function FilterUnitTest::testAlignFilter in Zircon Profile 8.0
Same name and namespace in other branches
- 8 core/modules/filter/src/Tests/FilterUnitTest.php \Drupal\filter\Tests\FilterUnitTest::testAlignFilter()
Tests the align filter.
File
- core/
modules/ filter/ src/ Tests/ FilterUnitTest.php, line 49 - Contains \Drupal\filter\Tests\FilterUnitTest.
Class
- FilterUnitTest
- Tests Filter module filters individually.
Namespace
Drupal\filter\TestsCode
function testAlignFilter() {
$filter = $this->filters['filter_align'];
$test = function ($input) use ($filter) {
return $filter
->process($input, 'und');
};
// No data-align attribute.
$input = '<img src="llama.jpg" />';
$expected = $input;
$this
->assertIdentical($expected, $test($input)
->getProcessedText());
// Data-align attribute: all 3 allowed values.
$input = '<img src="llama.jpg" data-align="left" />';
$expected = '<img src="llama.jpg" class="align-left" />';
$this
->assertIdentical($expected, $test($input)
->getProcessedText());
$input = '<img src="llama.jpg" data-align="center" />';
$expected = '<img src="llama.jpg" class="align-center" />';
$this
->assertIdentical($expected, $test($input)
->getProcessedText());
$input = '<img src="llama.jpg" data-align="right" />';
$expected = '<img src="llama.jpg" class="align-right" />';
$this
->assertIdentical($expected, $test($input)
->getProcessedText());
// Data-align attribute: a disallowed value.
$input = '<img src="llama.jpg" data-align="left foobar" />';
$expected = '<img src="llama.jpg" />';
$this
->assertIdentical($expected, $test($input)
->getProcessedText());
// Empty data-align attribute.
$input = '<img src="llama.jpg" data-align="" />';
$expected = '<img src="llama.jpg" />';
$this
->assertIdentical($expected, $test($input)
->getProcessedText());
// Ensure the filter also works with uncommon yet valid attribute quoting.
$input = '<img src=llama.jpg data-align=right />';
$expected = '<img src="llama.jpg" class="align-right" />';
$output = $test($input);
$this
->assertIdentical($expected, $output
->getProcessedText());
// Security test: attempt to inject an additional class.
$input = '<img src="llama.jpg" data-align="center another-class-here" />';
$expected = '<img src="llama.jpg" />';
$output = $test($input);
$this
->assertIdentical($expected, $output
->getProcessedText());
// Security test: attempt an XSS.
$input = '<img src="llama.jpg" data-align="center \'onclick=\'alert(foo);" />';
$expected = '<img src="llama.jpg" />';
$output = $test($input);
$this
->assertIdentical($expected, $output
->getProcessedText());
}