Merge pull request #5770 from JoshyPHP/ticket/16250

[ticket/16250] Add a service to check BBCodes safeness in ACP
author: Marc Alexander <admin@m-a-styles.de> 2019-12-21 10:34:17 +0100
committer: Marc Alexander <admin@m-a-styles.de> 2019-12-21 10:34:17 +0100
commit: d26622e9921fdabff9186e0a2e47a2f8ed0a1238 (patch)
tree: 95dfd71fc22e95776768de6a978548f0adbdb8ac /tests/functional/acp_bbcodes_test.php
parent: 0b3eb2f9eaac66cf76e40703f77f362d1e42e86c (diff)
parent: 2733ce07129dceb5b60acdceba1689fa5339a523 (diff)
download: forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar
forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar.gz
forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar.bz2
forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar.xz
forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.zip
1 files changed, 40 insertions, 0 deletions
diff --git a/tests/functional/acp_bbcodes_test.php b/tests/functional/acp_bbcodes_test.php
index 58681dfa07..cc6397fdfd 100644
--- a/tests/functional/acp_bbcodes_test.php
+++ b/tests/functional/acp_bbcodes_test.php
@@ -43,4 +43,44 @@ class phpbb_functional_acp_bbcodes_test extends phpbb_functional_test_case
 		$this->assertContains('<div>c</div>', $html);
 		$this->assertContains('<div>d</div>', $html);
 	}
+
+	/**
+	* @dataProvider get_bbcode_error_tests
+	*/
+	public function test_bbcode_error($match, $tpl, $error)
+	{
+		$this->login();
+		$this->admin_login();
+
+		$crawler = self::request('GET', 'adm/index.php?i=acp_bbcodes&sid=' . $this->sid . '&mode=bbcodes&action=add');
+		$form = $crawler->selectButton('Submit')->form([
+			'bbcode_match' => $match,
+			'bbcode_tpl'   => $tpl
+		]);
+		$crawler = self::submit($form);
+
+		$text = $crawler->filter('.errorbox')->text();
+		$this->assertStringContainsString($error, $text);
+	}
+
+	public function get_bbcode_error_tests()
+	{
+		return [
+			[
+				'XXX',
+				'',
+				'BBCode is constructed in an invalid form'
+			],
+			[
+				'[x]{TEXT}[/x]',
+				'<xsl:invalid',
+				'template is invalid'
+			],
+			[
+				'[x]{TEXT}[/x]',
+				'<script>{TEXT}</script>',
+				'unsafe'
+			],
+		];
+	}
 }
author	Marc Alexander <admin@m-a-styles.de>	2019-12-21 10:34:17 +0100
committer	Marc Alexander <admin@m-a-styles.de>	2019-12-21 10:34:17 +0100
commit	d26622e9921fdabff9186e0a2e47a2f8ed0a1238 (patch)
tree	95dfd71fc22e95776768de6a978548f0adbdb8ac /tests/functional/acp_bbcodes_test.php
parent	0b3eb2f9eaac66cf76e40703f77f362d1e42e86c (diff)
parent	2733ce07129dceb5b60acdceba1689fa5339a523 (diff)
download	forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar.gz forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar.bz2 forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.tar.xz forums-d26622e9921fdabff9186e0a2e47a2f8ed0a1238.zip