Skip to content

Commit

Permalink
maintenance: dependabot (#392)
Browse files Browse the repository at this point in the history 
* maintenance: dependabot
closes #391

* maintenance: dependabot
closes #391

* tweak: default empty string to avoid deprecation warning
  • Loading branch information
@g105b
g105b committed Sep 6, 2022
1 parent 69a86b6 commit b6213b2
Show file tree
Hide file tree
Showing 5 changed files with 66 additions and 95 deletions.
19 changes: 10 additions & 9 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
version: 2
updates:
- package-ecosystem: composer
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
ignore:
- dependency-name: symfony/css-selector
versions:
- "> 3.2.14"
- package-ecosystem: composer
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
ignore:
- dependency-name: phpunit/phpunit
update-types: ["version-update:semver-patch"]
- dependency-name: phpstan/phpstan
update-types: ["version-update:semver-patch"]
10 changes: 5 additions & 5 deletions composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@
"ext-dom": "*",
"ext-libxml": "*",
"ext-mbstring": "*",
"phpgt/cssxpath": "^1.1",
"phpgt/propfunc": "^1.0",
"psr/http-message": "^1.0"
"phpgt/cssxpath": "^v1.1",
"phpgt/propfunc": "^v1.0",
"psr/http-message": "^v1.0"
},

"require-dev": {
"phpstan/phpstan": "v1.8.2",
"phpunit/phpunit": "v9.5.21"
"phpstan/phpstan": "v1.8",
"phpunit/phpunit": "v9.5"
},

"license": "MIT",
Expand Down
79 changes: 40 additions & 39 deletions composer.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

51 changes: 10 additions & 41 deletions scratch.php
View file
Original file line number Diff line number Diff line change
@@ -1,51 +1,20 @@
<?php

$document = new DOMDocument("1.0", "UTF-8");
$document->registerNodeClass(DOMNode::class, MyDOMNode::class);
$document->registerNodeClass(DOMElement::class, MyDOMElement::class);
$document->registerNodeClass(DOMDocumentFragment::class, MyDOMDocumentFragment::class);

$html = <<<HTML
<!doctype html>
<h1>Hello, <span>you</span>!</h1>
<form method="post">
<label>
<span>Your name, please</span>
<input id="name-input" name="your-name" required autocomplete="off" autofocus />
</label>
<button name="do" value="greet">Greet!</button>
</form>
<h1>Hello, <span>you</span>!</h1>
HTML;
$document->loadHTML($html);

$input = $document->getElementById("name-input");

var_dump($input);

class DOMString implements Stringable {
public static function createFromCallback(Closure $param) {

}

public function __toString():string {

}
}

class MyDOMNode extends DOMNode {

}

class MyDOMElement extends DOMElement {
public string $tagName = "test";
// Create a new document with the above HTML.
$document = new DOMDocument("1.0", "utf-8");
$document->loadHTML($html);

public function __invoke() {
die(__METHOD__);
}
}
// Get reference to span tag.
$span = $document->getElementsByTagName("span")->item(0);

class MyDOMDocumentFragment extends DOMDocumentFragment {
// Set the span's tag to user-supplied $name (malicious user can enter JavaScript!)
$name = "<script>alert('XSS');</script>";
$span->textContent = $name;

}
echo $document->saveHTML();
2 changes: 1 addition & 1 deletion src/HTMLElement.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1438,7 +1438,7 @@ protected function __prop_get_controlsList():DOMTokenList {
return DOMTokenListFactory::create(
fn() => explode(
" ",
$this->getAttribute("controlsList")
$this->getAttribute("controlsList") ?? ""
),
fn(string...$tokens) => $this->setAttribute(
"controlsList",
Expand Down

0 comments on commit b6213b2

Please sign in to comment.