You are here

public function BrowserTestBaseTest::testEscapingAssertions in Drupal 10

Same name and namespace in other branches
  1. 8 core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php \Drupal\FunctionalTests\BrowserTestBaseTest::testEscapingAssertions()
  2. 9 core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php \Drupal\FunctionalTests\BrowserTestBaseTest::testEscapingAssertions()

Tests assertEscaped() and assertUnescaped().

See also

\Drupal\Tests\WebAssert::assertNoEscaped()

\Drupal\Tests\WebAssert::assertEscaped()

File

core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php, line 656

Class

BrowserTestBaseTest
Tests BrowserTestBase functionality.

Namespace

Drupal\FunctionalTests

Code

public function testEscapingAssertions() {
  $assert = $this
    ->assertSession();
  $this
    ->drupalGet('test-escaped-characters');
  $assert
    ->assertNoEscaped('<div class="escaped">');
  $assert
    ->responseContains('<div class="escaped">');
  $assert
    ->assertEscaped('Escaped: <"\'&>');
  $this
    ->drupalGet('test-escaped-script');
  $assert
    ->assertNoEscaped('<div class="escaped">');
  $assert
    ->responseContains('<div class="escaped">');
  $assert
    ->assertEscaped("<script>alert('XSS');alert(\"XSS\");</script>");
  $this
    ->drupalGet('test-unescaped-script');
  $assert
    ->assertNoEscaped('<div class="unescaped">');
  $assert
    ->responseContains('<div class="unescaped">');
  $assert
    ->responseContains("<script>alert('Marked safe');alert(\"Marked safe\");</script>");
  $assert
    ->assertNoEscaped("<script>alert('Marked safe');alert(\"Marked safe\");</script>");
}