class XssUnitTest

Tests for filter_xss() and check_url().

Hierarchy

class \Drupal\simpletest\TestBase
- class \Drupal\simpletest\UnitTestBase
  - class \Drupal\simpletest\DrupalUnitTestBase
    class \Drupal\system\Tests\Common\XssUnitTest

Expanded class hierarchy of XssUnitTest

File

drupal/core/modules/system/lib/Drupal/system/Tests/Common/XssUnitTest.php, line 15: Definition of Drupal\system\Tests\Common\XssUnitTest.

Namespace

Drupal\system\Tests\Common

View source

class XssUnitTest extends DrupalUnitTestBase {

  /**
   * Modules to enable.
   *
   * @var array
   */
  public static $modules = array(
    'filter',
  );
  public static function getInfo() {
    return array(
      'name' => 'String filtering tests',
      'description' => 'Confirm that filter_xss() and check_url() work correctly, including invalid multi-byte sequences.',
      'group' => 'Common',
    );
  }
  protected function setUp() {
    parent::setUp();
    config_install_default_config('module', 'system');
  }

  /**
   * Tests t() functionality.
   */
  function testT() {
    $text = t('Simple text');
    $this
      ->assertEqual($text, 'Simple text', 't leaves simple text alone.');
    $text = t('Escaped text: @value', array(
      '@value' => '<script>',
    ));
    $this
      ->assertEqual($text, 'Escaped text: &lt;script&gt;', 't replaces and escapes string.');
    $text = t('Placeholder text: %value', array(
      '%value' => '<script>',
    ));
    $this
      ->assertEqual($text, 'Placeholder text: <em class="placeholder">&lt;script&gt;</em>', 't replaces, escapes and themes string.');
    $text = t('Verbatim text: !value', array(
      '!value' => '<script>',
    ));
    $this
      ->assertEqual($text, 'Verbatim text: <script>', 't replaces verbatim string as-is.');
  }

  /**
   * Checks that harmful protocols are stripped.
   */
  function testBadProtocolStripping() {

    // Ensure that check_url() strips out harmful protocols, and encodes for
    // HTML. Ensure drupal_strip_dangerous_protocols() can be used to return a
    // plain-text string stripped of harmful protocols.
    $url = 'javascript:http://www.example.com/?x=1&y=2';
    $expected_plain = 'http://www.example.com/?x=1&y=2';
    $expected_html = 'http://www.example.com/?x=1&amp;y=2';
    $this
      ->assertIdentical(check_url($url), $expected_html, 'check_url() filters a URL and encodes it for HTML.');
    $this
      ->assertIdentical(drupal_strip_dangerous_protocols($url), $expected_plain, 'drupal_strip_dangerous_protocols() filters a URL and returns plain text.');
  }

