function EditorSecurityTest::testEditorXssFilterOverride in Zircon Profile 8.0
Same name and namespace in other branches
- 8 core/modules/editor/src/Tests/EditorSecurityTest.php \Drupal\editor\Tests\EditorSecurityTest::testEditorXssFilterOverride()
Tests the standard text editor XSS filter being overridden.
File
- core/
modules/ editor/ src/ Tests/ EditorSecurityTest.php, line 421 - Contains \Drupal\editor\Tests\EditorSecurityTest.
Class
- EditorSecurityTest
- Tests XSS protection for content creators when using text editors.
Namespace
Drupal\editor\TestsCode
function testEditorXssFilterOverride() {
// First: the Standard text editor XSS filter.
$this
->drupalLogin($this->normalUser);
$this
->drupalGet('node/2/edit');
$dom_node = $this
->xpath('//textarea[@id="edit-body-0-value"]');
$this
->assertIdentical(self::$sampleContentSecured, (string) $dom_node[0], 'The value was filtered by the Standard text editor XSS filter.');
// Enable editor_test.module's hook_editor_xss_filter_alter() implementation
// to alter the text editor XSS filter class being used.
\Drupal::state()
->set('editor_test_editor_xss_filter_alter_enabled', TRUE);
// First: the Insecure text editor XSS filter.
$this
->drupalGet('node/2/edit');
$dom_node = $this
->xpath('//textarea[@id="edit-body-0-value"]');
$this
->assertIdentical(self::$sampleContent, (string) $dom_node[0], 'The value was filtered by the Insecure text editor XSS filter.');
}