tag.'); Chris@0: Chris@0: // Test the slogan. Chris@0: $this->assertNoRaw($slogan, 'Check for the unfiltered version of the slogan.'); Chris@0: $this->assertRaw($slogan_filtered, 'Check for the filtered version of the slogan.'); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Tests the page title of render arrays. Chris@0: * Chris@0: * @see \Drupal\test_page_test\Controller\Test Chris@0: */ Chris@0: public function testRoutingTitle() { Chris@0: // Test the '#title' render array attribute. Chris@0: $this->drupalGet('test-render-title'); Chris@0: Chris@0: $this->assertTitle('Foo | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Foo', (string) $result[0]); Chris@0: Chris@0: // Test forms Chris@0: $this->drupalGet('form-test/object-builder'); Chris@0: Chris@0: $this->assertTitle('Test dynamic title | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Test dynamic title', (string) $result[0]); Chris@0: Chris@0: // Set some custom translated strings. Chris@0: $this->addCustomTranslations('en', [ Chris@0: '' => ['Static title' => 'Static title translated'], Chris@0: ]); Chris@0: $this->writeCustomTranslations(); Chris@0: Chris@0: // Ensure that the title got translated. Chris@0: $this->drupalGet('test-page-static-title'); Chris@0: Chris@0: $this->assertTitle('Static title translated | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Static title translated', (string) $result[0]); Chris@0: Chris@0: // Test the dynamic '_title_callback' route option. Chris@0: $this->drupalGet('test-page-dynamic-title'); Chris@0: Chris@0: $this->assertTitle('Dynamic title | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Dynamic title', (string) $result[0]); Chris@0: Chris@0: // Ensure that titles are cacheable and are escaped normally if the Chris@0: // controller does not escape them. Chris@0: $this->drupalGet('test-page-cached-controller'); Chris@0: $this->assertTitle('Cached title | Drupal'); Chris@0: $this->assertRaw(Html::escape('<span>Cached title</span>') . '</h1>'); Chris@0: $this->drupalGet('test-page-cached-controller'); Chris@0: $this->assertTitle('Cached title | Drupal'); Chris@0: $this->assertRaw(Html::escape('<span>Cached title</span>') . '</h1>'); Chris@0: } Chris@0: Chris@0: }

Chris@0: drupalCreateContentType(['type' => 'page', 'name' => 'Basic page']); Chris@0: Chris@0: $this->drupalPlaceBlock('page_title_block'); Chris@0: Chris@0: $this->contentUser = $this->drupalCreateUser(['create page content', 'access content', 'administer themes', 'administer site configuration', 'link to any page']); Chris@0: $this->drupalLogin($this->contentUser); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Tests the handling of HTML in node titles. Chris@0: */ Chris@0: public function testTitleTags() { Chris@0: $title = "string with HTML"; Chris@0: // Generate node content. Chris@0: $edit = [ Chris@0: 'title[0][value]' => '!SimpleTest! ' . $title . $this->randomMachineName(20), Chris@0: 'body[0][value]' => '!SimpleTest! test body' . $this->randomMachineName(200), Chris@0: ]; Chris@0: // Create the node with HTML in the title. Chris@0: $this->drupalPostForm('node/add/page', $edit, t('Save')); Chris@0: Chris@0: $node = $this->drupalGetNodeByTitle($edit['title[0][value]']); Chris@0: $this->assertNotNull($node, 'Node created and found in database'); Chris@0: $this->assertText(Html::escape($edit['title[0][value]']), 'Check to make sure tags in the node title are converted.'); Chris@0: $this->drupalGet("node/" . $node->id()); Chris@0: $this->assertText(Html::escape($edit['title[0][value]']), 'Check to make sure tags in the node title are converted.'); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Test if the title of the site is XSS proof. Chris@0: */ Chris@0: public function testTitleXSS() { Chris@0: // Set some title with JavaScript and HTML chars to escape. Chris@0: $title = ' & < > " \' '; Chris@0: $title_filtered = Html::escape($title); Chris@0: Chris@0: $slogan = ''; Chris@0: $slogan_filtered = Xss::filterAdmin($slogan); Chris@0: Chris@0: // Set title and slogan. Chris@0: $edit = [ Chris@0: 'site_name' => $title, Chris@0: 'site_slogan' => $slogan, Chris@0: ]; Chris@0: $this->drupalPostForm('admin/config/system/site-information', $edit, t('Save configuration')); Chris@0: Chris@0: // Place branding block with site name and slogan into header region. Chris@0: $this->drupalPlaceBlock('system_branding_block', ['region' => 'header']); Chris@0: Chris@0: // Load frontpage. Chris@0: $this->drupalGet(''); Chris@0: Chris@0: // Test the title. Chris@0: $this->assertNoRaw($title, 'Check for the lack of the unfiltered version of the title.'); Chris@0: // Add to make sure we're checking the title tag, rather than the Chris@0: // first 'heading' on the page. Chris@0: $this->assertRaw($title_filtered . '', 'Check for the filtered version of the title in a tag.'); Chris@0: Chris@0: // Test the slogan. Chris@0: $this->assertNoRaw($slogan, 'Check for the unfiltered version of the slogan.'); Chris@0: $this->assertRaw($slogan_filtered, 'Check for the filtered version of the slogan.'); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Tests the page title of render arrays. Chris@0: * Chris@0: * @see \Drupal\test_page_test\Controller\Test Chris@0: */ Chris@0: public function testRoutingTitle() { Chris@0: // Test the '#title' render array attribute. Chris@0: $this->drupalGet('test-render-title'); Chris@0: Chris@0: $this->assertTitle('Foo | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Foo', (string) $result[0]); Chris@0: Chris@0: // Test forms Chris@0: $this->drupalGet('form-test/object-builder'); Chris@0: Chris@0: $this->assertTitle('Test dynamic title | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Test dynamic title', (string) $result[0]); Chris@0: Chris@0: // Set some custom translated strings. Chris@0: $this->addCustomTranslations('en', [ Chris@0: '' => ['Static title' => 'Static title translated'], Chris@0: ]); Chris@0: $this->writeCustomTranslations(); Chris@0: Chris@0: // Ensure that the title got translated. Chris@0: $this->drupalGet('test-page-static-title'); Chris@0: Chris@0: $this->assertTitle('Static title translated | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Static title translated', (string) $result[0]); Chris@0: Chris@0: // Test the dynamic '_title_callback' route option. Chris@0: $this->drupalGet('test-page-dynamic-title'); Chris@0: Chris@0: $this->assertTitle('Dynamic title | Drupal'); Chris@0: $result = $this->xpath('//h1[@class="page-title"]'); Chris@0: $this->assertEqual('Dynamic title', (string) $result[0]); Chris@0: Chris@0: // Ensure that titles are cacheable and are escaped normally if the Chris@0: // controller does not escape them. Chris@0: $this->drupalGet('test-page-cached-controller'); Chris@0: $this->assertTitle('Cached title | Drupal'); Chris@0: $this->assertRaw(Html::escape('<span>Cached title</span>') . '</h1>'); Chris@0: $this->drupalGet('test-page-cached-controller'); Chris@0: $this->assertTitle('Cached title | Drupal'); Chris@0: $this->assertRaw(Html::escape('<span>Cached title</span>') . '</h1>'); Chris@0: } Chris@0: Chris@0: }