summaryrefslogtreecommitdiffstats
path: root/vendor/ZendXml/tests
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/ZendXml/tests')
-rw-r--r--vendor/ZendXml/tests/Bootstrap.php92
-rw-r--r--vendor/ZendXml/tests/ZendXmlTest/SecurityTest.php152
-rwxr-xr-xvendor/ZendXml/tests/phpunit.xml.dist27
3 files changed, 271 insertions, 0 deletions
diff --git a/vendor/ZendXml/tests/Bootstrap.php b/vendor/ZendXml/tests/Bootstrap.php
new file mode 100644
index 000000000..a9d0e6a55
--- /dev/null
+++ b/vendor/ZendXml/tests/Bootstrap.php
@@ -0,0 +1,92 @@
+<?php
+/**
+ * Zend Framework (http://framework.zend.com/)
+ *
+ * @link http://github.com/zendframework/zf2 for the canonical source repository
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license http://framework.zend.com/license/new-bsd New BSD License
+ * @package Zend
+ */
+
+/**
+ * Set error reporting to the level to which Zend Framework code must comply.
+ */
+error_reporting( E_ALL | E_STRICT );
+
+if (class_exists('PHPUnit_Runner_Version', true)) {
+ $phpUnitVersion = PHPUnit_Runner_Version::id();
+ if ('@package_version@' !== $phpUnitVersion && version_compare($phpUnitVersion, '3.7.0', '<')) {
+ echo 'This version of PHPUnit (' .
+ PHPUnit_Runner_Version::id() .
+ ') is not supported for ZendXml unit tests - use v 3.7.0 or higher.'
+ . PHP_EOL
+ ;
+ exit(1);
+ }
+ unset($phpUnitVersion);
+}
+
+/**
+ * Setup autoloading
+ */
+// Try to use Composer autoloader
+if (file_exists(__DIR__ . '/../vendor/autoload.php')) {
+ include_once __DIR__ . '/../vendor/autoload.php';
+}
+// ... or use a simple SPL autoloader
+else{
+
+ // update include path
+ set_include_path(implode(PATH_SEPARATOR, array(
+ __DIR__.'/../src',
+ __DIR__,
+ get_include_path()
+ )));
+
+ /**
+ * @link https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-0.md#example-implementation
+ */
+ spl_autoload_register(function ($className) {
+ $className = ltrim($className, '\\');
+ $fileName = '';
+ $namespace = '';
+ if ($lastNsPos = strrpos($className, '\\')) {
+ $namespace = substr($className, 0, $lastNsPos);
+ $className = substr($className, $lastNsPos + 1);
+ $fileName = str_replace('\\', DIRECTORY_SEPARATOR, $namespace) . DIRECTORY_SEPARATOR;
+ }
+ $fileName .= str_replace('_', DIRECTORY_SEPARATOR, $className) . '.php';
+ require $fileName;
+ });
+
+}
+
+/**
+ * Code coverage option
+ */
+if (defined('TESTS_GENERATE_REPORT') && TESTS_GENERATE_REPORT === true) {
+ $codeCoverageFilter = new PHP_CodeCoverage_Filter();
+
+ $lastArg = end($_SERVER['argv']);
+ if (is_dir($zfCoreTests . '/' . $lastArg)) {
+ $codeCoverageFilter->addDirectoryToWhitelist($zfCoreLibrary . '/' . $lastArg);
+ } elseif (is_file($zfCoreTests . '/' . $lastArg)) {
+ $codeCoverageFilter->addDirectoryToWhitelist(dirname($zfCoreLibrary . '/' . $lastArg));
+ } else {
+ $codeCoverageFilter->addDirectoryToWhitelist($zfCoreLibrary);
+ }
+
+ /*
+ * Omit from code coverage reports the contents of the tests directory
+ */
+ $codeCoverageFilter->addDirectoryToBlacklist($zfCoreTests, '');
+ $codeCoverageFilter->addDirectoryToBlacklist(PEAR_INSTALL_DIR, '');
+ $codeCoverageFilter->addDirectoryToBlacklist(PHP_LIBDIR, '');
+
+ unset($codeCoverageFilter);
+}
+
+/*
+ * Unset global variables that are no longer needed.
