ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-12-02 11:41:05 +05:30
Code Issues Packages Projects Releases Wiki Activity

Не экранируем символы html символы в qr коде, т.к. они всё таки не должны быть экранированы

Browse Source
This commit is contained in:
ErickSkrauch 2017-08-03 14:50:48 +03:00
parent ec9da1709b
commit f75c241c5f
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/models/profile/TwoFactorAuthForm.php
View File

@ -63,7 +63,7 @@ class TwoFactorAuthForm extends ApiForm {
$provisioningUri = $this->getTotp()->getProvisioningUri(); $provisioningUri = $this->getTotp()->getProvisioningUri();
return [ return [
'qr' => 'data:image/svg+xml,' . htmlspecialchars(trim($this->drawQrCode($provisioningUri))), 'qr' => 'data:image/svg+xml,' . trim($this->drawQrCode($provisioningUri)),
'uri' => $provisioningUri, 'uri' => $provisioningUri,
'secret' => $this->account->otp_secret, 'secret' => $this->account->otp_secret,
]; ];

2
tests/codeception/api/unit/models/profile/TwoFactorAuthFormTest.php
View File

@ -44,7 +44,7 @@ class TwoFactorAuthFormTest extends TestCase {
$this->assertArrayHasKey('secret', $result); $this->assertArrayHasKey('secret', $result);
$this->assertNotNull($account->otp_secret); $this->assertNotNull($account->otp_secret);
$this->assertEquals($account->otp_secret, $result['secret']); $this->assertEquals($account->otp_secret, $result['secret']);
$this->assertEquals('data:image/svg+xml,&lt;_/&gt;', $result['qr']); $this->assertEquals('data:image/svg+xml,<_/>', $result['qr']);
/** @var Account|\PHPUnit_Framework_MockObject_MockObject $account */ /** @var Account|\PHPUnit_Framework_MockObject_MockObject $account */
$account = $this->getMockBuilder(Account::class) $account = $this->getMockBuilder(Account::class)