class XssTest
Same name in this branch
- 9 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest
Same name and namespace in other branches
- 11.x core/modules/views_ui/tests/src/Functional/XssTest.php \Drupal\Tests\views_ui\Functional\XssTest
- 11.x core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest
- 10 core/modules/views_ui/tests/src/Functional/XssTest.php \Drupal\Tests\views_ui\Functional\XssTest
- 10 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest
- 8.9.x core/modules/views_ui/tests/src/Functional/XssTest.php \Drupal\Tests\views_ui\Functional\XssTest
- 8.9.x core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest
Tests the Xss vulnerability.
@group views_ui
Hierarchy
- class \Drupal\Tests\BrowserTestBase uses \Drupal\Core\Test\FunctionalTestSetupTrait, \Drupal\Tests\UiHelperTrait, \Drupal\Core\Test\TestSetupTrait, \Drupal\Tests\block\Traits\BlockCreationTrait, \Drupal\FunctionalTests\AssertLegacyTrait, \Drupal\Tests\RandomGeneratorTrait, \Drupal\Tests\node\Traits\NodeCreationTrait, \Drupal\Tests\node\Traits\ContentTypeCreationTrait, \Drupal\Tests\ConfigTestTrait, \Drupal\Tests\TestRequirementsTrait, \Drupal\Tests\user\Traits\UserCreationTrait, \Drupal\Tests\XdebugRequestTrait, \Drupal\Tests\Traits\PhpUnitWarnings, \Drupal\Tests\PhpUnitCompatibilityTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, \Drupal\Tests\ExtensionListTestTrait extends \PHPUnit\Framework\TestCase
- class \Drupal\Tests\views\Functional\ViewTestBase uses \Drupal\views\Tests\ViewResultAssertionTrait extends \Drupal\Tests\BrowserTestBase
- class \Drupal\Tests\views_ui\Functional\UITestBase extends \Drupal\Tests\views\Functional\ViewTestBase
- class \Drupal\Tests\views_ui\Functional\XssTest extends \Drupal\Tests\views_ui\Functional\UITestBase
- class \Drupal\Tests\views_ui\Functional\UITestBase extends \Drupal\Tests\views\Functional\ViewTestBase
- class \Drupal\Tests\views\Functional\ViewTestBase uses \Drupal\views\Tests\ViewResultAssertionTrait extends \Drupal\Tests\BrowserTestBase
Expanded class hierarchy of XssTest
File
-
core/
modules/ views_ui/ tests/ src/ Functional/ XssTest.php, line 10
Namespace
Drupal\Tests\views_ui\FunctionalView source
class XssTest extends UITestBase {
/**
* Modules to enable.
*
* @var array
*/
protected static $modules = [
'node',
'user',
'views_ui',
'views_ui_test',
];
/**
* {@inheritdoc}
*/
protected $defaultTheme = 'stark';
public function testViewsUi() {
$this->drupalGet('admin/structure/views/view/sa_contrib_2013_035');
// Verify that the field admin label is properly escaped.
$this->assertSession()
->assertEscaped('<marquee>test</marquee>');
$this->drupalGet('admin/structure/views/nojs/handler/sa_contrib_2013_035/page_1/header/area');
// Verify that the token label is properly escaped.
$this->assertSession()
->assertEscaped('{{ title }} == <marquee>test</marquee>');
$this->assertSession()
->assertEscaped('{{ title_1 }} == <script>alert("XSS")</script>');
}
/**
* Checks the admin UI for double escaping.
*/
public function testNoDoubleEscaping() {
$this->drupalGet('admin/structure/views');
$this->assertSession()
->assertNoEscaped('<');
$this->drupalGet('admin/structure/views/view/sa_contrib_2013_035');
$this->assertSession()
->assertNoEscaped('<');
$this->drupalGet('admin/structure/views/nojs/handler/sa_contrib_2013_035/page_1/header/area');
$this->assertSession()
->assertNoEscaped('<');
}
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.