149 $this->env =
new Twig_Environment($this->getMockBuilder(
'Twig_LoaderInterface')->getMock());
154 foreach ($this->htmlSpecialChars as
$key => $value) {
155 $this->assertEquals($value, twig_escape_filter($this->env,
$key,
'html'),
'Failed to escape: '.
$key);
161 foreach ($this->htmlAttrSpecialChars as
$key => $value) {
162 $this->assertEquals($value, twig_escape_filter($this->env,
$key,
'html_attr'),
'Failed to escape: '.
$key);
168 foreach ($this->jsSpecialChars as
$key => $value) {
169 $this->assertEquals($value, twig_escape_filter($this->env,
$key,
'js'),
'Failed to escape: '.
$key);
175 $this->assertEquals(
'', twig_escape_filter($this->env,
'',
'js'));
180 $this->assertEquals(
'123', twig_escape_filter($this->env,
'123',
'js'));
185 foreach ($this->cssSpecialChars as
$key => $value) {
186 $this->assertEquals($value, twig_escape_filter($this->env,
$key,
'css'),
'Failed to escape: '.
$key);
192 $this->assertEquals(
'', twig_escape_filter($this->env,
'',
'css'));
197 $this->assertEquals(
'123', twig_escape_filter($this->env,
'123',
'css'));
202 foreach ($this->urlSpecialChars as
$key => $value) {
203 $this->assertEquals($value, twig_escape_filter($this->env,
$key,
'url'),
'Failed to escape: '.
$key);
218 $codepoints = array(0x20, 0x7e, 0x799);
220 foreach ($codepoints as $value) {
223 $this->assertEquals($expected,
$result);
235 if ($codepoint < 0x80) {
236 return chr($codepoint);
238 if ($codepoint < 0x800) {
239 return chr($codepoint >> 6 & 0x3f | 0xc0)
240 .chr($codepoint & 0x3f | 0x80);
242 if ($codepoint < 0x10000) {
243 return chr($codepoint >> 12 & 0x0f | 0xe0)
244 .chr($codepoint >> 6 & 0x3f | 0x80)
245 .chr($codepoint & 0x3f | 0x80);
247 if ($codepoint < 0x110000) {
248 return chr($codepoint >> 18 & 0x07 | 0xf0)
249 .chr($codepoint >> 12 & 0x3f | 0x80)
250 .chr($codepoint >> 6 & 0x3f | 0x80)
251 .chr($codepoint & 0x3f | 0x80);
253 throw new Exception(
'Codepoint requested outside of Unicode range.');
258 $immune = array(
',',
'.',
'_');
259 for ($chr = 0; $chr < 0xFF; ++$chr) {
260 if ($chr >= 0x30 && $chr <= 0x39
261 || $chr >= 0x41 && $chr <= 0x5A
262 || $chr >= 0x61 && $chr <= 0x7A) {
264 $this->assertEquals($literal, twig_escape_filter($this->env, $literal,
'js'));
267 if (in_array($literal, $immune)) {
268 $this->assertEquals($literal, twig_escape_filter($this->env, $literal,
'js'));
270 $this->assertNotEquals(
272 twig_escape_filter($this->env, $literal,
'js'),
273 "$literal should be escaped!");
281 $immune = array(
',',
'.',
'-',
'_');
282 for ($chr = 0; $chr < 0xFF; ++$chr) {
283 if ($chr >= 0x30 && $chr <= 0x39
284 || $chr >= 0x41 && $chr <= 0x5A
285 || $chr >= 0x61 && $chr <= 0x7A) {
287 $this->assertEquals($literal, twig_escape_filter($this->env, $literal,
'html_attr'));
290 if (in_array($literal, $immune)) {
291 $this->assertEquals($literal, twig_escape_filter($this->env, $literal,
'html_attr'));
293 $this->assertNotEquals(
295 twig_escape_filter($this->env, $literal,
'html_attr'),
296 "$literal should be escaped!");
305 for ($chr = 0; $chr < 0xFF; ++$chr) {
306 if ($chr >= 0x30 && $chr <= 0x39
307 || $chr >= 0x41 && $chr <= 0x5A
308 || $chr >= 0x61 && $chr <= 0x7A) {
310 $this->assertEquals($literal, twig_escape_filter($this->env, $literal,
'css'));
313 $this->assertNotEquals(
315 twig_escape_filter($this->env, $literal,
'css'),
316 "$literal should be escaped!");
An exception for terminatinating execution or to throw for unit testing.
Stores the Twig configuration.
This class is adapted from code coming from Zend Framework.
testHtmlEscapingConvertsSpecialChars()
testJavascriptEscapingReturnsStringIfZeroLength()
testUrlEscapingConvertsSpecialChars()
testHtmlAttributeEscapingEscapesOwaspRecommendedRanges()
testJavascriptEscapingReturnsStringIfContainsOnlyDigits()
codepointToUtf8($codepoint)
Convert a Unicode Codepoint to a literal UTF-8 character.
testCssEscapingEscapesOwaspRecommendedRanges()
testCssEscapingReturnsStringIfZeroLength()
testHtmlAttributeEscapingConvertsSpecialChars()
testCssEscapingConvertsSpecialChars()
testUnicodeCodepointConversionToUtf8()
Range tests to confirm escaped range of characters is within OWASP recommendation.
testJavascriptEscapingConvertsSpecialChars()
testCssEscapingReturnsStringIfContainsOnlyDigits()
$htmlSpecialChars
All character encodings supported by htmlspecialchars().
testJavascriptEscapingEscapesOwaspRecommendedRanges()