linuxserver/Heimdall
1
0
Fork 0
mirror of https://github.com/linuxserver/Heimdall.git synced 2025-11-02 14:07:49 +09:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
Files
2df58472a14fa315dcedac42ee428e4044b4551b
Heimdall/tests/Feature/SVGSanitizerTest.php
Chris Hunt 2df58472a1 Fix uploads and displaying of malicious SVG files
2025-07-13 17:00:23 +01:00

24 lines
738 B
PHP
Raw Blame History

<?php
use Tests\TestCase;
use enshrined\svgSanitize\Sanitizer;
class SVGSanitizerTest extends TestCase
{
public function testSvgSanitization()
{
$sanitizer = new Sanitizer();
$maliciousSvg = '<svg><script>alert("XSS")</script></svg>';
$sanitizedSvg = $sanitizer->sanitize($maliciousSvg);
$this->assertStringNotContainsString('<script>', $sanitizedSvg);
}
public function testValidSvgSanitization()
{
$sanitizer = new Sanitizer();
$validSvg = '<svg><circle cx="50" cy="50" r="40" stroke="black" stroke-width="3" fill="red" /></svg>';
$sanitizedSvg = $sanitizer->sanitize($validSvg);
$this->assertStringContainsString('<circle', $sanitizedSvg);
}
}
Reference in New Issue View Git Blame Copy Permalink