function FieldCustomTest::testCustomFieldXss
Same name in other branches
- 9 core/modules/views/tests/src/Kernel/Handler/FieldCustomTest.php \Drupal\Tests\views\Kernel\Handler\FieldCustomTest::testCustomFieldXss()
- 8.9.x core/modules/views/tests/src/Kernel/Handler/FieldCustomTest.php \Drupal\Tests\views\Kernel\Handler\FieldCustomTest::testCustomFieldXss()
- 11.x core/modules/views/tests/src/Kernel/Handler/FieldCustomTest.php \Drupal\Tests\views\Kernel\Handler\FieldCustomTest::testCustomFieldXss()
Ensure that custom field content is XSS filtered.
File
-
core/
modules/ views/ tests/ src/ Kernel/ Handler/ FieldCustomTest.php, line 97
Class
- FieldCustomTest
- Tests the core Drupal\views\Plugin\views\field\Custom handler.
Namespace
Drupal\Tests\views\Kernel\HandlerCode
public function testCustomFieldXss() : void {
$view = Views::getView('test_view');
$view->setDisplay();
// Alter the text of the field to include XSS.
$text = '<script>alert("kittens")</script>';
$view->displayHandlers
->get('default')
->overrideOption('fields', [
'name' => [
'id' => 'name',
'table' => 'views_test_data',
'field' => 'name',
'relationship' => 'none',
'alter' => [
'text' => $text,
],
],
]);
$this->executeView($view);
$this->assertEquals(Xss::filter($text), $view->style_plugin
->getField(0, 'name'));
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.