/** * A setter for raw request string * @param string $request */ public static function setRawRequest($request = '') { // it is posiible to set rawRequest more than one time for test mode only if (!empty(self::$rawRequest) && !Yii::app()->controller->getIsTestMode()) { throw new Exception(__CLASS__ . '::$rawRequest should not be set twice'); } self::$rawRequest = $request; }
public function testSanatize() { $_GET['xss'] = "hello <script>alert('world')</script>"; $_GET['xss2'] = array("hello <script>alert('world')</script>"); $Request = new Request(); $this->assertEqual($Request->rawGet('xss'), "hello <script>alert('world')</script>"); $this->assertEqual($Request->get('xss'), "hello "); $this->assertEqual($Request->get('xss2'), array("hello ")); $_POST['xss'] = "hello <script>alert('world')</script>"; $_POST['xss2'] = array("hello <script>alert('world')</script>"); $Request = new Request(); $this->assertEqual($Request->rawPost('xss'), "hello <script>alert('world')</script>"); $this->assertEqual($Request->post('xss'), "hello "); $this->assertEqual($Request->post('xss2'), array("hello ")); $_REQUEST['xss'] = "hello <script>alert('world')</script>"; $_REQUEST['xss2'] = array("hello <script>alert('world')</script>"); $Request = new Request(); $this->assertEqual($Request->rawRequest('xss'), "hello <script>alert('world')</script>"); $this->assertEqual($Request->request('xss'), "hello "); $this->assertEqual($Request->request('xss2'), array("hello ")); }