public function TwigRawTest::testAutoescape in Drupal 8
Same name and namespace in other branches
- 9 core/modules/system/tests/src/Kernel/Theme/TwigRawTest.php \Drupal\Tests\system\Kernel\Theme\TwigRawTest::testAutoescape()
Tests autoescaping of unsafe content.
This is one of the most important tests in Drupal itself in terms of security.
File
- core/
modules/ system/ tests/ src/ Kernel/ Theme/ TwigRawTest.php, line 40
Class
- TwigRawTest
- Tests Twig 'raw' filter.
Namespace
Drupal\Tests\system\Kernel\ThemeCode
public function testAutoescape() {
$script = '<script>alert("This alert is unreal!");</script>';
$build = [
'#theme' => 'twig_autoescape_test',
'#script' => $script,
];
$rendered = \Drupal::service('renderer')
->renderRoot($build);
$this
->setRawContent($rendered);
$this
->assertEscaped($script);
}