Merge pull request #169 from elecena/fix/skin-null-handling

Skin::renderHead - do not pass null to htmlspecialchars()
elecena · Nov 4, 2022 · ab39516 · ab39516
2 parents 216cb60 + bf1460f
commit ab39516
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 6 deletions.
diff --git a/classes/Skin.class.php b/classes/Skin.class.php
@@ -55,7 +55,7 @@ abstract class Skin
      * @return self
      * @throws Exception
      */
-    public static function factory(NanoApp $app, $skinName)
+    public static function factory(NanoApp $app, string $skinName): Skin
     {
         $className = sprintf('Skin%s', ucfirst($skinName));
 
@@ -72,7 +72,7 @@ public static function factory(NanoApp $app, $skinName)
      * @param NanoApp $app
      * @param string $skinName
      */
-    public function __construct(NanoApp $app, $skinName)
+    public function __construct(NanoApp $app, string $skinName)
     {
         $this->app = $app;
         $this->skinName = $skinName;
@@ -134,7 +134,7 @@ public function getPageTitle()
     /**
      * Add <meta> tag entry
      */
-    public function addMeta($name, $value)
+    public function addMeta(string $name, ?string $value): void
     {
         $this->meta[] = [
             'name' => $name,
@@ -306,7 +306,7 @@ protected function getAssetsUrls($type)
     /**
      * Renders set of <meta> elements to be used in page's head section
      */
-    public function renderHead($sep = "\n")
+    public function renderHead(string $sep = "\n"): string
     {
         // render <meta> elements
         $elements = [];
@@ -315,7 +315,7 @@ public function renderHead($sep = "\n")
             $node = '<meta';
 
             foreach ($item as $name => $value) {
-                $value = htmlspecialchars($value);
+                $value = htmlspecialchars($value ?? '');
                 $node .= " {$name}=\"{$value}\"";
             }
 
@@ -329,7 +329,7 @@ public function renderHead($sep = "\n")
             $node = '<link';
 
             foreach ($item as $name => $value) {
-                $value = htmlspecialchars($value);
+                $value = htmlspecialchars($value ?? '');
                 $node .= " {$name}=\"{$value}\"";
             }
 

diff --git a/tests/SkinTest.php b/tests/SkinTest.php
@@ -0,0 +1,40 @@
+<?php
+
+use Nano\NanoBaseTest;
+
+class TestSkin extends Skin
+{
+    const NAME = 'test-skin';
+}
+
+class SkinTest extends NanoBaseTest
+{
+    private TestSkin $skin;
+
+    public function setUp(): void
+    {
+        $app = Nano::app(__DIR__ . '/app');
+        $this->skin = new TestSkin($app, TestSkin::NAME);
+    }
+
+    public function testRenderHeadNullHandling()
+    {
+        $this->skin->addMeta('null', null);
+        $this->skin->addMeta('empty_string', '');
+        $this->skin->addMeta('a_string', 'Foo Bar');
+        $this->skin->addMeta('a_number', 42);
+
+        $this->skin->addLink('foo', null);
+        $this->skin->addLink('bar', 'test', ['type' => 'some/thing']);
+
+        $head = $this->skin->renderHead();
+
+        $this->assertStringContainsString('<meta name="null" value="">', $head, );
+        $this->assertStringContainsString('<meta name="empty_string" value="">', $head, );
+        $this->assertStringContainsString('<meta name="a_string" value="Foo Bar">', $head, );
+        $this->assertStringContainsString('<meta name="a_number" value="42">', $head, );
+
+        $this->assertStringContainsString('<link rel="foo" value="">', $head, );
+        $this->assertStringContainsString('<link rel="bar" value="test" type="some/thing">', $head, );
+    }
+}