You are here

function FilterUnitTestCase::testFilterXSSAdmin in Drupal 7

Tests the loose, admin HTML filter.

File

modules/filter/filter.test, line 1252
Tests for filter.module.

Class

FilterUnitTestCase
Unit tests for core filters.

Code

function testFilterXSSAdmin() {

  // DRUPAL-SA-2008-044
  $f = filter_xss_admin('<object />');
  $this
    ->assertNoNormalized($f, 'object', 'Admin HTML filter -- should not allow object tag.');
  $f = filter_xss_admin('<script />');
  $this
    ->assertNoNormalized($f, 'script', 'Admin HTML filter -- should not allow script tag.');
  $f = filter_xss_admin('<style /><iframe /><frame /><frameset /><meta /><link /><embed /><applet /><param /><layer />');
  $this
    ->assertEqual($f, '', 'Admin HTML filter -- should never allow some tags.');
}