Text.
HTML; private const SIMPLE_MARKDOWN = <<<'MD' # test Text. MD; private const UNAUTHORIZED_HTML = <<<'HTML'<script>alert("ok");</script>
HTML; private const UNAUTHORIZED_MARKDOWN = <<<'MD' MD; /** * Test that the markdown input is transformed into html. */ public function testRendering() { $extension = new ChillMarkdownRenderExtension(); $this->assertEquals( self::SIMPLE_HTML, $extension->renderMarkdownToHtml(self::SIMPLE_MARKDOWN) ); } /** * Test that the output of the markdown content is sanitized. */ public function testSecurity() { $extension = new ChillMarkdownRenderExtension(); $this->assertEquals( self::UNAUTHORIZED_HTML, $extension->renderMarkdownToHtml(self::UNAUTHORIZED_MARKDOWN) ); } }