. */ namespace SP\Tests\Domain\Html; use PHPUnit\Framework\Attributes\DataProvider; use PHPUnit\Framework\Attributes\Group; use SP\Domain\Html\Html; use SP\Tests\UnitaryTestCase; /** * Class HtmlTest * */ #[Group('unitary')] class HtmlTest extends UnitaryTestCase { public static function urlProvider(): array { return [ ['https://foo.com/'], ['https://foo.com/>'], ['https://foo.com/">'], ['https://foo.com/"%20onClick="alert(\'TEST\'")'], ['https://foo.com/" onClick="alert(\'TEST\')"'], ['mongodb+srv://cluster.foo.mongodb.net/bar'], ]; } public function testGetSafeUrlOk() { $url = self::$faker->url; $this->assertEquals($url, Html::getSafeUrl($url)); } #[DataProvider('urlProvider')] public function testGetSafeUrlEncoded(string $url) { $this->assertEquals(0, preg_match('/["<>\']+/', \SP\Domain\Html\Html::getSafeUrl($url))); } }