fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-22 05:15:29 +09:00
Code Issues Projects Releases Packages Wiki Activity

Move upload file filter to Rhymix Framework and add proper unit tests for SVG-based attacks

Browse source
This commit is contained in:
Kijin Sung 2018-10-18 14:34:19 +09:00
parent af64ae79c1
commit e98cf03d95
6 changed files with 250 additions and 126 deletions
Download patch file Download diff file Expand all files Collapse all files

14
tests/unit/framework/filters/FileContentFilterTest.php Normal file
View file

@ -0,0 +1,14 @@
<?php
use Rhymix\Framework\Filters\FileContentFilter;
class FileContentFilterTest extends \Codeception\TestCase\Test
{
public function testSVG()
{
$this->assertTrue(FileContentFilter::check(\RX_BASEDIR . 'tests/_data/security/example.svg'));
$this->assertFalse(FileContentFilter::check(\RX_BASEDIR . 'tests/_data/security/ssrf.svg'));
$this->assertFalse(FileContentFilter::check(\RX_BASEDIR . 'tests/_data/security/ssrf.svg', 'cover.jpg'));
$this->assertFalse(FileContentFilter::check(\RX_BASEDIR . 'tests/_data/security/xss.svg'));
}
}