function ViewsEscapingTest::testViewsFieldHeaderEscaping

Same name in other branches
  1. 9 core/modules/views/tests/src/Functional/ViewsEscapingTest.php \Drupal\Tests\views\Functional\ViewsEscapingTest::testViewsFieldHeaderEscaping()
  2. 8.9.x core/modules/views/tests/src/Functional/ViewsEscapingTest.php \Drupal\Tests\views\Functional\ViewsEscapingTest::testViewsFieldHeaderEscaping()
  3. 10 core/modules/views/tests/src/Functional/ViewsEscapingTest.php \Drupal\Tests\views\Functional\ViewsEscapingTest::testViewsFieldHeaderEscaping()

Tests for incorrectly escaped markup in a header label on a display table.

File

core/modules/views/tests/src/Functional/ViewsEscapingTest.php, line 77

Class

ViewsEscapingTest
Tests output of Views.

Namespace

Drupal\Tests\views\Functional

Code

public function testViewsFieldHeaderEscaping() : void {
    // Test with a field header label having an html element wrapper.
    $this->drupalGet('test_field_header');
    // Assert that there are no escaped '<'s characters.
    $this->assertSession()
        ->assertNoEscaped('<');
    // Test with a field header label having a XSS test as a wrapper.
    $this->drupalGet('test_field_header_xss');
    // Assert that harmful tags are escaped in header label.
    $this->assertSession()
        ->responseNotContains('<script>alert("XSS")</script>');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.