Also allow explicit boolean FALSE through

mewebstudio · Mar 22, 2021 · cf47484 · cf47484
1 parent bc12b36
commit cf47484
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/src/Purifier.php b/src/Purifier.php
@@ -278,6 +278,9 @@ public function clean($dirty, $config = null, \Closure $postCreateConfigHook = n
         if($passThruNullValues !== false && $dirty === null) {
             return null;
         }
+        if($passThruNullValues !== false && $dirty === false) {
+            return false;
+        }
 
         return $this->purifier->purify($dirty, $configObject);
     }

diff --git a/tests/PurifierTest.php b/tests/PurifierTest.php
@@ -125,16 +125,21 @@ public function testCleaningNullPassThru() {
         $html = null;
         $pureHtml = $purifier->clean($html);
         $this->assertEquals('', $pureHtml);
+        $html = false;
+        $pureHtml = $purifier->clean($html);
+        $this->assertEquals('', $pureHtml);
 
         $html = [
             'good'=>'<span id="some-id">This is my H1 title',
             'bad'=>'<script>alert(\'XSS\');</script>',
             'empty'=>null,
+            'bool'=>false,
         ];
         $expectedHtml = [
             'good'=>'<p><span>This is my H1 title</span></p>',
             'bad'=>'',
             'empty'=>'',
+            'bool'=>'',
         ];
         $pureHtml = $purifier->clean($html);
         $this->assertEquals($expectedHtml, $pureHtml);
@@ -147,19 +152,25 @@ public function testCleaningNullPassThru() {
 
         $html = null;
         $pureHtml = $purifier->clean($html);
-        $this->assertEquals('', $pureHtml);
+        $this->assertEquals(null, $pureHtml);
+
+        $html = false;
+        $pureHtml = $purifier->clean($html);
+        $this->assertEquals(false, $pureHtml);
 
         $html = [
             'good'=>'<span id="some-id">This is my H1 title',
             'bad'=>'<script>alert(\'XSS\');</script>',
             'empty'=>null,
             'emptyStr'=>'',
+            'bool'=>false,
         ];
         $expectedHtml = [
             'good'=>'<p><span>This is my H1 title</span></p>',
             'bad'=>'',
             'empty'=>null,
             'emptyStr'=>'',
+            'bool'=>false,
         ];
         $pureHtml = $purifier->clean($html);
         $this->assertEquals($expectedHtml, $pureHtml);