function XssUnitTest::testCheckUrl

Tests deprecation of the check_url() function.

@group legacy @expectedDeprecation check_url() is deprecated in Drupal 8.0.0 and will be removed before Drupal 9.0.0. Use UrlHelper::stripDangerousProtocols() or UrlHelper::filterBadProtocol() instead. See https://www.drupal.org/node/2560027

File

core/tests/Drupal/KernelTests/Core/Common/XssUnitTest.php, line 62

Class

XssUnitTest: Confirm that <a href="/api/drupal/core%21lib%21Drupal%21Component%21Utility%21Xss.php/function/Xss%3A%3Afilter/8.9.x" title="Filters HTML to prevent cross-site-scripting (XSS) vulnerabilities." class="local">\Drupal\Component\Utility\Xss::filter</a>() and <a href="/api/drupal/core%21includes%21common.inc/function/check_url/8.9.x" title="Strips dangerous protocols from a URI and encodes it for output to HTML." class="local">check_url</a>() work correctly, including invalid multi-byte sequences.

Namespace

Drupal\KernelTests\Core\Common

Code

public function testCheckUrl() {
    $url = 'javascript:http://www.example.com/?x=1&y=2';
    $expected_html = 'http://www.example.com/?x=1&amp;y=2';
    $this->assertSame($expected_html, check_url($url));
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.

function XssUnitTest::testCheckUrl

File

Class

Namespace

Code

Search drupal 8.9.x

API Navigation

Breadcrumb

function XssUnitTest::testCheckUrl

File

Class

Namespace

Code

Search drupal 8.9.x

API Navigation