function EditorSecurityTest::testEditorXssFilterOverride

Same name and namespace in other branches
  1. 9 core/modules/editor/tests/src/Functional/EditorSecurityTest.php \Drupal\Tests\editor\Functional\EditorSecurityTest::testEditorXssFilterOverride()
  2. 10 core/modules/editor/tests/src/Functional/EditorSecurityTest.php \Drupal\Tests\editor\Functional\EditorSecurityTest::testEditorXssFilterOverride()
  3. 11.x core/modules/editor/tests/src/Functional/EditorSecurityTest.php \Drupal\Tests\editor\Functional\EditorSecurityTest::testEditorXssFilterOverride()

Tests the standard text editor XSS filter being overridden.

File

core/modules/editor/tests/src/Functional/EditorSecurityTest.php, line 431

Class

EditorSecurityTest
Tests XSS protection for content creators when using text editors.

Namespace

Drupal\Tests\editor\Functional

Code

public function testEditorXssFilterOverride() {
    // First: the Standard text editor XSS filter.
    $this->drupalLogin($this->normalUser);
    $this->drupalGet('node/2/edit');
    $dom_node = $this->xpath('//textarea[@id="edit-body-0-value"]');
    $this->assertIdentical(self::$sampleContentSecured, $dom_node[0]->getText(), 'The value was filtered by the Standard text editor XSS filter.');
    // Enable editor_test.module's hook_editor_xss_filter_alter() implementation
    // to alter the text editor XSS filter class being used.
    \Drupal::state()->set('editor_test_editor_xss_filter_alter_enabled', TRUE);
    // First: the Insecure text editor XSS filter.
    $this->drupalGet('node/2/edit');
    $dom_node = $this->xpath('//textarea[@id="edit-body-0-value"]');
    $this->assertIdentical(self::$sampleContent, $dom_node[0]->getText(), 'The value was filtered by the Insecure text editor XSS filter.');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.