CEscaperTest::testSetAndGetEncoding() - Code Metrics - Inspection of "Added .scrutinizer.yml" - Sceluswe/XSS-Escaper - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( b5e289...293ae4 )

by Emil

created 2016-04-20 18:29 UTC

CEscaperTest::testSetAndGetEncoding() A

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines	12
Code Lines	9

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
c	2
b	0
f	0
dl	0
loc	12
rs	9.4285
cc	1
eloc	9
nc	1
nop	0

<?php

namespace Scelus\Escaper;

/*
* All functions are based on the recommendations in the 
* XSS (Cross Site Scripting) Prevention Cheat Sheet:
* https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
* 
*/
class CEscaperTest extends \PHPUnit_Framework_TestCase
{
	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testConstructorSuccess() {
		$el = new \Scelus\Escaper\CEscaper();

		$res = $el->getEncoding();
		$exp = 'UTF-8';
		$this->assertEquals($res, $exp, "Created element name missmatch.");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testSetAndGetEncoding() {
		$el = new \Scelus\Escaper\CEscaper('ASCII');
		
		$res = $el->getEncoding();
		$exp = 'ASCII';
		$this->assertEquals($res, $exp, "Created element argument missmatch");
		
		$el->setEncoding('UTF-8');
		$res = $el->getEncoding();
		$exp = 'UTF-8';
		$this->assertEquals($res, $exp, "setEncoding() produced missmatch");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testEscapeHTML() {
		$el = new \Scelus\Escaper\CEscaper();
		
		$argument = '></div><h1>myattack</h1>';
		$res = $el->escapeHTML($argument);
		$exp = '&gt;&lt;&#x2F;div&gt;&lt;h1&gt;myattack&lt;&#x2F;h1&gt;';
		$this->assertEquals($res, $exp, "escapeHTML() produced missmatch");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testEscapeHTMLattr() {
		$el = new \Scelus\Escaper\CEscaper();
		
		$argument = '"><h1>Hello</table';
		$res = $el->escapeHTMLattr($argument);
		$exp = "&#x22;&#x3e;&#x3c;h1&#x3e;Hello&#x3c;&#x2f;table";
		$this->assertEquals($res, $exp, "escapeHTMLattr() produced missmatch");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testEscapeUrl() {
		$el = new \Scelus\Escaper\CEscaper();
		
		$argument = '"><script>alert(1)</script><a href="#';
		$res = $el->escapeUrl($argument);
		$exp = "%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E%3Ca%20href%3D%22%23";
		$this->assertEquals($res, $exp, "escapeUrl() produced missmatch");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testEscapeCSS() {
		$el = new \Scelus\Escaper\CEscaper();
		
		$argument = '"><script>alert(1)</script><a href="#';
		$res = $el->escapeCSS($argument);
		$exp = '\22 \3e \3c script\3e alert\28 1\29 \3c \2f script\3e \3c a\20 href\3d \22 \23 ';
		$this->assertEquals($res, $exp, "escapeCSS() produced missmatch");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testEscapeJs() {
		$el = new \Scelus\Escaper\CEscaper();
		$argument = "'; alert(100); var x='";
		$res = $el->escapeJs($argument);
		$exp = '\x27\x3b\x20alert\x28100\x29\x3b\x20var\x20x\x3d\x27';
		$this->assertEquals($res, $exp, "escapeJs() produced missmatch");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testEscapeXML() {
		$el = new \Scelus\Escaper\CEscaper();
		$argument = '></div><h1>myattack</h1>';
		$res = $el->escapeXml($argument);
		$exp = '&gt;&lt;&#x2F;div&gt;&lt;h1&gt;myattack&lt;&#x2F;h1&gt;';
		$this->assertEquals($res, $exp, "escapeHTML() produced missmatch");
	}

	/**
	 * Test 
	 *
	 * @return void
	 */
	public function testEscapeXmlattr() {
		$el = new \Scelus\Escaper\CEscaper();
		$argument = '"><h1>Hello</table';
		$res = $el->escapeXmlattr($argument);
		$exp = "&#x22;&#x3e;&#x3c;h1&#x3e;Hello&#x3c;&#x2f;table";
		$this->assertEquals($res, $exp, "escapeHTMLattr() produced missmatch");
	}
}

