7use PHPUnit\Framework\TestCase;
37 $tags = $this->
class->getAllowedTags();
39 $this->assertInternalType(
'array',
$tags);
59 $tags = $this->
class->getAllowedTags();
61 $this->assertInternalType(
'array',
$tags);
85 $dataDirectory = __DIR__ .
'/data';
86 $initialData = file_get_contents($dataDirectory .
'/xmlTestOne.xml');
87 $expected = file_get_contents($dataDirectory .
'/xmlCleanOne.xml');
89 $cleanData = $this->
class->sanitize($initialData);
91 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
99 $dataDirectory = __DIR__ .
'/data';
100 $initialData = file_get_contents($dataDirectory .
'/svgTestOne.svg');
101 $expected = file_get_contents($dataDirectory .
'/svgCleanOne.svg');
103 $cleanData = $this->
class->sanitize($initialData);
105 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
113 $dataDirectory = __DIR__ .
'/data';
114 $initialData = file_get_contents($dataDirectory .
'/badXmlTestOne.svg');
116 $cleanData = $this->
class->sanitize($initialData);
118 $this->assertEquals(
false, $cleanData);
126 $dataDirectory = __DIR__ .
'/data';
127 $initialData = file_get_contents($dataDirectory .
'/hrefTestOne.svg');
128 $expected = file_get_contents($dataDirectory .
'/hrefCleanOne.svg');
130 $cleanData = $this->
class->sanitize($initialData);
132 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
140 $dataDirectory = __DIR__ .
'/data';
141 $initialData = file_get_contents($dataDirectory .
'/hrefTestTwo.svg');
142 $expected = file_get_contents($dataDirectory .
'/hrefCleanTwo.svg');
144 $cleanData = $this->
class->sanitize($initialData);
146 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
154 $dataDirectory = __DIR__ .
'/data';
155 $initialData = file_get_contents($dataDirectory .
'/externalTest.svg');
156 $expected = file_get_contents($dataDirectory .
'/externalClean.svg');
158 $this->
class->removeRemoteReferences(
true);
159 $cleanData = $this->
class->sanitize($initialData);
160 $this->
class->removeRemoteReferences(
false);
162 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
170 $dataDirectory = __DIR__ .
'/data';
171 $initialData = file_get_contents($dataDirectory .
'/svgTestOne.svg');
172 $expected = file_get_contents($dataDirectory .
'/svgCleanOneMinified.svg');
174 $this->
class->minify(
true);
175 $cleanData = $this->
class->sanitize($initialData);
176 $this->
class->minify(
false);
178 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
186 $dataDirectory = __DIR__ .
'/data';
187 $initialData = file_get_contents($dataDirectory .
'/ariaDataTest.svg');
188 $expected = file_get_contents($dataDirectory .
'/ariaDataClean.svg');
190 $this->
class->minify(
false);
191 $cleanData = $this->
class->sanitize($initialData);
192 $this->
class->minify(
false);
194 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
202 $dataDirectory = __DIR__ .
'/data';
203 $initialData = file_get_contents($dataDirectory .
'/useTest.svg');
204 $expected = file_get_contents($dataDirectory .
'/useClean.svg');
206 $this->
class->minify(
false);
207 $cleanData = $this->
class->sanitize($initialData);
208 $this->
class->minify(
false);
210 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
218 $this->
class->minify(
true);
219 $this->
class->removeXMLTag(
true);
220 $this->
class->setXMLOptions(0);
222 $input =
'<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><title>chevron-double-down</title><path d="M4 11.73l.68-.73L12 17.82 19.32 11l.68.73-7.66 7.13a.5.5 0 0 1-.68 0z"/><path d="M4 5.73L4.68 5 12 11.82 19.32 5l.68.73-7.66 7.13a.5.5 0 0 1-.68 0z"/></svg>';
223 $output = $this->
class->sanitize($input);
224 $this->assertEquals($input,
$output);
232 $dataDirectory = __DIR__ .
'/data';
233 $initialData = file_get_contents($dataDirectory .
'/xlinkLaughsTest.svg');
234 $expected = file_get_contents($dataDirectory .
'/xlinkLaughsClean.svg');
236 $this->
class->minify(
false);
237 $cleanData = $this->
class->sanitize($initialData);
239 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
247 $dataDirectory = __DIR__ .
'/data';
248 $initialData = file_get_contents($dataDirectory .
'/xlinkLoopTest.svg');
249 $expected = file_get_contents($dataDirectory .
'/xlinkLoopClean.svg');
251 $this->
class->minify(
false);
252 $cleanData = $this->
class->sanitize($initialData);
254 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
262 $dataDirectory = __DIR__ .
'/data';
263 $initialData = file_get_contents($dataDirectory .
'/useDosTest.svg');
264 $expected = file_get_contents($dataDirectory .
'/useDosClean.svg');
266 $this->
class->minify(
false);
267 $cleanData = $this->
class->sanitize($initialData);
269 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
278 $dataDirectory = __DIR__ .
'/data';
279 $initialData = file_get_contents($dataDirectory .
'/useDosTestTwo.svg');
280 $expected = file_get_contents($dataDirectory .
'/useDosCleanTwo.svg');
282 $this->
class->minify(
false);
283 $cleanData = $this->
class->sanitize($initialData);
285 $this->assertXmlStringEqualsXmlString($expected, $cleanData);
An exception for terminatinating execution or to throw for unit testing.
static getAttributes()
Returns an array of attributes.
testSanitizeSVGDoc()
Test that malicious elements and attributes are removed from an SVG.
useRecursionsAreDetected()
testLargeUseDOSattacksAreNullified()
Make sure that DOS attacks using the <use> element are detected, especially when the SVG is extremely...
testSetCustomAttributes()
Test the custom attribute setters and getters.
testSanitizeHrefsNoXlinkNamespace()
Make sure that hrefs get sanitized correctly when the xlink namespace is omitted.
testSanitizeXMLDoc()
Test that malicious elements and attributes are removed from standard XML.
infiniteUseLoopsAreDetected()
testLoadDefaultTags()
Make sure the initial tags are loaded.
setUp()
Set up the test class.
testThatExternalUseElementsAreStripped()
Test that ARIA and Data Attributes are allowed.
testThatAriaAndDataAttributesAreAllowed()
Test that ARIA and Data Attributes are allowed.
testSetCustomTags()
Test the custom tag setters and getters.
testLoadDefaultAttributes()
Make sure the initial attributes are loaded.
testBadXMLReturnsFalse()
Test that a badly formatted XML document returns false.
testUseDOSattacksAreNullified()
Make sure that DOS attacks using the <use> element are detected.
testSanitizeExternal()
Make sure that external references get sanitized correctly.
testSanitizeHrefs()
Make sure that hrefs get sanitized correctly.
testMinifiedOptions()
Test setXMLOptions and minifying works as expected.
testSanitizeAndMinifiySVGDoc()
Test that minification of an SVG works.
if(!is_dir( $entity_dir)) exit("Fatal Error ([A-Za-z0-9]+)\s+" &#(? foreach( $entity_files as $file) $output