CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
drupalGetWithAlert example
$this->drupalGet('test-escaped-characters');
$assert->assertNoEscaped('<div class="escaped">');
$assert->responseContains('<div class="escaped">');
$assert->assertEscaped('Escaped: <"\'&>');
$this->drupalGet('test-escaped-script');
$assert->assertNoEscaped('<div class="escaped">');
$assert->responseContains('<div class="escaped">');
$assert->assertEscaped("<script>alert('XSS');alert(\"XSS\");</script>");
$this->drupalGetWithAlert('test-unescaped-script');
$assert->assertNoEscaped('<div class="unescaped">');
$assert->responseContains('<div class="unescaped">');
$assert->responseContains("<script>alert('Marked safe');alert(\"Marked safe\");</script>");
$assert->assertNoEscaped("<script>alert('Marked safe');alert(\"Marked safe\");</script>");
}
/** * Retrieves a Drupal path or an absolute path. * * @param string|\Drupal\Core\Url $path * Drupal path or URL to load into Mink controlled browser. * @param array $options * (optional) Options to be forwarded to the URL generator. * @param string[] $headers * An array containing additional HTTP request headers, the array keys are * the header names and the array values the header values. This is useful * to set for example the "Accept-Language" header for requesting the page * in a different language. Note that not all headers are supported, for * example the "Accept" header is always overridden by the browser. For * testing REST APIs it is recommended to obtain a separate HTTP client * using getHttpClient() and performing requests that way. * * @return string * The retrieved HTML string, also available as $this->getRawContent() * * @see \Drupal\Tests\BrowserTestBase::getHttpClient() */
$assert->assertNoEscaped('<div class="escaped">');
$assert->responseContains('<div class="escaped">');
$assert->assertEscaped('Escaped: <"\'&>');
$this->drupalGet('test-escaped-script');
$assert->assertNoEscaped('<div class="escaped">');
$assert->responseContains('<div class="escaped">');
$assert->assertEscaped("<script>alert('XSS');alert(\"XSS\");</script>");
$this->drupalGetWithAlert('test-unescaped-script');
$assert->assertNoEscaped('<div class="unescaped">');
$assert->responseContains('<div class="unescaped">');
$assert->responseContains("<script>alert('Marked safe');alert(\"Marked safe\");</script>");
$assert->assertNoEscaped("<script>alert('Marked safe');alert(\"Marked safe\");</script>");
}
/** * Retrieves a Drupal path or an absolute path. * * @param string|\Drupal\Core\Url $path * Drupal path or URL to load into Mink controlled browser. * @param array $options * (optional) Options to be forwarded to the URL generator. * @param string[] $headers * An array containing additional HTTP request headers, the array keys are * the header names and the array values the header values. This is useful * to set for example the "Accept-Language" header for requesting the page * in a different language. Note that not all headers are supported, for * example the "Accept" header is always overridden by the browser. For * testing REST APIs it is recommended to obtain a separate HTTP client * using getHttpClient() and performing requests that way. * * @return string * The retrieved HTML string, also available as $this->getRawContent() * * @see \Drupal\Tests\BrowserTestBase::getHttpClient() */