diff --git a/.github/workflows/code_analysis.yaml b/.github/workflows/code_analysis.yaml
index a0ae72a..04d7d95 100644
--- a/.github/workflows/code_analysis.yaml
+++ b/.github/workflows/code_analysis.yaml
@@ -9,14 +9,17 @@ jobs:
strategy:
fail-fast: false
matrix:
- php: ['7.3', '7.4', '8.0', '8.1']
+ php:
+ # - '7.1' # incompatible tester
+ - '7.2'
+ - '7.3'
+ - '7.4'
+ - '8.0'
+ # - '8.1' # not yet compatible (PHP 8.1 RC2)
actions:
- name: PHPStan
run: composer phpstan
- - name: Easy Coding Standard
- run: composer ecs
-
- name: Unit tests
run: vendor/bin/tester tests -s -C
@@ -48,8 +51,6 @@ jobs:
${{ steps.composer-cache.outputs.dir }}
**/composer.lock
key: ${{ runner.os }}-${{ matrix.php }}-composer-${{ hashFiles('**/composer.json') }}
- restore-keys: |
- ${{ runner.os }}-${{ matrix.php }}-composer-
- name: Install Composer
diff --git a/README.md b/README.md
index a11fa73..cb79a66 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,7 @@ Package is substrate of [Latte package](https://github.com/nette/latte/)
- Escape HTML
- Escape HTML attributes
- Escape HTML comments
+- Escape XML
- Escape JS
- Escape URL
- Escape CSS
@@ -52,6 +53,10 @@ echo ''],
+ ['Foo\\
bar', Html::fromHtml('Foo
bar')]
+
];
}
@@ -165,6 +211,7 @@ public function getUrlArgs(): array
['a+b', 'a b'],
['a%27b', 'a\'b'],
['a%22b', 'a"b'],
+ ['Foo%3Cbr%3Ebar', Html::fromHtml('Foo
bar')]
];
}
@@ -175,6 +222,37 @@ public function testUrl(string $expected, $data): void
{
Assert::same($expected, Escape::url($data));
}
+
+ public function getNoescapeArgs(): array
+ {
+ return [
+ ['', null],
+ ['', ''],
+ ['1', 1],
+ ['string', 'string'],
+ ['
', '
'],
+ ['< & \' " >', '< & \' " >'],
+ ['"', '"'],
+ ['`hello', '`hello'],
+ ["foo \u{D800} bar", "foo \u{D800} bar"], // invalid codepoint high surrogates
+ ["foo \xE3\x80\x22 bar", "foo \xE3\x80\x22 bar"], // stripped UTF
+ ['Hello World', 'Hello World'],
+ ['Hello ', 'Hello '],
+ ["\" ' < > & \x8F", "\" ' < > & \x8F"],
+ ['`hello`', '`hello`'],
+ ['`
`', '`
`'],
+ ['Foo
bar', Html::fromHtml('Foo
bar')]
+ ];
+ }
+
+ /**
+ * @dataProvider getNoescapeArgs
+ */
+ public function testNoescape(string $expected, $data): void
+ {
+ Assert::same($expected, Escape::noescape($data));
+ }
+
}
(new EscapeTest())->run();