Files
InvoiceShelf/tests/Unit/PdfHtmlSanitizerTest.php
Darko Gjorgjijoski 6d1816bd1b refactor: reorganize app/Services and app/Support by domain
The app/Services/ directory had grown into 22 flat files at the root plus 7 uneven subdirectories — finding anything required scrolling through an alphabetical mix of small CRUD services, infrastructure drivers, and install-time utilities. This commit groups services by domain, folds Backup into a new Storage namespace, and moves framework-infrastructure and install-time helpers out of Services and into Support where they belong.

New Services layout: Documents/ (Invoice, Estimate, RecurringInvoice, Payment, Expense, Transaction, DocumentItem, SerialNumber, Currency — matches the 'Documents' navigation group); Company/ (Company, Member, Invitation); Mail/ (MailConfiguration, CompanyMailConfig); Storage/ (FileDisk, plus Backup folded in). ExchangeRateProviderService moves next to its drivers in ExchangeRate/; FontService moves into Pdf/ where it belongs. CustomerService, ItemService, CustomFieldService stay at the Services root as standalone single-file domains.

Moves to Support/: Hashids/ (library wrapper — not business logic); Setup/ (one-shot install-time utilities — stateless helpers); Pdf/ (ImageUtils, PdfTemplateUtils, plus the existing PdfHtmlSanitizer consolidated into the same subdir). These are all framework infrastructure and stateless utilities — the 'service' label never really fit them.

Namespace declarations in 29 moved files updated to match new paths. 62 consumer files (controllers, other services, tests, database factories, seeders, routes, bootstrap/providers.php) have their use statements rewritten via a literal-string replacement script — no regex meant no risk of half-matching. Three Documents services needed an explicit 'use App\Services\Mail\CompanyMailConfigService' added because the same-namespace short reference they relied on no longer resolves after the split.

Verified: composer dump-autoload, 350 tests pass (850 assertions), vendor/bin/pint clean, npm run build succeeds.
2026-04-11 10:00:00 +02:00

73 lines
2.6 KiB
PHP

<?php
use App\Support\Pdf\PdfHtmlSanitizer;
it('removes img tags that could trigger SSRF during PDF rendering', function () {
$html = "<p>Hi</p><img src='http://example.com/x'>";
expect(PdfHtmlSanitizer::sanitize($html))->not->toContain('<img');
});
it('preserves basic formatting tags', function () {
$html = '<p><b>Bold</b> and <i>italic</i></p>';
expect(PdfHtmlSanitizer::sanitize($html))->toContain('<b>')->toContain('<i>');
});
it('strips style and link attributes that may carry URLs', function () {
$html = '<p style="background:url(http://example.com/)">x</p><a href="http://evil">y</a>';
$out = PdfHtmlSanitizer::sanitize($html);
expect($out)->not->toContain('style=')->not->toContain('href=')->not->toContain('example.com');
});
it('returns empty string for empty input', function () {
expect(PdfHtmlSanitizer::sanitize(''))->toBe('');
});
it('normalizes legacy closing-br markup so lines are not collapsed in PDF output', function () {
$html = 'line1</br>line2';
$out = PdfHtmlSanitizer::sanitize($html);
expect($out)->toContain('<br')->toContain('line1')->toContain('line2');
expect($out)->not->toBe('line1line2');
});
it('strips SSRF vectors injected via address-template placeholders', function () {
// Simulates the output of GeneratesPdfTrait::getFormattedString() after a
// malicious customer name like "Acme <img src='http://attacker/probe'>" has
// been substituted into an address template via {BILLING_ADDRESS_NAME}.
$html = "Acme <img src='http://attacker.test/probe'><br />123 Main St<br />Springfield";
$out = PdfHtmlSanitizer::sanitize($html);
expect($out)->not->toContain('<img');
expect($out)->not->toContain('src=');
expect($out)->not->toContain('attacker.test');
expect($out)->toContain('Acme');
expect($out)->toContain('123 Main St');
expect($out)->toContain('Springfield');
});
it('strips iframe and link tags that could trigger SSRF', function () {
$html = '<iframe src="http://attacker/x"></iframe><link rel="stylesheet" href="http://attacker/y.css">Hello';
$out = PdfHtmlSanitizer::sanitize($html);
expect($out)->not->toContain('<iframe');
expect($out)->not->toContain('<link');
expect($out)->not->toContain('attacker');
expect($out)->toContain('Hello');
});
it('strips on* event handler attributes from allowed tags', function () {
$html = '<p onload="alert(1)" onclick="x">click me</p>';
$out = PdfHtmlSanitizer::sanitize($html);
expect($out)->not->toContain('onload')->not->toContain('onclick')->not->toContain('alert');
expect($out)->toContain('click me');
});