public function BlockXssTest::testXssInCategory in Zircon Profile 8.0

Same name and namespace in other branches

1. 8 core/modules/block/src/Tests/BlockXssTest.php \Drupal\block\Tests\BlockXssTest::testXssInCategory()

Tests XSS in category.

File

core/modules/block/src/Tests/BlockXssTest.php, line 61

Contains \Drupal\block\Tests\BlockXssTest.

Class

BlockXssTest

Tests that the block module properly escapes block descriptions.

Namespace

Drupal\block\Tests

Code

public function testXssInCategory() {
  $this->container
    ->get('module_installer')
    ->install([
    'block_test',
  ]);
  $this
    ->drupalPlaceBlock('test_xss_title');
  $this
    ->drupalLogin($this
    ->drupalCreateUser([
    'administer blocks',
    'access administration pages',
  ]));
  $this
    ->drupalGet(Url::fromRoute('block.admin_display'));
  $this
    ->clickLinkPartialName('Place block');
  $this
    ->assertNoRaw("<script>alert('XSS category');</script>");
}