public function isSafeInCSS()
{
try {
$regexp = RegexpParser::getAllowedCharacterRegexp($this->vars['regexp']);
foreach (ContextSafeness::getDisallowedCharactersInCSS() as $char) {
if (\preg_match($regexp, $char)) {
return \false;
}
}
return \true;
} catch (Exception $e) {
return \false;
}
}
/**
* {@inheritdoc}
*/
public function isSafeInCSS()
{
try {
// Test whether this regexp could allow any character that's disallowed in URLs
$regexp = RegexpParser::getAllowedCharacterRegexp($this->vars['regexp']);
foreach (ContextSafeness::getDisallowedCharactersInCSS() as $char) {
if (preg_match($regexp, $char)) {
return false;
}
}
return true;
} catch (Exception $e) {
// If anything unexpected happens, we'll consider this filter is not safe
return false;
}
}
/**
* @testdox getAllowedCharacterRegexp() works
* @dataProvider getAllowedCharacterRegexpData
*/
public function testGetAllowedCharacterRegexp($regexp, $results)
{
$allowedCharRegexp = RegexpParser::getAllowedCharacterRegexp($regexp);
foreach ($results as $char => $result) {
if ($result) {
$methodName = 'assertRegExp';
$msg = var_export($regexp, true) . ' should match ' . var_export($char, true);
} else {
$methodName = 'assertNotRegExp';
$msg = var_export($regexp, true) . ' should not match ' . var_export($char, true);
}
$this->{$methodName}($allowedCharRegexp, (string) $char, $msg);
}
}
