protected static function _parseXml($file)
{
if (Configure::read('Hazard.debug')) {
return parent::_parseXml($file);
}
// Simulate the most important ones from the xml file to avoid API requests in CI testing
$array = [['code' => '\'\';!--"<XSS>=&{()}'], ['code' => '<SCRIPT>alert(\'XSS\')</SCRIPT>'], ['code' => '<STYLE>.XSS{background-image:url("javascript:alert(\'XSS\')");}</STYLE><A CLASS=XSS></A>']];
return $array;
}
/**
* @return array
*/
protected function _snippets()
{
if ($this->_snippets) {
return $this->_snippets;
}
$snippetArray = HazardLib::xssStrings();
$snippetArray[] = '<SCRIPT>alert(\'X\')</SCRIPT>';
$snippetArray[] = '<';
usort($snippetArray, [$this, '_sort']);
$this->_snippets = $snippetArray;
return $snippetArray;
}