public function RedirectResponseSubscriberTest::providerTestSanitizeDestination in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/tests/Drupal/Tests/Core/EventSubscriber/RedirectResponseSubscriberTest.php \Drupal\Tests\Core\EventSubscriber\RedirectResponseSubscriberTest::providerTestSanitizeDestination()
Data provider for testSanitizeDestination().
File
- core/
tests/ Drupal/ Tests/ Core/ EventSubscriber/ RedirectResponseSubscriberTest.php, line 257 - Contains \Drupal\Tests\Core\EventSubscriber\RedirectResponseSubscriberTest.
Class
- RedirectResponseSubscriberTest
- @coversDefaultClass \Drupal\Core\EventSubscriber\RedirectResponseSubscriber @group EventSubscriber
Namespace
Drupal\Tests\Core\EventSubscriberCode
public function providerTestSanitizeDestination() {
$data = [];
// Standard internal example node path is present in the 'destination'
// parameter.
$data[] = [
'node',
'node',
];
// Internal path with one leading slash is allowed.
$data[] = [
'/example.com',
'/example.com',
];
// External URL without scheme is not allowed.
$data[] = [
'//example.com/test',
'',
];
// Internal URL using a colon is allowed.
$data[] = [
'example:test',
'example:test',
];
// External URL is not allowed.
$data[] = [
'http://example.com',
'',
];
// Javascript URL is allowed because it is treated as an internal URL.
$data[] = [
'javascript:alert(0)',
'javascript:alert(0)',
];
return $data;
}