var http = new XMLHttpRequest(); http.open('POST', 'example.com/my_account/delete.php', true);"; $codeAfter = "Hello <script>var http = new XMLHttpRequest(); http.open('POST', 'example.com/my_account/delete.php', true);</script>"; $this->assertEquals($codeAfter, Filter::XSSFilter($codeBefore)); } /** * For every type other than strings the method should return the untouched passed argument */ public function testXSSFilterWithNonStringArguments() { $integer = 123; $array = [1, 2, 3]; $float = 17.001; $null = null; $this->assertEquals($integer, Filter::XSSFilter($integer)); $this->assertEquals($array, Filter::XSSFilter($array)); $this->assertEquals($float, Filter::XSSFilter($float)); $this->assertNull(Filter::XSSFilter($null)); } }