function XssTest::testFilterXssNotNormalized

Same name and namespace in other branches
  1. 9 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNotNormalized()
  2. 8.9.x core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNotNormalized()
  3. 10 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNotNormalized()

Tests limiting to allowed tags and XSS prevention.

XSS tests assume that script is disallowed by default and src is allowed by default, but on* and style attributes are disallowed.

@dataProvider providerTestFilterXssNotNormalized

Parameters

string $value: The value to filter.

string $expected: The string that is expected to be missing.

string $message: The assertion message to display upon failure.

array $allowed_tags: (optional) The allowed HTML tags to be passed to \Drupal\Component\Utility\Xss::filter().

File

core/tests/Drupal/Tests/Component/Utility/XssTest.php, line 138

Class

XssTest
XSS Filtering tests.

Namespace

Drupal\Tests\Component\Utility

Code

public function testFilterXssNotNormalized($value, $expected, $message, ?array $allowed_tags = NULL) : void {
    if ($allowed_tags === NULL) {
        $value = Xss::filter($value);
    }
    else {
        $value = Xss::filter($value, $allowed_tags);
    }
    $this->assertNotNormalized($value, $expected, $message);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.