public function XssTest::testFilterXssNotNormalized in Drupal 8
Same name and namespace in other branches
- 9 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNotNormalized()
- 10 core/tests/Drupal/Tests/Component/Utility/XssTest.php \Drupal\Tests\Component\Utility\XssTest::testFilterXssNotNormalized()
Tests limiting to allowed tags and XSS prevention.
XSS tests assume that script is disallowed by default and src is allowed by default, but on* and style attributes are disallowed.
@dataProvider providerTestFilterXssNotNormalized
Parameters
string $value: The value to filter.
string $expected: The string that is expected to be missing.
string $message: The assertion message to display upon failure.
array $allowed_tags: (optional) The allowed HTML tags to be passed to \Drupal\Component\Utility\Xss::filter().
File
- core/
tests/ Drupal/ Tests/ Component/ Utility/ XssTest.php, line 132
Class
- XssTest
- XSS Filtering tests.
Namespace
Drupal\Tests\Component\UtilityCode
public function testFilterXssNotNormalized($value, $expected, $message, array $allowed_tags = NULL) {
if ($allowed_tags === NULL) {
$value = Xss::filter($value);
}
else {
$value = Xss::filter($value, $allowed_tags);
}
$this
->assertNotNormalized($value, $expected, $message);
}