public function HandlerTest::testHandlerHelpEscaping in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/views_ui/src/Tests/HandlerTest.php \Drupal\views_ui\Tests\HandlerTest::testHandlerHelpEscaping()
Tests escaping of field labels in help text.
File
- core/
modules/ views_ui/ src/ Tests/ HandlerTest.php, line 161 - Contains \Drupal\views_ui\Tests\HandlerTest.
Class
- HandlerTest
- Tests handler UI for views.
Namespace
Drupal\views_ui\TestsCode
public function testHandlerHelpEscaping() {
// Setup a field with two instances using a different label.
// Ensure that the label is escaped properly.
$this
->drupalCreateContentType([
'type' => 'article',
]);
$this
->drupalCreateContentType([
'type' => 'page',
]);
FieldStorageConfig::create([
'field_name' => 'field_test',
'entity_type' => 'node',
'type' => 'string',
])
->save();
FieldConfig::create([
'field_name' => 'field_test',
'entity_type' => 'node',
'bundle' => 'page',
'label' => 'The giraffe" label',
])
->save();
FieldConfig::create([
'field_name' => 'field_test',
'entity_type' => 'node',
'bundle' => 'article',
'label' => 'The <em>giraffe"</em> label <script>alert("the return of the xss")</script>',
])
->save();
$this
->drupalGet('admin/structure/views/nojs/add-handler/content/default/field');
$this
->assertEscaped('The <em>giraffe"</em> label <script>alert("the return of the xss")</script>');
$this
->assertEscaped('Appears in: page, article. Also known as: Content: The giraffe" label');
}