function FilterUnitTestCase::testFilterXSSAdmin in Drupal 7
Tests the loose, admin HTML filter.
File
- modules/
filter/ filter.test, line 1252 - Tests for filter.module.
Class
- FilterUnitTestCase
- Unit tests for core filters.
Code
function testFilterXSSAdmin() {
// DRUPAL-SA-2008-044
$f = filter_xss_admin('<object />');
$this
->assertNoNormalized($f, 'object', 'Admin HTML filter -- should not allow object tag.');
$f = filter_xss_admin('<script />');
$this
->assertNoNormalized($f, 'script', 'Admin HTML filter -- should not allow script tag.');
$f = filter_xss_admin('<style /><iframe /><frame /><frameset /><meta /><link /><embed /><applet /><param /><layer />');
$this
->assertEqual($f, '', 'Admin HTML filter -- should never allow some tags.');
}