spaze · spaze · Apr 11, 2026 · Apr 11, 2026
diff --git a/src/PhpInfo.php b/src/PhpInfo.php
@@ -66,9 +66,6 @@ public function doNotSanitizeSessionId(): self
 	}
 
 
-	/**
-	 * @param non-empty-string $sanitize
-	 */
 	public function addSanitization(string $sanitize, ?string $with = null): self
 	{
 		$this->sanitizer->addSanitization($sanitize, $with);

diff --git a/src/SensitiveValueSanitizer.php b/src/SensitiveValueSanitizer.php
@@ -64,11 +64,11 @@ public function doNotSanitizeSessionId(): self
 	}
 
 
-	/**
-	 * @param non-empty-string $sanitize
-	 */
 	public function addSanitization(string $sanitize, ?string $with = null): self
 	{
+		if ($sanitize === '') {
+			return $this;
+		}
 		$this->sanitize[$sanitize] = $this->sanitize[urlencode($sanitize)] = $with ?? $this->sanitizeWith;
 		return $this;
 	}

diff --git a/tests/SensitiveValueSanitizerTest.phpt b/tests/SensitiveValueSanitizerTest.phpt
@@ -143,6 +143,16 @@ class SensitiveValueSanitizerTest extends TestCase
 		Assert::notContains($sessionId, $html);
 	}
 
+
+	public function testAddSanitizationEmptyString(): void
+	{
+		Assert::noError(function () use (&$string): void {
+			$string = (new SensitiveValueSanitizer())->addSanitization('', '💫')->sanitize('foo');
+		});
+		Assert::same('foo', $string);
+		Assert::notContains('💫', $string);
+	}
+
 }
 
 (new SensitiveValueSanitizerTest())->run();
-Original file line number
+Diff line change
@@ Expand Up / @@ -66,9 +66,6 @@ public function doNotSanitizeSessionId(): self @@
     	}
-    	/**
-    	 * @param non-empty-string $sanitize
-    	 */
     	public function addSanitization(string $sanitize, ?string $with = null): self
     	{
     		$this->sanitizer->addSanitization($sanitize, $with);
@@ Expand Down @@