Make HTML checks more strict
This commit is contained in:
Alexander Kurilo
Adrien Crivelli
parent
928b592c14
commit
408da0c17a
@ -33,6 +33,11 @@ use PhpOffice\PhpSpreadsheet\Spreadsheet;
|
||||
/** PhpSpreadsheet root directory */
|
||||
class HTML extends BaseReader implements IReader
|
||||
{
|
||||
/**
|
||||
* Sample size to read to determine if it's HTML or not
|
||||
*/
|
||||
const TEST_SAMPLE_SIZE = 2048;
|
||||
|
||||
/**
|
||||
* Input encoding
|
||||
*
|
||||
@ -126,14 +131,56 @@ class HTML extends BaseReader implements IReader
|
||||
*/
|
||||
protected function isValidFormat()
|
||||
{
|
||||
// Reading 2048 bytes should be enough to validate that the format is HTML
|
||||
$data = fread($this->fileHandle, 2048);
|
||||
if ((strpos($data, '<') !== false) &&
|
||||
(strlen($data) !== strlen(strip_tags($data)))) {
|
||||
$beginning = $this->readBeginning();
|
||||
|
||||
if (!self::startsWithTag($beginning)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!self::containsTags($beginning)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!self::endsWithTag($this->readEnding())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
private function readBeginning()
|
||||
{
|
||||
fseek($this->fileHandle, 0);
|
||||
|
||||
return fread($this->fileHandle, self::TEST_SAMPLE_SIZE);
|
||||
}
|
||||
|
||||
private function readEnding()
|
||||
{
|
||||
$meta = stream_get_meta_data($this->fileHandle);
|
||||
$filename = $meta['uri'];
|
||||
|
||||
$size = filesize($filename);
|
||||
$blockSize = self::TEST_SAMPLE_SIZE;
|
||||
|
||||
fseek($this->fileHandle, $size - $blockSize);
|
||||
|
||||
return fread($this->fileHandle, $blockSize);
|
||||
}
|
||||
|
||||
private static function startsWithTag($data)
|
||||
{
|
||||
return '<' === substr(trim($data), 0, 1);
|
||||
}
|
||||
|
||||
private static function endsWithTag($data)
|
||||
{
|
||||
return '>' === substr(trim($data), -1, 1);
|
||||
}
|
||||
|
||||
private static function containsTags($data)
|
||||
{
|
||||
return strlen($data) !== strlen(strip_tags($data));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
19
tests/PhpSpreadsheetTests/Reader/HTMLTest.php
Normal file
19
tests/PhpSpreadsheetTests/Reader/HTMLTest.php
Normal file
@ -0,0 +1,19 @@
|
||||
<?php
|
||||
|
||||
namespace PhpOffice\PhpSpreadsheetTests\Reader;
|
||||
|
||||
use PhpOffice\PhpSpreadsheet\Reader\HTML;
|
||||
|
||||
class HTMLTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
public function testCsvWithAngleBracket()
|
||||
{
|
||||
$filename = __DIR__ . '/../../data/Reader/HTML/csv_with_angle_bracket.csv';
|
||||
$this->assertFalse($this->getInstance()->canRead($filename));
|
||||
}
|
||||
|
||||
private function getInstance()
|
||||
{
|
||||
return new HTML();
|
||||
}
|
||||
}
|
||||
1
tests/data/Reader/HTML/csv_with_angle_bracket.csv
Normal file
1
tests/data/Reader/HTML/csv_with_angle_bracket.csv
Normal file
@ -0,0 +1 @@
|
||||
Collection Name,Number of items with weight <= 50kg
|
||||
|
Loading…
Reference in New Issue
Block a user