function AttributeTest::providerTestAttributeValues

Same name and namespace in other branches

9 core/tests/Drupal/Tests/Core/Template/AttributeTest.php \Drupal\Tests\Core\Template\AttributeTest::providerTestAttributeValues()
10 core/tests/Drupal/Tests/Core/Template/AttributeTest.php \Drupal\Tests\Core\Template\AttributeTest::providerTestAttributeValues()
11.x core/tests/Drupal/Tests/Core/Template/AttributeTest.php \Drupal\Tests\Core\Template\AttributeTest::providerTestAttributeValues()

File

core/tests/Drupal/Tests/Core/Template/AttributeTest.php, line 362

Class

AttributeTest: @coversDefaultClass <a href="/api/drupal/core%21lib%21Drupal%21Core%21Template%21Attribute.php/class/Attribute/8.9.x" title="Collects, sanitizes, and renders HTML attributes." class="local">\Drupal\Core\Template\Attribute</a> @group Template

Namespace

Drupal\Tests\Core\Template

Code

public function providerTestAttributeValues() {
    $data = [];
    $string = '"> <script>alert(123)</script>"';
    $data['safe-object-xss1'] = [
        [
            'title' => Markup::create($string),
        ],
        ' title="&quot;&gt; alert(123)&quot;"',
    ];
    $data['non-safe-object-xss1'] = [
        [
            'title' => $string,
        ],
        ' title="' . Html::escape($string) . '"',
    ];
    $string = '&quot;><script>alert(123)</script>';
    $data['safe-object-xss2'] = [
        [
            'title' => Markup::create($string),
        ],
        ' title="&quot;&gt;alert(123)"',
    ];
    $data['non-safe-object-xss2'] = [
        [
            'title' => $string,
        ],
        ' title="' . Html::escape($string) . '"',
    ];
    return $data;
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.

function AttributeTest::providerTestAttributeValues

File

Class

Namespace

Code

Search drupal 8.9.x

API Navigation

Breadcrumb

function AttributeTest::providerTestAttributeValues

File

Class

Namespace

Code

Search drupal 8.9.x

API Navigation