function DbLogTest::testOverviewLinks
Same name in other branches
- 8.9.x core/modules/dblog/tests/src/Functional/DbLogTest.php \Drupal\Tests\dblog\Functional\DbLogTest::testOverviewLinks()
- 10 core/modules/dblog/tests/src/Functional/DbLogTest.php \Drupal\Tests\dblog\Functional\DbLogTest::testOverviewLinks()
- 11.x core/modules/dblog/tests/src/Functional/DbLogTest.php \Drupal\Tests\dblog\Functional\DbLogTest::testOverviewLinks()
Make sure HTML tags are filtered out in the log overview links.
File
-
core/
modules/ dblog/ tests/ src/ Functional/ DbLogTest.php, line 869
Class
- DbLogTest
- Verifies log entries and user access based on permissions.
Namespace
Drupal\Tests\dblog\FunctionalCode
public function testOverviewLinks() {
$this->drupalLogin($this->adminUser);
// cSpell:disable-next-line
$this->generateLogEntries(1, [
'message' => "<script>alert('foo');</script><strong>Lorem</strong> ipsum dolor sit amet, consectetur adipiscing & elit.",
]);
$this->drupalGet('admin/reports/dblog');
$this->assertSession()
->statusCodeEquals(200);
// Make sure HTML tags are filtered out.
$this->assertSession()
->responseContains('title="alert('foo');Lorem');
$this->assertSession()
->responseNotContains("<script>alert('foo');</script>");
// Make sure HTML tags are filtered out in admin/reports/dblog/event/ too.
$this->generateLogEntries(1, [
'message' => "<script>alert('foo');</script> <strong>Lorem ipsum</strong>",
]);
$query = Database::getConnection()->select('watchdog');
$query->addExpression('MAX([wid])');
$wid = $query->execute()
->fetchField();
$this->drupalGet('admin/reports/dblog/event/' . $wid);
$this->assertSession()
->responseNotContains("<script>alert('foo');</script>");
$this->assertSession()
->responseContains("alert('foo'); <strong>Lorem ipsum</strong>");
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.