function SearchPageTextTest::testSearchLabelXSS
Same name in other branches
- 9 core/modules/search/tests/src/Functional/SearchPageTextTest.php \Drupal\Tests\search\Functional\SearchPageTextTest::testSearchLabelXSS()
- 8.9.x core/modules/search/tests/src/Functional/SearchPageTextTest.php \Drupal\Tests\search\Functional\SearchPageTextTest::testSearchLabelXSS()
- 11.x core/modules/search/tests/src/Functional/SearchPageTextTest.php \Drupal\Tests\search\Functional\SearchPageTextTest::testSearchLabelXSS()
Tests for XSS in search module local task.
This is a regression test for https://www.drupal.org/node/2338081
File
-
core/
modules/ search/ tests/ src/ Functional/ SearchPageTextTest.php, line 57
Class
- SearchPageTextTest
- Tests the search help text and search page text.
Namespace
Drupal\Tests\search\FunctionalCode
public function testSearchLabelXSS() : void {
$this->drupalLogin($this->drupalCreateUser([
'administer search',
]));
$keys['label'] = '<script>alert("Don\'t Panic");</script>';
$this->drupalGet('admin/config/search/pages/manage/node_search');
$this->submitForm($keys, 'Save search page');
$this->drupalLogin($this->searchingUser);
$this->drupalGet('search/node');
$this->assertSession()
->assertEscaped($keys['label']);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.