public function testEscapingOutput() { $this->decoratedFormatter->setStyle('error', new OutputFormatterStyle('white', 'red')); $this->decoratedFormatter->setStyle('info', new OutputFormatterStyle('green')); $this->decoratedFormatter->setStyle('comment', new OutputFormatterStyle('yellow')); $this->decoratedFormatter->setStyle('question', new OutputFormatterStyle('black', 'cyan')); $this->assertSame('a<script>evil();</script>a', $this->decoratedFormatter->format('a<script>evil();</script>a')); $this->assertSame('<script><span style="color:rgba(50,230,50,1)">evil();</span></script>', $this->decoratedFormatter->format('<script><info>evil();</info></script>')); $this->assertSame('<span style="color:rgba(50,230,50,1)">a</span>' . '<span style="color:rgba(50,230,50,1)"><script></span>' . '<span style="color:rgba(250,250,250,1);background-color:rgba(230,50,50,1)">evil();</span>' . '<span style="color:rgba(50,230,50,1)"></script></span>', $this->decoratedFormatter->format('<info>a<script><error>evil();</error></script>')); $this->assertSame('<span style="color:rgba(50,230,50,1)">a&lt;</span>' . '<span style="color:rgba(50,230,50,1)"><script></span>' . '<span style="color:rgba(50,230,50,1)">evil();</span>' . '<span style="color:rgba(50,230,50,1)"></script></span>', $this->decoratedFormatter->format('<info>a<<script><info>evil();</info></script>')); }
public function testEscapingOutput() { $raw_formatter = new OutputFormatter(true); $decorated_formatter = new HtmlOutputFormatterDecorator($raw_formatter); $decorated_formatter->setStyle('error', new HtmlOutputFormatterStyle('white', 'red')); $decorated_formatter->setStyle('info', new HtmlOutputFormatterStyle('green')); $decorated_formatter->setStyle('comment', new HtmlOutputFormatterStyle('yellow')); $decorated_formatter->setStyle('question', new HtmlOutputFormatterStyle('black', 'cyan')); $this->assertSame('a<script>evil();</script>a', $decorated_formatter->format('a<script>evil();</script>a')); $this->assertSame('<script><span style="color:rgba(50,230,50,1)">evil();</span></script>', $decorated_formatter->format('<script><info>evil();</info></script>')); $this->assertSame('<span style="color:rgba(50,230,50,1)">a<script><info>evil();</span></script>', $decorated_formatter->format('<info>a<script><info>evil();</info></script>')); $this->assertSame('<span style="color:rgba(50,230,50,1)">a&lt;<script><info>evil();</span></script>', $decorated_formatter->format('<info>a<<script><info>evil();</info></script>')); }