You are here

public function ViewsEscapingTest::testViewsFieldHeaderEscaping in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/views/tests/src/Functional/ViewsEscapingTest.php \Drupal\Tests\views\Functional\ViewsEscapingTest::testViewsFieldHeaderEscaping()
  2. 9 core/modules/views/tests/src/Functional/ViewsEscapingTest.php \Drupal\Tests\views\Functional\ViewsEscapingTest::testViewsFieldHeaderEscaping()

Tests for incorrectly escaped markup in a header label on a display table.

File

core/modules/views/tests/src/Functional/ViewsEscapingTest.php, line 75

Class

ViewsEscapingTest
Tests output of Views.

Namespace

Drupal\Tests\views\Functional

Code

public function testViewsFieldHeaderEscaping() {

  // Test with a field header label having an html element wrapper.
  $this
    ->drupalGet('test_field_header');

  // Assert that there are no escaped '<'s characters.
  $this
    ->assertSession()
    ->assertNoEscaped('<');

  // Test with a field header label having a XSS test as a wrapper.
  $this
    ->drupalGet('test_field_header_xss');

  // Assert that harmful tags are escaped in header label.
  $this
    ->assertSession()
    ->responseNotContains('<script>alert("XSS")</script>');
}