public function XmlEncoderTest::testPreventsComplexExternalEntities in Zircon Profile 8
Same name and namespace in other branches
- 8.0 vendor/symfony/serializer/Tests/Encoder/XmlEncoderTest.php \Symfony\Component\Serializer\Tests\Encoder\XmlEncoderTest::testPreventsComplexExternalEntities()
File
- vendor/
symfony/ serializer/ Tests/ Encoder/ XmlEncoderTest.php, line 415
Class
Namespace
Symfony\Component\Serializer\Tests\EncoderCode
public function testPreventsComplexExternalEntities() {
$oldCwd = getcwd();
chdir(__DIR__);
try {
$this->encoder
->decode('<?xml version="1.0"?><!DOCTYPE scan[<!ENTITY test SYSTEM "php://filter/read=convert.base64-encode/resource=XmlEncoderTest.php">]><scan>&test;</scan>', 'xml');
chdir($oldCwd);
$this
->fail('No exception was thrown.');
} catch (\Exception $e) {
chdir($oldCwd);
if (!$e instanceof UnexpectedValueException) {
$this
->fail('Expected UnexpectedValueException');
}
}
}