diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/unit/XmlRpcTest.php | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/tests/unit/XmlRpcTest.php b/tests/unit/XmlRpcTest.php index c245917..25dc186 100644 --- a/tests/unit/XmlRpcTest.php +++ b/tests/unit/XmlRpcTest.php @@ -23,4 +23,27 @@ class XmlRpcTest extends TestCase $this->assertEquals('wp.getUsersBlogs', $method->name); $this->assertEquals(['someuser', 'verysecretpassword'], $method->params); } + + public function testShouldNotExpandEntities(): void + { + $payload = <<<'XML' + <!DOCTYPE foo [ <!ENTITY xxx "expanded entity"> ]> + <methodCall> + <methodName>&xxx;</methodName> + </methodCall> + XML; + + $method = XmlRpcMethod::parse($payload); + + $this->assertNull($method); + } + + public function testInvalidXMLShouldThrowRuntimeException(): void + { + $payload = '<someTag>some content</otherTag>'; + + $this->expectException(\RuntimeException::class); + + XmlRpcMethod::parse($payload); + } } |