fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-02 01:52:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'security/rve-2026-2'

Browse source
This commit is contained in:
Kijin Sung 2026-02-25 20:39:06 +09:00
commit 74b9533281
4 changed files with 29 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

10
tests/unit/framework/SecurityTest.php
View file

@ -15,6 +15,16 @@ class SecurityTest extends \Codeception\Test\Unit
// Filename (more thorough tests in FilenameFilterTest)
$this->assertEquals('foo(bar).xls', Rhymix\Framework\Security::sanitize('foo<bar>.xls', 'filename'));
// SVG #1
$source = '<svg><rect><a href="javascript:alert(0)">Test</a></rect></svg>';
$target = '<?xml version="1.0" encoding="UTF-8"?>' . "\n<svg>\n <rect>\n <a>Test</a>\n </rect>\n</svg>\n";
$this->assertEquals($target, Rhymix\Framework\Security::sanitize($source, 'svg'));
// SVG #2
$source = '<svg><rect></rect><script></script></svg>';
$target = '<?xml version="1.0" encoding="UTF-8"?>' . "\n<svg>\n <rect></rect>\n</svg>\n";
$this->assertEquals($target, Rhymix\Framework\Security::sanitize($source, 'svg'));
}
public function testEncryption()