Tests for filter_xss() and check_url().
Expanded class hierarchy of XssUnitTest
class XssUnitTest extends DrupalUnitTestBase {
/**
* Modules to enable.
*
* @var array
*/
public static $modules = array(
'filter',
);
public static function getInfo() {
return array(
'name' => 'String filtering tests',
'description' => 'Confirm that filter_xss() and check_url() work correctly, including invalid multi-byte sequences.',
'group' => 'Common',
);
}
protected function setUp() {
parent::setUp();
config_install_default_config('module', 'system');
}
/**
* Tests t() functionality.
*/
function testT() {
$text = t('Simple text');
$this
->assertEqual($text, 'Simple text', 't leaves simple text alone.');
$text = t('Escaped text: @value', array(
'@value' => '<script>',
));
$this
->assertEqual($text, 'Escaped text: <script>', 't replaces and escapes string.');
$text = t('Placeholder text: %value', array(
'%value' => '<script>',
));
$this
->assertEqual($text, 'Placeholder text: <em class="placeholder"><script></em>', 't replaces, escapes and themes string.');
$text = t('Verbatim text: !value', array(
'!value' => '<script>',
));
$this
->assertEqual($text, 'Verbatim text: <script>', 't replaces verbatim string as-is.');
}
/**
* Checks that harmful protocols are stripped.
*/
function testBadProtocolStripping() {
// Ensure that check_url() strips out harmful protocols, and encodes for
// HTML. Ensure drupal_strip_dangerous_protocols() can be used to return a
// plain-text string stripped of harmful protocols.
$url = 'javascript:http://www.example.com/?x=1&y=2';
$expected_plain = 'http://www.example.com/?x=1&y=2';
$expected_html = 'http://www.example.com/?x=1&y=2';
$this
->assertIdentical(check_url($url), $expected_html, 'check_url() filters a URL and encodes it for HTML.');
$this
->assertIdentical(drupal_strip_dangerous_protocols($url), $expected_plain, 'drupal_strip_dangerous_protocols() filters a URL and returns plain text.');
}
}
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
DrupalUnitTestBase:: |
protected | property | A KeyValueMemoryFactory instance to use when building the container. | |
DrupalUnitTestBase:: |
private | property | ||
DrupalUnitTestBase:: |
private | property | ||
DrupalUnitTestBase:: |
private | property | ||
DrupalUnitTestBase:: |
public | function | Sets up the base service container for this test. | 1 |
DrupalUnitTestBase:: |
protected | function | Disables modules for this test. | |
DrupalUnitTestBase:: |
protected | function | Enables modules for this test. | |
DrupalUnitTestBase:: |
protected | function | Installs default configuration for a given list of modules. | |
DrupalUnitTestBase:: |
protected | function | Installs a specific table from a module schema definition. | |
DrupalUnitTestBase:: |
protected | function |
Deletes created files, database tables, and reverts all environment changes. Overrides TestBase:: |
2 |
DrupalUnitTestBase:: |
function |
Overrides \Drupal\simpletest\UnitTestBase::__construct(). Overrides UnitTestBase:: |
||
TestBase:: |
protected | property | Assertions thrown in that test case. | |
TestBase:: |
protected | property | The config importer that can used in a test. | 1 |
TestBase:: |
protected | property | The dependency injection container used in the test. | 1 |
TestBase:: |
protected | property | The database prefix of this test run. | |
TestBase:: |
public | property | Whether to die in case any test assertion fails. | |
TestBase:: |
protected | property | The original file directory, before it was changed for testing purposes. | |
TestBase:: |
protected | property | The original database prefix when running inside Simpletest. | |
TestBase:: |
protected | property | The settings array. | |
TestBase:: |
protected | property | The public file directory for the test environment. | |
TestBase:: |
public | property | Current results of this test case. | |
TestBase:: |
protected | property | Flag to indicate whether the test has been set up. | |
TestBase:: |
protected | property | ||
TestBase:: |
protected | property | ||
TestBase:: |
protected | property | This class is skipped when looking for the source of an assertion. | |
TestBase:: |
protected | property | The test run ID. | |
TestBase:: |
protected | property | Time limit for the test. | |
TestBase:: |
protected | property | TRUE if verbose debugging is enabled. | |
TestBase:: |
protected | property | Safe class name for use in verbose output filenames. | |
TestBase:: |
protected | property | Directory where verbose output files are put. | |
TestBase:: |
protected | property | URL to the verbose output file directory. | |
TestBase:: |
protected | property | Incrementing identifier for verbose output filenames. | |
TestBase:: |
protected | function | Internal helper: stores the assert. | |
TestBase:: |
protected | function | Check to see if two values are equal. | |
TestBase:: |
protected | function | Check to see if a value is false (an empty string, 0, NULL, or FALSE). | |
TestBase:: |
protected | function | Check to see if two values are identical. | |
TestBase:: |
protected | function | Checks to see if two objects are identical. | |
TestBase:: |
protected | function | Check to see if two values are not equal. | |
TestBase:: |
protected | function | Check to see if two values are not identical. | |
TestBase:: |
protected | function | Check to see if a value is not NULL. | |
TestBase:: |
protected | function | Check to see if a value is NULL. | |
TestBase:: |
protected | function | Check to see if a value is not false (not an empty string, 0, NULL, or FALSE). | |
TestBase:: |
protected | function | Changes the database connection to the prefixed one. | |
TestBase:: |
protected | function | Checks the matching requirements for Test. | 4 |
TestBase:: |
public | function | Returns a ConfigImporter object to import test importing of configuration. | 1 |
TestBase:: |
public | function | Copies configuration objects from source storage to target storage. | |
TestBase:: |
public static | function | Delete an assertion record by message ID. | |
TestBase:: |
protected | function | Fire an error assertion. | 1 |
TestBase:: |
public | function | Handle errors during test runs. | |
TestBase:: |
protected | function | Handle exceptions. | |
TestBase:: |
protected | function | Fire an assertion that is always negative. | |
TestBase:: |
public static | function | Ensures test files are deletable within file_unmanaged_delete_recursive(). | |
TestBase:: |
public static | function | Converts a list of possible parameters into a stack of permutations. | |
TestBase:: |
protected | function | Cycles through backtrace until the first non-assertion method is found. | |
TestBase:: |
public static | function | Returns the database connection to the site running Simpletest. | |
TestBase:: |
public static | function | Store an assertion from outside the testing context. | |
TestBase:: |
protected | function | Fire an assertion that is always positive. | |
TestBase:: |
protected | function | Create and set new configuration directories. | 1 |
TestBase:: |
protected | function | Generates a database prefix for running tests. | |
TestBase:: |
protected | function | Prepares the current environment for running the test. | |
TestBase:: |
public static | function | Generates a random string containing letters and numbers. | |
TestBase:: |
public static | function | Generates a random PHP object. | |
TestBase:: |
public static | function | Generates a random string of ASCII characters of codes 32 to 126. | |
TestBase:: |
protected | function | Rebuild drupal_container(). | 1 |
TestBase:: |
public | function | Run all tests in this class. | |
TestBase:: |
protected | function | Changes in memory settings. | |
TestBase:: |
protected | function | Logs verbose message in a text file. | |
UnitTestBase:: |
protected | property | ||
XssUnitTest:: |
public static | property |
Modules to enable. Overrides DrupalUnitTestBase:: |
|
XssUnitTest:: |
public static | function | ||
XssUnitTest:: |
protected | function |
Sets up Drupal unit test environment. Overrides DrupalUnitTestBase:: |
|
XssUnitTest:: |
function | Checks that harmful protocols are stripped. | ||
XssUnitTest:: |
function | Tests t() functionality. |