You are here

public function ThemeTest::testThemeSuggestions in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/system/tests/src/Kernel/Theme/ThemeTest.php \Drupal\Tests\system\Kernel\Theme\ThemeTest::testThemeSuggestions()

Tests function theme_get_suggestions() for SA-CORE-2009-003.

File

core/modules/system/tests/src/Kernel/Theme/ThemeTest.php, line 79

Class

ThemeTest
Tests low-level theme functions.

Namespace

Drupal\Tests\system\Kernel\Theme

Code

public function testThemeSuggestions() {

  // Set the front page as something random otherwise the CLI
  // test runner fails.
  $this
    ->config('system.site')
    ->set('page.front', '/nobody-home')
    ->save();
  $args = [
    'node',
    '1',
    'edit',
  ];
  $suggestions = theme_get_suggestions($args, 'page');
  $this
    ->assertEquals([
    'page__node',
    'page__node__%',
    'page__node__1',
    'page__node__edit',
  ], $suggestions, 'Found expected node edit page suggestions');

  // Check attack vectors.
  $args = [
    'node',
    '\\1',
  ];
  $suggestions = theme_get_suggestions($args, 'page');
  $this
    ->assertEquals([
    'page__node',
    'page__node__%',
    'page__node__1',
  ], $suggestions, 'Removed invalid \\ from suggestions');
  $args = [
    'node',
    '1/',
  ];
  $suggestions = theme_get_suggestions($args, 'page');
  $this
    ->assertEquals([
    'page__node',
    'page__node__%',
    'page__node__1',
  ], $suggestions, 'Removed invalid / from suggestions');
  $args = [
    'node',
    "1\0",
  ];
  $suggestions = theme_get_suggestions($args, 'page');
  $this
    ->assertEquals([
    'page__node',
    'page__node__%',
    'page__node__1',
  ], $suggestions, 'Removed invalid \\0 from suggestions');

  // Define path with hyphens to be used to generate suggestions.
  $args = [
    'node',
    '1',
    'hyphen-path',
  ];
  $result = [
    'page__node',
    'page__node__%',
    'page__node__1',
    'page__node__hyphen_path',
  ];
  $suggestions = theme_get_suggestions($args, 'page');
  $this
    ->assertEquals($result, $suggestions, 'Found expected page suggestions for paths containing hyphens.');
}