public function LinkGeneratorTest::testGenerateXss in Drupal 9
Same name and namespace in other branches
- 8 core/tests/Drupal/Tests/Core/Utility/LinkGeneratorTest.php \Drupal\Tests\Core\Utility\LinkGeneratorTest::testGenerateXss()
Tests the link method with a script tab.
See also
\Drupal\Core\Utility\LinkGenerator::generate()
File
- core/
tests/ Drupal/ Tests/ Core/ Utility/ LinkGeneratorTest.php, line 403
Class
- LinkGeneratorTest
- @coversDefaultClass \Drupal\Core\Utility\LinkGenerator @group Utility
Namespace
Drupal\Tests\Core\UtilityCode
public function testGenerateXss() {
$this->urlGenerator
->expects($this
->once())
->method('generateFromRoute')
->with('test_route_4', [], $this->defaultOptions)
->willReturn((new GeneratedUrl())
->setGeneratedUrl('/test-route-4'));
// Test that HTML link text is escaped by default.
$url = new Url('test_route_4');
$url
->setUrlGenerator($this->urlGenerator);
$result = $this->linkGenerator
->generate("<script>alert('XSS!')</script>", $url);
$this
->assertNoXPathResults('//a[@href="/test-route-4"]/script', $result);
}