function FilterSecurityTest::testSkipSecurityFilters
Tests that security filters are enforced even when marked to be skipped.
File
-
core/
modules/ filter/ tests/ src/ Functional/ FilterSecurityTest.php, line 98
Class
- FilterSecurityTest
- Tests HTML filtering with missing or skipped filters or text formats.
Namespace
Drupal\Tests\filter\FunctionalCode
public function testSkipSecurityFilters() : void {
$text = "Text with some disallowed tags: <script />, <p><object>unicorn</object></p>, <i><table></i>.";
$expected_filtered_text = "Text with some disallowed tags: , <p>unicorn</p>, .";
$this->assertSame($expected_filtered_text, (string) check_markup($text, 'filtered_html', '', []), 'Expected filter result.');
$this->assertSame($expected_filtered_text, (string) check_markup($text, 'filtered_html', '', [
FilterInterface::TYPE_HTML_RESTRICTOR,
]), 'Expected filter result, even when trying to disable filters of the FilterInterface::TYPE_HTML_RESTRICTOR type.');
}Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.