function XssTest::testFilterXssNormalized
Same name in other branches
- 9 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNormalized()
- 8.9.x core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNormalized()
- 10 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNormalized()
Tests limiting allowed tags and XSS prevention.
XSS tests assume that script is disallowed by default and src is allowed by default, but on* and style attributes are disallowed.
@dataProvider providerTestFilterXssNormalized
Parameters
string $value: The value to filter.
string $expected: The expected result.
string $message: The assertion message to display upon failure.
array $allowed_tags: (optional) The allowed HTML tags to be passed to \Drupal\Component\Utility\Xss::filter().
File
-
core/
tests/ Drupal/ Tests/ Component/ Utility/ XssTest.php, line 71
Class
- XssTest
- XSS Filtering tests.
Namespace
Drupal\Tests\Component\UtilityCode
public function testFilterXssNormalized($value, $expected, $message, ?array $allowed_tags = NULL) : void {
if ($allowed_tags === NULL) {
$value = Xss::filter($value);
}
else {
$value = Xss::filter($value, $allowed_tags);
}
$this->assertNormalized($value, $expected, $message);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.