mirror of
https://github.com/InvoiceShelf/InvoiceShelf.git
synced 2026-07-16 22:05:20 +00:00
The app/Services/ directory had grown into 22 flat files at the root plus 7 uneven subdirectories — finding anything required scrolling through an alphabetical mix of small CRUD services, infrastructure drivers, and install-time utilities. This commit groups services by domain, folds Backup into a new Storage namespace, and moves framework-infrastructure and install-time helpers out of Services and into Support where they belong. New Services layout: Documents/ (Invoice, Estimate, RecurringInvoice, Payment, Expense, Transaction, DocumentItem, SerialNumber, Currency — matches the 'Documents' navigation group); Company/ (Company, Member, Invitation); Mail/ (MailConfiguration, CompanyMailConfig); Storage/ (FileDisk, plus Backup folded in). ExchangeRateProviderService moves next to its drivers in ExchangeRate/; FontService moves into Pdf/ where it belongs. CustomerService, ItemService, CustomFieldService stay at the Services root as standalone single-file domains. Moves to Support/: Hashids/ (library wrapper — not business logic); Setup/ (one-shot install-time utilities — stateless helpers); Pdf/ (ImageUtils, PdfTemplateUtils, plus the existing PdfHtmlSanitizer consolidated into the same subdir). These are all framework infrastructure and stateless utilities — the 'service' label never really fit them. Namespace declarations in 29 moved files updated to match new paths. 62 consumer files (controllers, other services, tests, database factories, seeders, routes, bootstrap/providers.php) have their use statements rewritten via a literal-string replacement script — no regex meant no risk of half-matching. Three Documents services needed an explicit 'use App\Services\Mail\CompanyMailConfigService' added because the same-namespace short reference they relied on no longer resolves after the split. Verified: composer dump-autoload, 350 tests pass (850 assertions), vendor/bin/pint clean, npm run build succeeds.
73 lines
2.6 KiB
PHP
73 lines
2.6 KiB
PHP
<?php
|
|
|
|
use App\Support\Pdf\PdfHtmlSanitizer;
|
|
|
|
it('removes img tags that could trigger SSRF during PDF rendering', function () {
|
|
$html = "<p>Hi</p><img src='http://example.com/x'>";
|
|
|
|
expect(PdfHtmlSanitizer::sanitize($html))->not->toContain('<img');
|
|
});
|
|
|
|
it('preserves basic formatting tags', function () {
|
|
$html = '<p><b>Bold</b> and <i>italic</i></p>';
|
|
|
|
expect(PdfHtmlSanitizer::sanitize($html))->toContain('<b>')->toContain('<i>');
|
|
});
|
|
|
|
it('strips style and link attributes that may carry URLs', function () {
|
|
$html = '<p style="background:url(http://example.com/)">x</p><a href="http://evil">y</a>';
|
|
|
|
$out = PdfHtmlSanitizer::sanitize($html);
|
|
|
|
expect($out)->not->toContain('style=')->not->toContain('href=')->not->toContain('example.com');
|
|
});
|
|
|
|
it('returns empty string for empty input', function () {
|
|
expect(PdfHtmlSanitizer::sanitize(''))->toBe('');
|
|
});
|
|
|
|
it('normalizes legacy closing-br markup so lines are not collapsed in PDF output', function () {
|
|
$html = 'line1</br>line2';
|
|
|
|
$out = PdfHtmlSanitizer::sanitize($html);
|
|
|
|
expect($out)->toContain('<br')->toContain('line1')->toContain('line2');
|
|
expect($out)->not->toBe('line1line2');
|
|
});
|
|
|
|
it('strips SSRF vectors injected via address-template placeholders', function () {
|
|
// Simulates the output of GeneratesPdfTrait::getFormattedString() after a
|
|
// malicious customer name like "Acme <img src='http://attacker/probe'>" has
|
|
// been substituted into an address template via {BILLING_ADDRESS_NAME}.
|
|
$html = "Acme <img src='http://attacker.test/probe'><br />123 Main St<br />Springfield";
|
|
|
|
$out = PdfHtmlSanitizer::sanitize($html);
|
|
|
|
expect($out)->not->toContain('<img');
|
|
expect($out)->not->toContain('src=');
|
|
expect($out)->not->toContain('attacker.test');
|
|
expect($out)->toContain('Acme');
|
|
expect($out)->toContain('123 Main St');
|
|
expect($out)->toContain('Springfield');
|
|
});
|
|
|
|
it('strips iframe and link tags that could trigger SSRF', function () {
|
|
$html = '<iframe src="http://attacker/x"></iframe><link rel="stylesheet" href="http://attacker/y.css">Hello';
|
|
|
|
$out = PdfHtmlSanitizer::sanitize($html);
|
|
|
|
expect($out)->not->toContain('<iframe');
|
|
expect($out)->not->toContain('<link');
|
|
expect($out)->not->toContain('attacker');
|
|
expect($out)->toContain('Hello');
|
|
});
|
|
|
|
it('strips on* event handler attributes from allowed tags', function () {
|
|
$html = '<p onload="alert(1)" onclick="x">click me</p>';
|
|
|
|
$out = PdfHtmlSanitizer::sanitize($html);
|
|
|
|
expect($out)->not->toContain('onload')->not->toContain('onclick')->not->toContain('alert');
|
|
expect($out)->toContain('click me');
|
|
});
|