public function FieldCustomTest::testCustomFieldXss in Drupal 9
Same name and namespace in other branches
- 8 core/modules/views/tests/src/Kernel/Handler/FieldCustomTest.php \Drupal\Tests\views\Kernel\Handler\FieldCustomTest::testCustomFieldXss()
Ensure that custom field content is XSS filtered.
File
- core/
modules/ views/ tests/ src/ Kernel/ Handler/ FieldCustomTest.php, line 95
Class
- FieldCustomTest
- Tests the core Drupal\views\Plugin\views\field\Custom handler.
Namespace
Drupal\Tests\views\Kernel\HandlerCode
public function testCustomFieldXss() {
$view = Views::getView('test_view');
$view
->setDisplay();
// Alter the text of the field to include XSS.
$text = '<script>alert("kittens")</script>';
$view->displayHandlers
->get('default')
->overrideOption('fields', [
'name' => [
'id' => 'name',
'table' => 'views_test_data',
'field' => 'name',
'relationship' => 'none',
'alter' => [
'text' => $text,
],
],
]);
$this
->executeView($view);
$this
->assertEquals(Xss::filter($text), $view->style_plugin
->getField(0, 'name'));
}