16898969866

Committed 12 Aug 2025 04:28AM UTC coverage: 99.276%. Remained the same

Build # 16898969866

Build Type

Pull #87

github

Committed by

web-flow

Commit Message

Bump actions/checkout from 4 to 5

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Pull Request Pull Request #87: Bump actions/checkout from 4 to 5

Run Details

1508 of 1519 relevant lines covered (99.28%)

3883.48 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

95.45

/library/HTMLPurifier/AttrDef/HTML5/IntegrityMetadata.php

<?php

/**
 * Subresource Integrity metadata
 *
 * @see https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
 * @see https://w3c.github.io/webappsec-subresource-integrity/#the-integrity-attribute
 * @see https://github.com/validator/validator/blob/master/src/nu/validator/datatype/IntegrityMetadata.java
 */
class HTMLPurifier_AttrDef_HTML5_IntegrityMetadata extends HTMLPurifier_AttrDef
{
    /**
     * @param string $value
     * @param HTMLPurifier_Config $config
     * @param HTMLPurifier_Context $context
     * @return bool|string
     */
    public function validate($value, $config, $context)
    {
        // An integrity value may contain multiple hashes separated by whitespace.
        $hashes = preg_split('/\s+/', $value);
        $valid = array();

        foreach ($hashes as $hash) {
            if (strpos($hash, '-') === false) {
                continue;
            }

            list($algo, $digest) = explode('-', $hash, 2);

            if (!in_array($algo, array('sha256', 'sha384', 'sha512'), true)) {
                // Values must start with sha256- or sha384- or sha512-
                continue;
            }

            if (!preg_match('/^[+\/0-9A-Za-z]+[=]{0,3}$/', $digest)) {
                // Invalid base64-value (characters are not in the base64-value grammar).
                continue;
            }

            // Strip padding
            $digest = rtrim($digest, '=');

            // Strip 'sha' prefix, to get expected bit length of the digest
            // In Base64 1 char encodes 6 bits, i.e. 512 bits (sha512 digest) require 86 characters
            $len = (int) ceil(substr($algo, 3) / 6);
            if (strlen($digest) !== $len) {
                continue;
            }

            // Add padding
            if (strlen($digest) % 4) {
                $digest .= str_repeat('=', 4 - strlen($digest) % 4);
            }

            $valid[] = $algo . '-' . $digest;
        }

        if (empty($valid)) {
            return false;
        }

        return implode(' ', $valid);
    }
}

1	<?php
2
3	/**
4	* Subresource Integrity metadata
5	*
6	* @see https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
7	* @see https://w3c.github.io/webappsec-subresource-integrity/#the-integrity-attribute
8	* @see https://github.com/validator/validator/blob/master/src/nu/validator/datatype/IntegrityMetadata.java
9	*/
10	class HTMLPurifier_AttrDef_HTML5_IntegrityMetadata extends HTMLPurifier_AttrDef
11	{
12	/**
13	* @param string $value
14	* @param HTMLPurifier_Config $config
15	* @param HTMLPurifier_Context $context
16	* @return bool\|string
17	*/
18	public function validate($value, $config, $context)
19	{
20	// An integrity value may contain multiple hashes separated by whitespace.
21	$hashes = preg_split('/\s+/', $value);	216✔
22	$valid = array();	216✔
23
24	foreach ($hashes as $hash) {	216✔
25	if (strpos($hash, '-') === false) {	216✔
26	continue;	×
27	}
28
29	list($algo, $digest) = explode('-', $hash, 2);	216✔
30
31	if (!in_array($algo, array('sha256', 'sha384', 'sha512'), true)) {	216✔
32	// Values must start with sha256- or sha384- or sha512-
33	continue;	12✔
34	}
35
36	if (!preg_match('/^[+\/0-9A-Za-z]+[=]{0,3}$/', $digest)) {	204✔
37	// Invalid base64-value (characters are not in the base64-value grammar).
38	continue;	12✔
39	}
40
41	// Strip padding
42	$digest = rtrim($digest, '=');	192✔
43
44	// Strip 'sha' prefix, to get expected bit length of the digest
45	// In Base64 1 char encodes 6 bits, i.e. 512 bits (sha512 digest) require 86 characters
46	$len = (int) ceil(substr($algo, 3) / 6);	192✔
47	if (strlen($digest) !== $len) {	192✔
48	continue;	72✔
49	}
50
51	// Add padding
52	if (strlen($digest) % 4) {	168✔
53	$digest .= str_repeat('=', 4 - strlen($digest) % 4);	156✔
54	}	26✔
55
56	$valid[] = $algo . '-' . $digest;	168✔
57	}	36✔
58
59	if (empty($valid)) {	216✔
60	return false;	48✔
61	}
62
63	return implode(' ', $valid);	168✔
64	}
65	}

xemlock / htmlpurifier-html5 / 16898969866

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous