function AddFeedTest::testFeedLabelEscaping
Same name in other branches
- 8.9.x core/modules/aggregator/tests/src/Functional/AddFeedTest.php \Drupal\Tests\aggregator\Functional\AddFeedTest::testFeedLabelEscaping()
Ensures that the feed label is escaping when rendering the feed icon.
File
-
core/
modules/ aggregator/ tests/ src/ Functional/ AddFeedTest.php, line 65
Class
- AddFeedTest
- Add feed test.
Namespace
Drupal\Tests\aggregator\FunctionalCode
public function testFeedLabelEscaping() {
$feed = $this->createFeed(NULL, [
'title[0][value]' => 'Test feed title <script>alert(123);</script>',
]);
$this->checkForMetaRefresh();
$this->drupalGet('aggregator/sources/' . $feed->id());
$this->assertSession()
->statusCodeEquals(200);
$this->assertSession()
->assertEscaped('Test feed title <script>alert(123);</script>');
$this->assertSession()
->responseNotContains('Test feed title <script>alert(123);</script>');
// Ensure the feed icon title is escaped.
$this->assertStringContainsString('class="feed-icon"> Subscribe to Test feed title <script>alert(123);</script> feed</a>', str_replace([
"\n",
"\r",
], '', $this->getSession()
->getPage()
->getContent()));
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.