You are here

Home » API reference » Drupal 8 » FilterSecurityTest.php » FilterSecurityTest

public function FilterSecurityTest::testSkipSecurityFilters in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/filter/tests/src/Functional/FilterSecurityTest.php \Drupal\Tests\filter\Functional\FilterSecurityTest::testSkipSecurityFilters()

Tests that security filters are enforced even when marked to be skipped.

File

core/modules/filter/tests/src/Functional/FilterSecurityTest.php, line 93

Class

FilterSecurityTest
Tests the behavior of check_markup() when a filter or text format vanishes, or when check_markup() is called in such a way that it is instructed to skip all filters of the "FilterInterface::TYPE_HTML_RESTRICTOR" type.

Namespace

Drupal\Tests\filter\Functional

Code

public function testSkipSecurityFilters() {
  $text = "Text with some disallowed tags: <script />, <p><object>unicorn</object></p>, <i><table></i>.";
  $expected_filtered_text = "Text with some disallowed tags: , <p>unicorn</p>, .";
  $this
    ->assertEqual(check_markup($text, 'filtered_html', '', []), $expected_filtered_text, 'Expected filter result.');
  $this
    ->assertEqual(check_markup($text, 'filtered_html', '', [
    FilterInterface::TYPE_HTML_RESTRICTOR,
  ]), $expected_filtered_text, 'Expected filter result, even when trying to disable filters of the FilterInterface::TYPE_HTML_RESTRICTOR type.');
}