Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-06-18 00:04:26 +00:00
Code Issues Actions Projects Releases Wiki Activity
chill-bundles/src/Bundle/ChillMainBundle/Tests/Templating/ChillMarkdownRenderExtensionTest.php

77 lines
2.2 KiB
PHP
Raw Blame History

<?php
/*
* Chill is a software for social workers
*
* Copyright (C) 2014-2021, Champs Libres Cooperative SCRLFS,
* <http://www.champs-libres.coop>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace Chill\MainBundle\Tests\Templating;
use PHPUnit\Framework\TestCase;
use Chill\MainBundle\Templating\ChillMarkdownRenderExtension;
/**
* Test the service ChillMarkdownRenderExtension
*
* @internal we do not want to test the markdown transformation. We just want to
* test that the markdown is correctly transformed into html, and that the html
* is safe.
*/
class ChillMarkdownRenderExtensionTest extends TestCase
{
private const SIMPLE_MARKDOWN = <<<MD
# test
Text.
MD;
private const SIMPLE_HTML = <<<HTML
<h1>test</h1>
<p>Text.</p>
HTML;
private const UNAUTHORIZED_MARKDOWN = <<<MD
<script>alert("ok");</script>
MD;
private const UNAUTHORIZED_HTML = <<<HTML
<p>&lt;script&gt;alert(&quot;ok&quot;);&lt;/script&gt;</p>
HTML;
/**
* Test that the markdown input is transformed into html
*/
public function testRendering()
{
$extension = new ChillMarkdownRenderExtension();
$this->assertEquals(self::SIMPLE_HTML,
$extension->renderMarkdownToHtml(self::SIMPLE_MARKDOWN));
}
/**
* Test that the output of the markdown content is sanitized
*/
public function testSecurity()
{
$extension = new ChillMarkdownRenderExtension();
$this->assertEquals(self::UNAUTHORIZED_HTML,
$extension->renderMarkdownToHtml(self::UNAUTHORIZED_MARKDOWN));
}
}
Reference in New Issue View Git Blame Copy Permalink