Changeset 45607 for trunk/tests/phpunit/tests/kses.php
- Timestamp:
- 07/08/2019 12:55:20 AM (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/tests/phpunit/tests/kses.php
r45588 r45607 149 149 foreach ( $bad as $k => $x ) { 150 150 $result = wp_kses_bad_protocol( wp_kses_normalize_entities( $x ), wp_allowed_protocols() ); 151 if ( ! empty( $result ) && $result != 'alert(1);' && $result != 'alert(1)') {151 if ( ! empty( $result ) && 'alert(1);' !== $result && 'alert(1)' !== $result ) { 152 152 switch ( $k ) { 153 153 case 6: … … 184 184 foreach ( $safe as $x ) { 185 185 $result = wp_kses_bad_protocol( wp_kses_normalize_entities( $x ), array( 'http', 'https', 'dummy' ) ); 186 if ( $result != $x && $result != 'http://example.org/') {186 if ( $result !== $x && 'http://example.org/' !== $result ) { 187 187 $this->fail( "wp_kses_bad_protocol incorrectly blocked $x" ); 188 188 } … … 193 193 $xss = simplexml_load_file( DIR_TESTDATA . '/formatting/xssAttacks.xml' ); 194 194 foreach ( $xss->attack as $attack ) { 195 if ( in_array( $attack->name, array( 'IMG Embedded commands 2', 'US-ASCII encoding', 'OBJECT w/Flash 2', 'Character Encoding Example' )) ) {195 if ( in_array( (string) $attack->name, array( 'IMG Embedded commands 2', 'US-ASCII encoding', 'OBJECT w/Flash 2', 'Character Encoding Example' ), true ) ) { 196 196 continue; 197 197 } … … 199 199 $code = (string) $attack->code; 200 200 201 if ( $code == 'See Below') {201 if ( 'See Below' === $code ) { 202 202 continue; 203 203 } 204 204 205 if ( substr( $code, 0, 4 ) == 'perl' ) {205 if ( substr( $code, 0, 4 ) === 'perl' ) { 206 206 $pos = strpos( $code, '"' ) + 1; 207 207 $code = substr( $code, $pos, strrpos( $code, '"' ) - $pos ); … … 211 211 $result = trim( wp_kses_data( $code ) ); 212 212 213 if ( $result == '' || $result == 'XSS' || $result == 'alert("XSS");' || $result == "alert('XSS');") {213 if ( in_array( $result, array( '', 'XSS', 'alert("XSS");', "alert('XSS');" ), true ) ) { 214 214 continue; 215 215 } … … 325 325 326 326 function _wp_kses_allowed_html_filter( $html, $context ) { 327 if ( 'post' == $context ) {327 if ( 'post' === $context ) { 328 328 return array( 'a' => array( 'href' => true ) ); 329 329 } else {
Note: See TracChangeset
for help on using the changeset viewer.