}

Members

Name	Modifiers	Type	Description	Overrides
DrupalUnitTestBase::$keyValueFactory	protected	property	A KeyValueMemoryFactory instance to use when building the container.
DrupalUnitTestBase::$moduleFiles	private	property
DrupalUnitTestBase::$themeData	private	property
DrupalUnitTestBase::$themeFiles	private	property
DrupalUnitTestBase::containerBuild	public	function	Sets up the base service container for this test.	1
DrupalUnitTestBase::disableModules	protected	function	Disables modules for this test.
DrupalUnitTestBase::enableModules	protected	function	Enables modules for this test.
DrupalUnitTestBase::installConfig	protected	function	Installs default configuration for a given list of modules.
DrupalUnitTestBase::installSchema	protected	function	Installs a specific table from a module schema definition.
DrupalUnitTestBase::tearDown	protected	function	Deletes created files, database tables, and reverts all environment changes. Overrides TestBase::tearDown	2
DrupalUnitTestBase::__construct		function	Overrides \Drupal\simpletest\UnitTestBase::__construct(). Overrides UnitTestBase::__construct
TestBase::$assertions	protected	property	Assertions thrown in that test case.
TestBase::$configImporter	protected	property	The config importer that can used in a test.	1
TestBase::$container	protected	property	The dependency injection container used in the test.	1
TestBase::$databasePrefix	protected	property	The database prefix of this test run.
TestBase::$dieOnFail	public	property	Whether to die in case any test assertion fails.
TestBase::$originalFileDirectory	protected	property	The original file directory, before it was changed for testing purposes.
TestBase::$originalPrefix	protected	property	The original database prefix when running inside Simpletest.
TestBase::$originalSettings	protected	property	The settings array.
TestBase::$public_files_directory	protected	property	The public file directory for the test environment.
TestBase::$results	public	property	Current results of this test case.
TestBase::$setup	protected	property	Flag to indicate whether the test has been set up.
TestBase::$setupDatabasePrefix	protected	property
TestBase::$setupEnvironment	protected	property
TestBase::$skipClasses	protected	property	This class is skipped when looking for the source of an assertion.
TestBase::$testId	protected	property	The test run ID.
TestBase::$timeLimit	protected	property	Time limit for the test.
TestBase::$verbose	protected	property	TRUE if verbose debugging is enabled.
TestBase::$verboseClassName	protected	property	Safe class name for use in verbose output filenames.
TestBase::$verboseDirectory	protected	property	Directory where verbose output files are put.
TestBase::$verboseDirectoryUrl	protected	property	URL to the verbose output file directory.
TestBase::$verboseId	protected	property	Incrementing identifier for verbose output filenames.
TestBase::assert	protected	function	Internal helper: stores the assert.
TestBase::assertEqual	protected	function	Check to see if two values are equal.
TestBase::assertFalse	protected	function	Check to see if a value is false (an empty string, 0, NULL, or FALSE).
TestBase::assertIdentical	protected	function	Check to see if two values are identical.
TestBase::assertIdenticalObject	protected	function	Checks to see if two objects are identical.
TestBase::assertNotEqual	protected	function	Check to see if two values are not equal.
TestBase::assertNotIdentical	protected	function	Check to see if two values are not identical.
TestBase::assertNotNull	protected	function	Check to see if a value is not NULL.
TestBase::assertNull	protected	function	Check to see if a value is NULL.
TestBase::assertTrue	protected	function	Check to see if a value is not false (not an empty string, 0, NULL, or FALSE).
TestBase::changeDatabasePrefix	protected	function	Changes the database connection to the prefixed one.
TestBase::checkRequirements	protected	function	Checks the matching requirements for Test.	4
TestBase::configImporter	public	function	Returns a ConfigImporter object to import test importing of configuration.	1
TestBase::copyConfig	public	function	Copies configuration objects from source storage to target storage.
TestBase::deleteAssert	public static	function	Delete an assertion record by message ID.
TestBase::error	protected	function	Fire an error assertion.	1
TestBase::errorHandler	public	function	Handle errors during test runs.
TestBase::exceptionHandler	protected	function	Handle exceptions.
TestBase::fail	protected	function	Fire an assertion that is always negative.
TestBase::filePreDeleteCallback	public static	function	Ensures test files are deletable within file_unmanaged_delete_recursive().
TestBase::generatePermutations	public static	function	Converts a list of possible parameters into a stack of permutations.
TestBase::getAssertionCall	protected	function	Cycles through backtrace until the first non-assertion method is found.
TestBase::getDatabaseConnection	public static	function	Returns the database connection to the site running Simpletest.
TestBase::insertAssert	public static	function	Store an assertion from outside the testing context.
TestBase::pass	protected	function	Fire an assertion that is always positive.
TestBase::prepareConfigDirectories	protected	function	Create and set new configuration directories.	1
TestBase::prepareDatabasePrefix	protected	function	Generates a database prefix for running tests.
TestBase::prepareEnvironment	protected	function	Prepares the current environment for running the test.
TestBase::randomName	public static	function	Generates a random string containing letters and numbers.
TestBase::randomObject	public static	function	Generates a random PHP object.
TestBase::randomString	public static	function	Generates a random string of ASCII characters of codes 32 to 126.
TestBase::rebuildContainer	protected	function	Rebuild drupal_container().	1
TestBase::run	public	function	Run all tests in this class.
TestBase::settingsSet	protected	function	Changes in memory settings.
TestBase::verbose	protected	function	Logs verbose message in a text file.
UnitTestBase::$configDirectories	protected	property
XssUnitTest::$modules	public static	property	Modules to enable. Overrides DrupalUnitTestBase::$modules
XssUnitTest::getInfo	public static	function
XssUnitTest::setUp	protected	function	Sets up Drupal unit test environment. Overrides DrupalUnitTestBase::setUp
XssUnitTest::testBadProtocolStripping		function	Checks that harmful protocols are stripped.
XssUnitTest::testT		function	Tests t() functionality.

Main menu

Search Drupal 8.x

API Navigation

class XssUnitTest

Hierarchy

File

Namespace

Members

Main menu

You are here

Search Drupal 8.x

API Navigation

class XssUnitTest

Hierarchy

File

Namespace

Members