protected function preparePostRedirectContent(HttpPostRedirect $reply) { $formInputs = ''; foreach ($reply->getFields() as $name => $value) { $formInputs .= sprintf('<input type="hidden" name="%1$s" value="%2$s" />', htmlspecialchars($name, ENT_QUOTES, 'UTF-8'), htmlspecialchars($value, ENT_QUOTES, 'UTF-8')) . "\n"; } $layout = <<<'HTML' <form id="post_redirect" action="%1$s" method="post"> <p>Redirecting to payment page...</p> <p>%2$s</p> </form> <script>$('#post_redirect').submit()</script> HTML; return sprintf($layout, htmlspecialchars($reply->getUrl(), ENT_QUOTES, 'UTF-8'), $formInputs); }
/** * @test */ public function shouldEscapeHtmlSpecialChars() { $expectedContent = <<<'HTML' <!DOCTYPE html> <html> <head> <title>Redirecting...</title> </head> <body onload="document.forms[0].submit();"> <form action="theUrl" method="post"> <p>Redirecting to payment page...</p> <p><input type="hidden" name="foo" value="<>&"" /> <input type="submit" value="Continue" /></p> </form> </body> </html> HTML; $request = new HttpPostRedirect('theUrl', array('foo' => '<>&"')); $this->assertEquals($expectedContent, $request->getContent()); }
/** * @test */ public function shouldAllowGetCustomHeadersSetInConstructor() { $expectedHeaders = array('foo' => 'fooVal', 'bar' => 'barVal'); $request = new HttpPostRedirect('anUrl', array(), 200, $expectedHeaders); $this->assertEquals($expectedHeaders, $request->getHeaders()); }