+ */
+unset($phpUnitVersion);
diff --git a/vendor/ZendXml/tests/ZendXmlTest/SecurityTest.php b/vendor/ZendXml/tests/ZendXmlTest/SecurityTest.php
new file mode 100644
index 000000000..0f0fbffba
--- /dev/null
+++ b/vendor/ZendXml/tests/ZendXmlTest/SecurityTest.php
@@ -0,0 +1,152 @@
+<?php
+/**
+ * Zend Framework (http://framework.zend.com/)
+ *
+ * @link http://github.com/zendframework/zf2 for the canonical source repository
+ * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license http://framework.zend.com/license/new-bsd New BSD License
+ */
+namespace ZendTest\Xml;
+
+use ZendXml\Security as XmlSecurity;
+use ZendXml\Exception;
+use DOMDocument;
+use SimpleXMLElement;
+
+class SecurityTest extends \PHPUnit_Framework_TestCase
+{
+ /**
+ * @expectedException ZendXml\Exception\RuntimeException
+ */
+ public function testScanForXEE()
+ {
+ $xml = <<<XML
+<?xml version="1.0"?>
+<!DOCTYPE results [<!ENTITY harmless "completely harmless">]>
+<results>
+ <result>This result is &harmless;</result>
+</results>
+XML;
+
+ $this->setExpectedException('ZendXml\Exception\RuntimeException');
+ $result = XmlSecurity::scan($xml);
+ }
+
+ public function testScanForXXE()
+ {
+ $file = tempnam(sys_get_temp_dir(), 'ZendXml_Security');
+ file_put_contents($file, 'This is a remote content!');
+ $xml = <<<XML
+<?xml version="1.0"?>
+<!DOCTYPE root
+[
+<!ENTITY foo SYSTEM "file://$file">
+]>
+<results>
+ <result>&foo;</result>
+</results>
+XML;
+
+ try {
+ $result = XmlSecurity::scan($xml);
+ } catch (Exception\RuntimeException $e) {
+ unlink($file);
+ return;
+ }
+ $this->fail('An expected exception has not been raised.');
+ }
+
+ public function testScanSimpleXmlResult()
+ {
+ $result = XmlSecurity::scan($this->getXml());
+ $this->assertTrue($result instanceof SimpleXMLElement);
+ $this->assertEquals($result->result, 'test');
+ }
+
+ public function testScanDom()
+ {
+ $dom = new DOMDocument('1.0');
+ $result = XmlSecurity::scan($this->getXml(), $dom);
+ $this->assertTrue($result instanceof DOMDocument);
+ $node = $result->getElementsByTagName('result')->item(0);
+ $this->assertEquals($node->nodeValue, 'test');
+ }
+
+ /**
+ * @requires PHP 5.4
+ */
+ public function testScanDomHTML()
+ {
+ // loadHtml accepts constants in php >= 5.4
+ // http://php.net/manual/de/domdocument.loadhtml.php
+ $dom = new DOMDocument('1.0');
+ $html = <<<HTML
+<p>a simple test</p>
+HTML;
+ $constants = LIBXML_HTML_NODEFDTD | LIBXML_HTML_NOIMPLIED;
+ $result = XmlSecurity::scanHtml($html, $dom, $constants);
+ $this->assertTrue($result instanceof DOMDocument);
+ $this->assertEquals($html, trim($result->saveHtml()));
+ }
+
+ public function testScanInvalidXml()
+ {
+ $xml = <<<XML
+<foo>test</bar>
+XML;
+
+ $result = XmlSecurity::scan($xml);
+ $this->assertFalse($result);
+ }
+
+ public function testScanInvalidXmlDom()
+ {
+ $xml = <<<XML
+<foo>test</bar>
+XML;
+
+ $dom = new DOMDocument('1.0');
+ $result = XmlSecurity::scan($xml, $dom);
+ $this->assertFalse($result);
+ }
+
+ public function testScanFile()
+ {
+ $file = tempnam(sys_get_temp_dir(), 'ZendXml_Security');
+ file_put_contents($file, $this->getXml());
+
+ $result = XmlSecurity::scanFile($file);
+ $this->assertTrue($result instanceof SimpleXMLElement);
+ $this->assertEquals($result->result, 'test');
+ unlink($file);
+ }
+
+ public function testScanXmlWithDTD()
+ {
+ $xml = <<<XML
+<?xml version="1.0"?>
+<!DOCTYPE results [
+<!ELEMENT results (result+)>
+<!ELEMENT result (#PCDATA)>
+]>
+<results>
+ <result>test</result>
+</results>
+XML;
+
+ $dom = new DOMDocument('1.0');
+ $result = XmlSecurity::scan($xml, $dom);
+ $this->assertTrue($result instanceof DOMDocument);
+ $this->assertTrue($result->validate());
+ }
+
+ protected function getXml()
+ {
+ return <<<XML
+<?xml version="1.0"?>
+<results>
+ <result>test</result>
+</results>
+XML;
+ }
+}
diff --git a/vendor/ZendXml/tests/phpunit.xml.dist b/vendor/ZendXml/tests/phpunit.xml.dist
new file mode 100755
index 000000000..069784bd7
--- /dev/null
+++ b/vendor/ZendXml/tests/phpunit.xml.dist
@@ -0,0 +1,27 @@
+<phpunit bootstrap="./Bootstrap.php" colors="true">
+ <testsuites>
+ <testsuite name="ZendXml Test Suite">
+ <directory>./ZendXmlTest</directory>
+ <exclude>./ZendXmlTest/TestAsset</exclude>
+ </testsuite>
+ </testsuites>
+
+ <groups>
+ <exclude>
+ </exclude>
+ </groups>
+
+ <listeners>
+ </listeners>
+
+ <filter>
+ <blacklist>
+ <directory suffix=".php">./ZendXmlTest</directory>
+ <directory>../vendor</directory>
+ </blacklist>
+ </filter>
+
+ <php>
+ </php>
+
+</phpunit>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 16:37:13 +0000