Skip to content
Permalink
Browse files Browse the repository at this point in the history
Add test on stored xss
  • Loading branch information
trasher committed Apr 5, 2021
1 parent 8a67f62 commit f54b257
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions tests/Galette/Entity/tests/units/Adherent.php
Expand Up @@ -432,4 +432,24 @@ public function testParents()
$this->boolean($child->store())->isTrue();
$this->variable($child->parent)->isNull();
}

/**
* Test XSS/SQL injection
*
* @return void
*/
public function testInjection()
{
$data = [
'nom_adh' => 'Doe',
'prenom_adh' => 'Johny <script>console.log("anything");</script>',
'email_adh' => 'jdoe@doe.com',
'login_adh' => 'jdoe',
'info_public_adh' => 'Any <script>console.log("useful");</script> information'
] + $this->dataAdherentOne();
$member = $this->createMember($data);

$this->string($member->sfullname)->isIdenticalTo('DOE Johny Console.log("anything");');
$this->string($member->others_infos)->isIdenticalTo('Any console.log("useful"); information');
}
}

0 comments on commit f54b257

Please sign in to comment.