function BlockXssTest::testXssInCategory

Same name and namespace in other branches
  1. 9 core/modules/block/tests/src/Functional/BlockXssTest.php \Drupal\Tests\block\Functional\BlockXssTest::testXssInCategory()
  2. 10 core/modules/block/tests/src/Functional/BlockXssTest.php \Drupal\Tests\block\Functional\BlockXssTest::testXssInCategory()
  3. 11.x core/modules/block/tests/src/Functional/BlockXssTest.php \Drupal\Tests\block\Functional\BlockXssTest::testXssInCategory()

Tests XSS in category.

File

core/modules/block/tests/src/Functional/BlockXssTest.php, line 67

Class

BlockXssTest
Tests that the block module properly escapes block descriptions.

Namespace

Drupal\Tests\block\Functional

Code

public function testXssInCategory() {
    $this->container
        ->get('module_installer')
        ->install([
        'block_test',
    ]);
    $this->drupalPlaceBlock('test_xss_title');
    $this->drupalLogin($this->drupalCreateUser([
        'administer blocks',
        'access administration pages',
    ]));
    $this->drupalGet(Url::fromRoute('block.admin_display'));
    $this->clickLink('Place block');
    $this->assertNoRaw("<script>alert('XSS category');</script>");
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.