Skip to content

Commit d796496

Browse files
matteoc99matteoc99
committed
preparing v2
1 parent b0f044c commit d796496

File tree

2 files changed

+34
-10
lines changed

2 files changed

+34
-10
lines changed

tests/ApiTest/UpdateTest.php

+2
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@
22

33
namespace Matteoc99\LaravelPreference\Tests\ApiTest;
44

5+
use Matteoc99\LaravelPreference\Utils\ConfigHelper;
6+
57
class UpdateTest extends ApiTestCase
68
{
79
/** @test */

tests/ApiTest/WorkflowTest.php

+32-10
Original file line numberDiff line numberDiff line change
@@ -4,17 +4,15 @@
44

55
use Matteoc99\LaravelPreference\Enums\Cast;
66
use Matteoc99\LaravelPreference\Factory\PreferenceBuilder;
7-
use Matteoc99\LaravelPreference\Rules\InRule;
87
use Matteoc99\LaravelPreference\Tests\TestSubjects\Enums\General;
98
use Matteoc99\LaravelPreference\Tests\TestSubjects\Enums\VideoPreferences;
109
use Matteoc99\LaravelPreference\Tests\TestSubjects\Models\LowerThanRule;
10+
use Matteoc99\LaravelPreference\Utils\ConfigHelper;
1111

1212
class WorkflowTest extends ApiTestCase
1313
{
1414

1515

16-
17-
1816
/** @test */
1917
public function test_workflow()
2018
{
@@ -38,22 +36,46 @@ public function test_int_workflow()
3836
$video = $this->get(route('preferences.user.video.get', ['scope_id' => 1, 'preference' => 'quality']));
3937
$video->assertSuccessful();
4038

41-
$video->assertJson(['value'=>2]);
39+
$video->assertJson(['value' => 2]);
4240

43-
$video = $this->patch(route('preferences.user.video.update', ['scope_id' => 1, 'preference' => 'quality']),[
44-
'value'=>4
41+
$video = $this->patch(route('preferences.user.video.update', ['scope_id' => 1, 'preference' => 'quality']), [
42+
'value' => 4
4543
]);
46-
$video->assertJson(['value'=>4]);
44+
$video->assertJson(['value' => 4]);
4745

4846
$video = $this->delete(route('preferences.user.video.delete', ['scope_id' => 1, 'preference' => 'quality']));
4947

50-
$video->assertJson(['value'=>2]);
48+
$video->assertJson(['value' => 2]);
5149

52-
$video = $this->patch(route('preferences.user.video.update', ['scope_id' => 1, 'preference' => 'quality']),[
53-
'value'=>40
50+
$video = $this->patch(route('preferences.user.video.update', ['scope_id' => 1, 'preference' => 'quality']), [
51+
'value' => 40
5452
]);
5553

5654
$video->assertRedirect();
5755
}
5856

57+
/** @test */
58+
59+
public function test_xss_workflow()
60+
{
61+
PreferenceBuilder::init(General::EMAILS)->create();
62+
63+
$xssInput = '<span/onmouseover=confirm(1)>X</span>';
64+
65+
$response = $this->patch(route('preferences.user.general.update', ['scope_id' => 1, 'preference' => 'emails']), [
66+
'value' => $xssInput
67+
]);
68+
69+
$response->assertSuccessful();
70+
71+
$email = $this->get(route('preferences.user.general.get', ['scope_id' => 1, 'preference' => 'emails']));
72+
73+
if (ConfigHelper::isXssCleanEnabled()) {
74+
$email->assertJson(['value' => '<span/>X</span>']);
75+
} else {
76+
$email->assertJson(['value' => $xssInput]);
77+
}
78+
}
79+
80+
5981
}

0 commit comments

Comments
 (0)