You are here

Home » API reference » Zircon Profile 8.0 » FilterUnitTest.php » FilterUnitTest

function FilterUnitTest::testAlignFilter in Zircon Profile 8.0

Same name and namespace in other branches
  1. 8 core/modules/filter/src/Tests/FilterUnitTest.php \Drupal\filter\Tests\FilterUnitTest::testAlignFilter()

Tests the align filter.

File

core/modules/filter/src/Tests/FilterUnitTest.php, line 49
Contains \Drupal\filter\Tests\FilterUnitTest.

Class

FilterUnitTest
Tests Filter module filters individually.

Namespace

Drupal\filter\Tests

Code

function testAlignFilter() {
  $filter = $this->filters['filter_align'];
  $test = function ($input) use ($filter) {
    return $filter
      ->process($input, 'und');
  };

  // No data-align attribute.
  $input = '<img src="llama.jpg" />';
  $expected = $input;
  $this
    ->assertIdentical($expected, $test($input)
    ->getProcessedText());

  // Data-align attribute: all 3 allowed values.
  $input = '<img src="llama.jpg" data-align="left" />';
  $expected = '<img src="llama.jpg" class="align-left" />';
  $this
    ->assertIdentical($expected, $test($input)
    ->getProcessedText());
  $input = '<img src="llama.jpg" data-align="center" />';
  $expected = '<img src="llama.jpg" class="align-center" />';
  $this
    ->assertIdentical($expected, $test($input)
    ->getProcessedText());
  $input = '<img src="llama.jpg" data-align="right" />';
  $expected = '<img src="llama.jpg" class="align-right" />';
  $this
    ->assertIdentical($expected, $test($input)
    ->getProcessedText());

  // Data-align attribute: a disallowed value.
  $input = '<img src="llama.jpg" data-align="left foobar" />';
  $expected = '<img src="llama.jpg" />';
  $this
    ->assertIdentical($expected, $test($input)
    ->getProcessedText());

  // Empty data-align attribute.
  $input = '<img src="llama.jpg" data-align="" />';
  $expected = '<img src="llama.jpg" />';
  $this
    ->assertIdentical($expected, $test($input)
    ->getProcessedText());

  // Ensure the filter also works with uncommon yet valid attribute quoting.
  $input = '<img src=llama.jpg data-align=right />';
  $expected = '<img src="llama.jpg" class="align-right" />';
  $output = $test($input);
  $this
    ->assertIdentical($expected, $output
    ->getProcessedText());

  // Security test: attempt to inject an additional class.
  $input = '<img src="llama.jpg" data-align="center another-class-here" />';
  $expected = '<img src="llama.jpg" />';
  $output = $test($input);
  $this
    ->assertIdentical($expected, $output
    ->getProcessedText());

  // Security test: attempt an XSS.
  $input = '<img src="llama.jpg" data-align="center \'onclick=\'alert(foo);" />';
  $expected = '<img src="llama.jpg" />';
  $output = $test($input);
  $this
    ->assertIdentical($expected, $output
    ->getProcessedText());
}