Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<?php
namespace Drupal\color\Tests;
use Drupal\Core\Url;
use Drupal\simpletest\WebTestBase;
/**
* Tests sanitizing color preview loaded from theme.
*
* @group Theme
*/
class ColorSafePreviewTest extends WebTestBase {
/**
* Modules to enable.
*
* @var string[]
*/
public static $modules = ['color', 'color_test'];
/**
* A user with administrative permissions.
*
* @var \Drupal\user\UserInterface
*/
protected $bigUser;
/**
* {@inheritdoc}
*/
protected function setUp() {
parent::setUp();
// Create user.
$this->bigUser = $this->drupalCreateUser(['administer themes']);
}
/**
* Ensures color preview.html is sanitized.
*/
function testColorPreview() {
// Install the color test theme.
\Drupal::service('theme_handler')->install(['color_test_theme']);
$this->drupalLogin($this->bigUser);
// Markup is being printed from a HTML file located in:
// core/modules/color/tests/modules/color_test/themes/color_test_theme/color/preview.html
$url = Url::fromRoute('system.theme_settings_theme', ['theme' => 'color_test_theme']);
$this->drupalGet($url);
$this->assertText('TEST COLOR PREVIEW');
$this->assertNoRaw('<script>alert("security filter test");</script>');
$this->assertRaw('<h2>TEST COLOR PREVIEW</h2>');
}
}