function LinkGeneratorTest::testGenerateXss

Same name in other branches
  1. 8.9.x core/tests/Drupal/Tests/Core/Utility/LinkGeneratorTest.php \Drupal\Tests\Core\Utility\LinkGeneratorTest::testGenerateXss()
  2. 10 core/tests/Drupal/Tests/Core/Utility/LinkGeneratorTest.php \Drupal\Tests\Core\Utility\LinkGeneratorTest::testGenerateXss()
  3. 11.x core/tests/Drupal/Tests/Core/Utility/LinkGeneratorTest.php \Drupal\Tests\Core\Utility\LinkGeneratorTest::testGenerateXss()

Tests the link method with a script tab.

See also

\Drupal\Core\Utility\LinkGenerator::generate()

File

core/tests/Drupal/Tests/Core/Utility/LinkGeneratorTest.php, line 403

Class

LinkGeneratorTest
@coversDefaultClass \Drupal\Core\Utility\LinkGenerator @group Utility

Namespace

Drupal\Tests\Core\Utility

Code

public function testGenerateXss() {
    $this->urlGenerator
        ->expects($this->once())
        ->method('generateFromRoute')
        ->with('test_route_4', [], $this->defaultOptions)
        ->willReturn((new GeneratedUrl())->setGeneratedUrl('/test-route-4'));
    // Test that HTML link text is escaped by default.
    $url = new Url('test_route_4');
    $url->setUrlGenerator($this->urlGenerator);
    $result = $this->linkGenerator
        ->generate("<script>alert('XSS!')</script>", $url);
    $this->assertNoXPathResults('//a[@href="/test-route-4"]/script', $result);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.