1			<?php
2
3			namespace Scelus\Escaper;
4
5			/*
6			* All functions are based on the recommendations in the
7			* XSS (Cross Site Scripting) Prevention Cheat Sheet:
8			* https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
9			*
10			*/
11			class CEscaperTest extends \PHPUnit_Framework_TestCase
12			{
13			/**
14			* Test
15			*
16			* @return void
17			*/
18			public function testConstructorSuccess() {
19			$el = new \Scelus\Escaper\CEscaper();
20
21			$res = $el->getEncoding();
22			$exp = 'UTF-8';
23			$this->assertEquals($res, $exp, "Created element name missmatch.");
24			}
25
26			/**
27			* Test
28			*
29			* @return void
30			*/
31			public function testSetAndGetEncoding() {
32			$el = new \Scelus\Escaper\CEscaper('ASCII');
33
34			$res = $el->getEncoding();
35			$exp = 'ASCII';
36			$this->assertEquals($res, $exp, "Created element argument missmatch");
37
38			$el->setEncoding('UTF-8');
39			$res = $el->getEncoding();
40			$exp = 'UTF-8';
41			$this->assertEquals($res, $exp, "setEncoding() produced missmatch");
42			}
43
44			/**
45			* Test
46			*
47			* @return void
48			*/
49			public function testEscapeHTML() {
50			$el = new \Scelus\Escaper\CEscaper();
51
52			$argument = '></div><h1>myattack</h1>';
53			$res = $el->escapeHTML($argument);
54			$exp = '></div><h1>myattack</h1>';
55			$this->assertEquals($res, $exp, "escapeHTML() produced missmatch");
56			}
57
58			/**
59			* Test
60			*
61			* @return void
62			*/
63			public function testEscapeHTMLattr() {
64			$el = new \Scelus\Escaper\CEscaper();
65
66			$argument = '"><h1>Hello</table';
67			$res = $el->escapeHTMLattr($argument);
68			$exp = ""><h1>Hello</table";
69			$this->assertEquals($res, $exp, "escapeHTMLattr() produced missmatch");
70			}
71
72			/**
73			* Test
74			*
75			* @return void
76			*/
77			public function testEscapeUrl() {
78			$el = new \Scelus\Escaper\CEscaper();
79
80			$argument = '"><script>alert(1)</script><a href="#';
81			$res = $el->escapeUrl($argument);
82			$exp = "%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E%3Ca%20href%3D%22%23";
83			$this->assertEquals($res, $exp, "escapeUrl() produced missmatch");
84			}
85
86			/**
87			* Test
88			*
89			* @return void
90			*/
91			public function testEscapeCSS() {
92			$el = new \Scelus\Escaper\CEscaper();
93
94			$argument = '"><script>alert(1)</script><a href="#';
95			$res = $el->escapeCSS($argument);
96			$exp = '\22 \3e \3c script\3e alert\28 1\29 \3c \2f script\3e \3c a\20 href\3d \22 \23 ';
97			$this->assertEquals($res, $exp, "escapeCSS() produced missmatch");
98			}
99
100			/**
101			* Test
102			*
103			* @return void
104			*/
105			public function testEscapeJs() {
106			$el = new \Scelus\Escaper\CEscaper();
107			$argument = "'; alert(100); var x='";
108			$res = $el->escapeJs($argument);
109			$exp = '\x27\x3b\x20alert\x28100\x29\x3b\x20var\x20x\x3d\x27';
110			$this->assertEquals($res, $exp, "escapeJs() produced missmatch");
111			}
112
113			/**
114			* Test
115			*
116			* @return void
117			*/
118			public function testEscapeXML() {
119			$el = new \Scelus\Escaper\CEscaper();
120			$argument = '></div><h1>myattack</h1>';
121			$res = $el->escapeXml($argument);
122			$exp = '></div><h1>myattack</h1>';
123			$this->assertEquals($res, $exp, "escapeHTML() produced missmatch");
124			}
125
126			/**
127			* Test
128			*
129			* @return void
130			*/
131			public function testEscapeXmlattr() {
132			$el = new \Scelus\Escaper\CEscaper();
133			$argument = '"><h1>Hello</table';
134			$res = $el->escapeXmlattr($argument);
135			$exp = ""><h1>Hello</table";
136			$this->assertEquals($res, $exp, "escapeHTMLattr() produced missmatch");
137			}
138			}

Sceluswe / XSS-Escaper

GitHub Access Token became invalid

Push — master ( b5e289...293ae4 )

CEscaperTest::testSetAndGetEncoding() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like