alert(1)OK
';
$output = ProfileHtmlSanitizer::sanitize($input);
$this->assertStringNotContainsString('assertStringNotContainsString('onclick=', $output);
$this->assertStringContainsString('OK
', $output);
}
public function testSanitizeStripsJavascriptUris(): void
{
$input = 'badgood';
$output = ProfileHtmlSanitizer::sanitize($input);
$this->assertStringNotContainsString('javascript:', $output);
$this->assertStringContainsString('https://example.org', $output);
}
public function testSanitizeScopesEmbeddedCss(): void
{
$input = 'Title
';
$output = ProfileHtmlSanitizer::sanitize($input);
$this->assertStringContainsString('.rescue-profile-scope', $output);
$this->assertStringContainsString('.rescue-profile-scope .hdr', $output);
$this->assertStringNotContainsString('