3 namespace Drupal\search\Tests;
5 use Drupal\Component\Utility\Html;
6 use Drupal\Component\Utility\Unicode;
9 * