function LocaleTranslationUiTest::testStringValidation
Same name in other branches
- 8.9.x core/modules/locale/tests/src/Functional/LocaleTranslationUiTest.php \Drupal\Tests\locale\Functional\LocaleTranslationUiTest::testStringValidation()
- 10 core/modules/locale/tests/src/Functional/LocaleTranslationUiTest.php \Drupal\Tests\locale\Functional\LocaleTranslationUiTest::testStringValidation()
- 11.x core/modules/locale/tests/src/Functional/LocaleTranslationUiTest.php \Drupal\Tests\locale\Functional\LocaleTranslationUiTest::testStringValidation()
Tests the validation of the translation input.
File
-
core/
modules/ locale/ tests/ src/ Functional/ LocaleTranslationUiTest.php, line 318
Class
- LocaleTranslationUiTest
- Tests the validation of translation strings and search results.
Namespace
Drupal\Tests\locale\FunctionalCode
public function testStringValidation() {
// User to add language and strings.
$admin_user = $this->drupalCreateUser([
'administer languages',
'access administration pages',
'translate interface',
]);
$this->drupalLogin($admin_user);
$langcode = 'xx';
// The English name for the language. This will be translated.
$name = $this->randomMachineName(16);
// These will be the invalid translations of $name.
$key = $this->randomMachineName(16);
$bad_translations[$key] = "<script>alert('xss');</script>" . $key;
$key = $this->randomMachineName(16);
$bad_translations[$key] = '<img SRC="javascript:alert(\'xss\');">' . $key;
$key = $this->randomMachineName(16);
$bad_translations[$key] = '<<SCRIPT>alert("xss");//<</SCRIPT>' . $key;
$key = $this->randomMachineName(16);
$bad_translations[$key] = "<BODY ONLOAD=alert('xss')>" . $key;
// Add custom language.
$edit = [
'predefined_langcode' => 'custom',
'langcode' => $langcode,
'label' => $name,
'direction' => LanguageInterface::DIRECTION_LTR,
];
$this->drupalGet('admin/config/regional/language/add');
$this->submitForm($edit, 'Add custom language');
// Add string.
t($name, [], [
'langcode' => $langcode,
])->render();
// Reset locale cache.
$search = [
'string' => $name,
'langcode' => $langcode,
'translation' => 'all',
];
$this->drupalGet('admin/config/regional/translate');
$this->submitForm($search, 'Filter');
// Find the edit path.
$textarea = $this->assertSession()
->elementExists('xpath', '//textarea');
$lid = $textarea->getAttribute('name');
foreach ($bad_translations as $translation) {
$edit = [
$lid => $translation,
];
$this->drupalGet('admin/config/regional/translate');
$this->submitForm($edit, 'Save translations');
// Check for a form error on the textarea, which means the string was
// rejected as unsafe.
$this->assertSession()
->elementAttributeContains('xpath', '//form[@id="locale-translate-edit-form"]//textarea', 'class', 'error');
$this->assertSession()
->pageTextNotContains('The string has been saved.');
}
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.