Add Phan taint test for StatusFormatter methods
Change-Id: I35839c7b8a0454d1913bfee0700f5cc3313456c1
This commit is contained in:
Bartosz Dziewoński
parent
c5771c9c30
commit
0b61d6feb4
1 changed files with 15 additions and 0 deletions
|
|
@ -27,6 +27,7 @@ use MediaWiki\Request\WebRequest;
|
|||
use MediaWiki\Shell\Result;
|
||||
use MediaWiki\Shell\Shell;
|
||||
use MediaWiki\Status\Status;
|
||||
use MediaWiki\Status\StatusFormatter;
|
||||
use MediaWiki\Title\TitleValue;
|
||||
use Shellbox\Command\UnboxedResult;
|
||||
use Shellbox\Shellbox;
|
||||
|
|
@ -867,6 +868,20 @@ class TaintCheckAnnotationsTest {
|
|||
echo Status::newGood( $_GET['a'] )->setResult( true, $_GET['a'] );// Safe
|
||||
}
|
||||
|
||||
function testStatusFormatter( StatusFormatter $f, StatusValue $sv ) {
|
||||
echo $f->getWikiText( $sv ); // @phan-suppress-current-line SecurityCheck-XSS
|
||||
echo $f->getHTML( $sv ); // Safe
|
||||
echo $f->getMessage( $sv )->plain(); // @phan-suppress-current-line SecurityCheck-XSS
|
||||
echo $f->getMessage( $sv )->parse(); // Safe
|
||||
|
||||
// Legacy deprecated methods
|
||||
$status = Status::wrap( $sv );
|
||||
echo $status->getWikiText(); // @phan-suppress-current-line SecurityCheck-XSS
|
||||
echo $status->getHTML(); // Safe
|
||||
echo $status->getMessage()->plain(); // @phan-suppress-current-line SecurityCheck-XSS
|
||||
echo $status->getMessage()->parse(); // Safe
|
||||
}
|
||||
|
||||
/**
|
||||
* Non-namespaced alias of the Status class.
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in a new issue