function XssTest::testViewsUi

Same name and namespace in other branches

9 core/modules/views_ui/tests/src/Functional/XssTest.php \Drupal\Tests\views_ui\Functional\XssTest::testViewsUi()
10 core/modules/views_ui/tests/src/Functional/XssTest.php \Drupal\Tests\views_ui\Functional\XssTest::testViewsUi()
11.x core/modules/views_ui/tests/src/Functional/XssTest.php \Drupal\Tests\views_ui\Functional\XssTest::testViewsUi()

File

core/modules/views_ui/tests/src/Functional/XssTest.php, line 24

Class

XssTest: Tests the Xss vulnerability.

Namespace

Drupal\Tests\views_ui\Functional

Code

public function testViewsUi() {
    $this->drupalGet('admin/structure/views/view/sa_contrib_2013_035');
    // Verify that the field admin label is properly escaped.
    $this->assertEscaped('<marquee>test</marquee>');
    $this->drupalGet('admin/structure/views/nojs/handler/sa_contrib_2013_035/page_1/header/area');
    // Verify that the token label is properly escaped.
    $this->assertEscaped('{{ title }} == <marquee>test</marquee>');
    $this->assertEscaped('{{ title_1 }} == <script>alert("XSS")</script>');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.

function XssTest::testViewsUi

File

Class

Namespace

Code

Search drupal 8.9.x

API Navigation

Breadcrumb

function XssTest::testViewsUi

File

Class

Namespace

Code

Search drupal 8.9.x

API Navigation