public function AreaTest::testRenderArea in Drupal 10
Same name and namespace in other branches
- 8 core/modules/views/tests/src/Functional/Handler/AreaTest.php \Drupal\Tests\views\Functional\Handler\AreaTest::testRenderArea()
- 9 core/modules/views/tests/src/Functional/Handler/AreaTest.php \Drupal\Tests\views\Functional\Handler\AreaTest::testRenderArea()
Tests the rendering of an area.
File
- core/
modules/ views/ tests/ src/ Functional/ Handler/ AreaTest.php, line 95
Class
- AreaTest
- Tests the plugin base of the area handler.
Namespace
Drupal\Tests\views\Functional\HandlerCode
public function testRenderArea() {
$view = Views::getView('test_example_area');
$view
->initHandlers();
// Insert a random string with XSS injection in the test area plugin.
// Ensure that the string is rendered for the header, footer, and empty
// text with the markup properly escaped.
$header_string = '<script type="text/javascript">alert("boo");</script><p>' . $this
->randomMachineName() . '</p>';
$footer_string = '<script type="text/javascript">alert("boo");</script><p>' . $this
->randomMachineName() . '</p>';
$empty_string = '<script type="text/javascript">alert("boo");</script><p>' . $this
->randomMachineName() . '</p>';
$view->header['test_example']->options['string'] = $header_string;
$view->header['test_example']->options['empty'] = TRUE;
$view->footer['test_example']->options['string'] = $footer_string;
$view->footer['test_example']->options['empty'] = TRUE;
$view->empty['test_example']->options['string'] = $empty_string;
// Check whether the strings exist in the output and are sanitized.
$output = $view
->preview();
$output = $this->container
->get('renderer')
->renderRoot($output);
$this
->assertStringContainsString(Xss::filterAdmin($header_string), $output, 'Views header exists in the output and is sanitized');
$this
->assertStringContainsString(Xss::filterAdmin($footer_string), $output, 'Views footer exists in the output and is sanitized');
$this
->assertStringContainsString(Xss::filterAdmin($empty_string), $output, 'Views empty exists in the output and is sanitized');
$this
->assertStringNotContainsString('<script', $output, 'Script tags were escaped');
}