 'damna'

            


            
                                                        
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                
        ];

            


            
                                                        
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
        foreach ($exploits as $exploit => $converted) {

            


            
                                                        
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                
            $this->assertContains(

            


            
                                                        
            
                                    
            
            

                
                    41
                

                                    
                                                    
                
                
                
                $converted,

            


            
                                                        
            
                                    
            
            

                
                    42
                

                                    
                                                    
                
                
                
                $this->converter->normalize([$exploit])[0]->variants[PHPIDSConverter::class]->getValue()

            


            
                                                        
            
                                    
            
            

                
                    43
                

                                    
                                                    
                
                
                
            );

            


            
                                                        
            
                                    
            
            

                
                    44
                

                                    
                                                    
                
                
                
        }

            


            
                                                        
            
                                    
            
            

                
                    45
                

                                    
                                                    
                
                
                
    }

            


            
                                                        
            
                                    
            
            

                
                    46
                

                                    
                                                    
                
                
                
}