You are here

Home » API reference » Drupal 9 » SearchPageTextTest.php » SearchPageTextTest

public function SearchPageTextTest::testSearchLabelXSS in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/search/tests/src/Functional/SearchPageTextTest.php \Drupal\Tests\search\Functional\SearchPageTextTest::testSearchLabelXSS()

Tests for XSS in search module local task.

This is a regression test for https://www.drupal.org/node/2338081

File

core/modules/search/tests/src/Functional/SearchPageTextTest.php, line 55

Class

SearchPageTextTest
Tests the search help text and search page text.

Namespace

Drupal\Tests\search\Functional

Code

public function testSearchLabelXSS() {
  $this
    ->drupalLogin($this
    ->drupalCreateUser([
    'administer search',
  ]));
  $keys['label'] = '<script>alert("Don\'t Panic");</script>';
  $this
    ->drupalGet('admin/config/search/pages/manage/node_search');
  $this
    ->submitForm($keys, 'Save search page');
  $this
    ->drupalLogin($this->searchingUser);
  $this
    ->drupalGet('search/node');
  $this
    ->assertSession()
    ->assertEscaped($keys['label']);
}