protected function BlockXssTest::doMenuTest in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/block/src/Tests/BlockXssTest.php \Drupal\block\Tests\BlockXssTest::doMenuTest()
Tests XSS coming from Menu block labels.
1 call to BlockXssTest::doMenuTest()
- BlockXssTest::testBlockXss in core/
modules/ block/ src/ Tests/ BlockXssTest.php - Tests various modules that provide blocks for XSS.
File
- core/
modules/ block/ src/ Tests/ BlockXssTest.php, line 138 - Contains \Drupal\block\Tests\BlockXssTest.
Class
- BlockXssTest
- Tests that the block module properly escapes block descriptions.
Namespace
Drupal\block\TestsCode
protected function doMenuTest() {
Menu::create([
'id' => $this
->randomMachineName(),
'label' => '<script>alert("menu");</script>',
])
->save();
$this
->drupalGet(Url::fromRoute('block.admin_display'));
$this
->clickLinkPartialName('Place block');
$this
->assertEscaped('<script>alert("menu");</script>');
$this
->assertNoRaw('<script>alert("menu");</script>');
}