You are here

public function AreaTest::testRenderArea in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/views/tests/src/Functional/Handler/AreaTest.php \Drupal\Tests\views\Functional\Handler\AreaTest::testRenderArea()
  2. 10 core/modules/views/tests/src/Functional/Handler/AreaTest.php \Drupal\Tests\views\Functional\Handler\AreaTest::testRenderArea()

Tests the rendering of an area.

File

core/modules/views/tests/src/Functional/Handler/AreaTest.php, line 95

Class

AreaTest
Tests the plugin base of the area handler.

Namespace

Drupal\Tests\views\Functional\Handler

Code

public function testRenderArea() {
  $view = Views::getView('test_example_area');
  $view
    ->initHandlers();

  // Insert a random string with XSS injection in the test area plugin.
  // Ensure that the string is rendered for the header, footer, and empty
  // text with the markup properly escaped.
  $header_string = '<script type="text/javascript">alert("boo");</script><p>' . $this
    ->randomMachineName() . '</p>';
  $footer_string = '<script type="text/javascript">alert("boo");</script><p>' . $this
    ->randomMachineName() . '</p>';
  $empty_string = '<script type="text/javascript">alert("boo");</script><p>' . $this
    ->randomMachineName() . '</p>';
  $view->header['test_example']->options['string'] = $header_string;
  $view->header['test_example']->options['empty'] = TRUE;
  $view->footer['test_example']->options['string'] = $footer_string;
  $view->footer['test_example']->options['empty'] = TRUE;
  $view->empty['test_example']->options['string'] = $empty_string;

  // Check whether the strings exist in the output and are sanitized.
  $output = $view
    ->preview();
  $output = $this->container
    ->get('renderer')
    ->renderRoot($output);
  $this
    ->assertStringContainsString(Xss::filterAdmin($header_string), $output, 'Views header exists in the output and is sanitized');
  $this
    ->assertStringContainsString(Xss::filterAdmin($footer_string), $output, 'Views footer exists in the output and is sanitized');
  $this
    ->assertStringContainsString(Xss::filterAdmin($empty_string), $output, 'Views empty exists in the output and is sanitized');
  $this
    ->assertStringNotContainsString('<script', $output, 'Script tags were escaped');
}