function XssTest::testQuestionSign
Same name in other branches
- 9 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testQuestionSign()
- 8.9.x core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testQuestionSign()
- 11.x core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testQuestionSign()
Checks that strings starting with a question sign are correctly processed.
File
-
core/
tests/ Drupal/ Tests/ Component/ Utility/ XssTest.php, line 479
Class
- XssTest
- XSS Filtering tests.
Namespace
Drupal\Tests\Component\UtilityCode
public function testQuestionSign() : void {
$value = Xss::filter('<?xml:namespace ns="urn:schemas-microsoft-com:time">');
$this->assertStringNotContainsStringIgnoringCase('<?xml', $value, 'HTML tag stripping evasion -- starting with a question sign (processing instructions).');
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.