From b0b0973e2dce0f430639aaf73b0fc538e1df44ab Mon Sep 17 00:00:00 2001
From: Harald Eilertsen <haraldei@anduin.net>
Date: Sun, 2 Jul 2023 19:12:09 +0200
Subject: unit tests: Cosmetic fixes in AntiXSSTest.php

- Start comments with capital letter
- Fix indentation
- Add missing doc comments
---
 tests/unit/AntiXSSTest.php | 54 +++++++++++++++++++++++++---------------------
 1 file changed, 29 insertions(+), 25 deletions(-)

(limited to 'tests/unit/AntiXSSTest.php')

diff --git a/tests/unit/AntiXSSTest.php b/tests/unit/AntiXSSTest.php
index 09642726f..f4ee984bc 100644
--- a/tests/unit/AntiXSSTest.php
+++ b/tests/unit/AntiXSSTest.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * tests several functions which are used to prevent xss attacks
+ * Tests several functions which are used to prevent xss attacks
  *
  * @package test.util
  */
@@ -12,7 +12,7 @@ require_once('include/text.php');
 class AntiXSSTest extends TestCase {
 
 	/**
-	 * test, that tags are escaped
+	 * Test, that tags are escaped
 	 */
 	public function testEscapeTags() {
 		$invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
@@ -24,28 +24,30 @@ class AntiXSSTest extends TestCase {
 		$this->assertEquals("&lt;submit type=&quot;button&quot; onclick=&quot;alert('failed!');&quot; /&gt;", $escapedString);
 	}
 
-  /**
-   * @dataProvider urlTestProvider
-   */
-  public function testEscapeURL($url, $expected) : void {
-    $this->assertEquals($expected, escape_url($url));
-  }
-
-  public function urlTestProvider() : array {
-    return [
-      [
-        "https://example.com/settings/calendar/?f=&rpath=https://example.com/cdav/calendar'><script>alert('boom')</script>",
-        "https://example.com/settings/calendar/?f=&amp;rpath=https://example.com/cdav/calendar&apos;&gt;&lt;script&gt;alert(&apos;boom&apos;)&lt;/script&gt;"
-      ],
-      [
-        "settings/calendar/?f=&rpath=https://example.com'+accesskey=x+onclick=alert(/boom/);a='",
-        "settings/calendar/?f=&amp;rpath=https://example.com&apos;+accesskey=x+onclick=alert(/boom/);a=&apos;"
-      ],
-    ];
-  }
+	/**
+	 * Test escaping URL's to make them safe for use in html and attributes.
+	 *
+	 * @dataProvider urlTestProvider
+	 */
+	public function testEscapeURL($url, $expected) : void {
+		$this->assertEquals($expected, escape_url($url));
+	}
+
+	public function urlTestProvider() : array {
+		return [
+			[
+				"https://example.com/settings/calendar/?f=&rpath=https://example.com/cdav/calendar'><script>alert('boom')</script>",
+				"https://example.com/settings/calendar/?f=&amp;rpath=https://example.com/cdav/calendar&apos;&gt;&lt;script&gt;alert(&apos;boom&apos;)&lt;/script&gt;"
+			],
+			[
+				"settings/calendar/?f=&rpath=https://example.com'+accesskey=x+onclick=alert(/boom/);a='",
+				"settings/calendar/?f=&amp;rpath=https://example.com&apos;+accesskey=x+onclick=alert(/boom/);a=&apos;"
+			],
+		];
+	}
 
 	/**
-	 *xmlify and unxmlify
+	 * Test xmlify and unxmlify
 	 */
 	public function testXmlify() {
 		$text="<tag>I want to break\n this!11!<?hard?></tag>";
@@ -56,7 +58,7 @@ class AntiXSSTest extends TestCase {
 	}
 
 	/**
-	 * xmlify and put in a document
+	 * Test xmlify and put in a document
 	 */
 	public function testXmlifyDocument() {
 		$tag="<tag>I want to break</tag>";
@@ -65,7 +67,9 @@ class AntiXSSTest extends TestCase {
 
 		$xml_parser=xml_parser_create();
 		//should be possible to parse it
-		$values=array(); $index=array();
+		$values=array();
+		$index=array();
+
 		$this->assertEquals(1, xml_parse_into_struct($xml_parser, $text, $values, $index));
 
 		$this->assertEquals(array('TEXT'=>array(0)),
@@ -77,7 +81,7 @@ class AntiXSSTest extends TestCase {
 	}
 
 	/**
-	 * test hex2bin and reverse
+	 * Test hex2bin and reverse
 	 */
 	public function testHex2Bin() {
 		$this->assertEquals(-3, hex2bin(bin2hex(-3)));
-- 
cgit v1.2.3


From 7bd2de996750830aca191853345e0b798d68f16a Mon Sep 17 00:00:00 2001
From: Harald Eilertsen <haraldei@anduin.net>
Date: Sun, 2 Jul 2023 19:33:23 +0200
Subject: unit-tests: There's no need to test builtin func hex2bin

---
 tests/unit/AntiXSSTest.php | 10 ----------
 1 file changed, 10 deletions(-)

(limited to 'tests/unit/AntiXSSTest.php')

diff --git a/tests/unit/AntiXSSTest.php b/tests/unit/AntiXSSTest.php
index f4ee984bc..6b24cc9e3 100644
--- a/tests/unit/AntiXSSTest.php
+++ b/tests/unit/AntiXSSTest.php
@@ -80,16 +80,6 @@ class AntiXSSTest extends TestCase {
 		xml_parser_free($xml_parser);
 	}
 
-	/**
-	 * Test hex2bin and reverse
-	 */
-	public function testHex2Bin() {
-		$this->assertEquals(-3, hex2bin(bin2hex(-3)));
-		$this->assertEquals(0, hex2bin(bin2hex(0)));
-		$this->assertEquals(12, hex2bin(bin2hex(12)));
-		$this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
-	}
-
 	//function qp, quick and dirty??
 	//get_mentions
 	//get_contact_block, bis Zeile 538
-- 
cgit v1.2.3


From 6f13cabfba7fb3b64ccc9647f1c58ad4a8ec5286 Mon Sep 17 00:00:00 2001
From: Harald Eilertsen <haraldei@anduin.net>
Date: Wed, 5 Jul 2023 20:44:49 +0200
Subject: tests: Don't explicitly require CUT in AntiXSSTest.

Rely on PHPUnit config to load the app and the code under test.
---
 tests/unit/AntiXSSTest.php | 2 --
 1 file changed, 2 deletions(-)

(limited to 'tests/unit/AntiXSSTest.php')

diff --git a/tests/unit/AntiXSSTest.php b/tests/unit/AntiXSSTest.php
index 6b24cc9e3..1de9d54cd 100644
--- a/tests/unit/AntiXSSTest.php
+++ b/tests/unit/AntiXSSTest.php
@@ -7,8 +7,6 @@
 
 use PHPUnit\Framework\TestCase;
 
-require_once('include/text.php');
-
 class AntiXSSTest extends TestCase {
 
 	/**
-- 
cgit v1.2.3