annotate core/tests/Drupal/KernelTests/Component/Utility/SafeMarkupKernelTest.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents 129ea1e6d783
children
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\KernelTests\Component\Utility;
Chris@0 4
Chris@17 5 use Drupal\Component\Render\FormattableMarkup;
Chris@0 6 use Drupal\Core\Url;
Chris@0 7 use Drupal\KernelTests\KernelTestBase;
Chris@0 8
Chris@0 9 /**
Chris@0 10 * Provides a test covering integration of SafeMarkup with other systems.
Chris@0 11 *
Chris@0 12 * @group Utility
Chris@0 13 */
Chris@0 14 class SafeMarkupKernelTest extends KernelTestBase {
Chris@0 15
Chris@0 16 /**
Chris@0 17 * {@inheritdoc}
Chris@0 18 */
Chris@0 19 public static $modules = ['system'];
Chris@0 20
Chris@0 21 /**
Chris@0 22 * {@inheritdoc}
Chris@0 23 */
Chris@0 24 protected function setUp() {
Chris@0 25 parent::setUp();
Chris@0 26
Chris@0 27 $this->container->get('router.builder')->rebuild();
Chris@0 28 }
Chris@0 29
Chris@0 30 /**
Chris@17 31 * Gets arguments for FormattableMarkup based on Url::fromUri() parameters.
Chris@0 32 *
Chris@0 33 * @param string $uri
Chris@0 34 * The URI of the resource.
Chris@0 35 * @param array $options
Chris@0 36 * The options to pass to Url::fromUri().
Chris@0 37 *
Chris@0 38 * @return array
Chris@0 39 * Array containing:
Chris@0 40 * - ':url': A URL string.
Chris@17 41 *
Chris@17 42 * @see \Drupal\Component\Render\FormattableMarkup
Chris@0 43 */
Chris@0 44 protected static function getSafeMarkupUriArgs($uri, $options = []) {
Chris@0 45 $args[':url'] = Url::fromUri($uri, $options)->toString();
Chris@0 46 return $args;
Chris@0 47 }
Chris@0 48
Chris@0 49 /**
Chris@17 50 * Tests URL ":placeholders" in \Drupal\Component\Render\FormattableMarkup.
Chris@0 51 *
Chris@0 52 * @dataProvider providerTestSafeMarkupUri
Chris@0 53 */
Chris@0 54 public function testSafeMarkupUri($string, $uri, $options, $expected) {
Chris@0 55 $args = self::getSafeMarkupUriArgs($uri, $options);
Chris@17 56 $this->assertEquals($expected, new FormattableMarkup($string, $args));
Chris@0 57 }
Chris@0 58
Chris@0 59 /**
Chris@0 60 * @return array
Chris@0 61 */
Chris@0 62 public function providerTestSafeMarkupUri() {
Chris@0 63 $data = [];
Chris@0 64 $data['routed-url'] = [
Chris@0 65 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 66 'route:system.admin',
Chris@0 67 [],
Chris@0 68 'Hey giraffe <a href="/admin">MUUUH</a>',
Chris@0 69 ];
Chris@0 70 $data['routed-with-query'] = [
Chris@0 71 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 72 'route:system.admin',
Chris@0 73 ['query' => ['bar' => 'baz#']],
Chris@0 74 'Hey giraffe <a href="/admin?bar=baz%23">MUUUH</a>',
Chris@0 75 ];
Chris@0 76 $data['routed-with-fragment'] = [
Chris@0 77 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 78 'route:system.admin',
Chris@0 79 ['fragment' => 'bar&lt;'],
Chris@0 80 'Hey giraffe <a href="/admin#bar&amp;lt;">MUUUH</a>',
Chris@0 81 ];
Chris@0 82 $data['unrouted-url'] = [
Chris@0 83 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 84 'base://foo',
Chris@0 85 [],
Chris@0 86 'Hey giraffe <a href="/foo">MUUUH</a>',
Chris@0 87 ];
Chris@0 88 $data['unrouted-with-query'] = [
Chris@0 89 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 90 'base://foo',
Chris@0 91 ['query' => ['bar' => 'baz#']],
Chris@0 92 'Hey giraffe <a href="/foo?bar=baz%23">MUUUH</a>',
Chris@0 93 ];
Chris@0 94 $data['unrouted-with-fragment'] = [
Chris@0 95 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 96 'base://foo',
Chris@0 97 ['fragment' => 'bar&lt;'],
Chris@0 98 'Hey giraffe <a href="/foo#bar&amp;lt;">MUUUH</a>',
Chris@0 99 ];
Chris@0 100 $data['mailto-protocol'] = [
Chris@0 101 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 102 'mailto:test@example.com',
Chris@0 103 [],
Chris@0 104 'Hey giraffe <a href="mailto:test@example.com">MUUUH</a>',
Chris@0 105 ];
Chris@0 106
Chris@0 107 return $data;
Chris@0 108 }
Chris@0 109
Chris@0 110 /**
Chris@0 111 * @dataProvider providerTestSafeMarkupUriWithException
Chris@0 112 */
Chris@0 113 public function testSafeMarkupUriWithExceptionUri($string, $uri) {
Chris@0 114 // Should throw an \InvalidArgumentException, due to Uri::toString().
Chris@0 115 $this->setExpectedException(\InvalidArgumentException::class);
Chris@0 116 $args = self::getSafeMarkupUriArgs($uri);
Chris@0 117
Chris@17 118 new FormattableMarkup($string, $args);
Chris@0 119 }
Chris@0 120
Chris@0 121 /**
Chris@0 122 * @return array
Chris@0 123 */
Chris@0 124 public function providerTestSafeMarkupUriWithException() {
Chris@0 125 $data = [];
Chris@0 126 $data['js-protocol'] = [
Chris@0 127 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 128 "javascript:alert('xss')",
Chris@0 129 ];
Chris@0 130 $data['js-with-fromCharCode'] = [
Chris@0 131 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 132 "javascript:alert(String.fromCharCode(88,83,83))",
Chris@0 133 ];
Chris@0 134 $data['non-url-with-colon'] = [
Chris@0 135 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 136 "llamas: they are not URLs",
Chris@0 137 ];
Chris@0 138 $data['non-url-with-html'] = [
Chris@0 139 'Hey giraffe <a href=":url">MUUUH</a>',
Chris@0 140 '<span>not a url</span>',
Chris@0 141 ];
Chris@0 142
Chris@0 143 return $data;
Chris@0 144 }
Chris@0 145
Chris@0 146 }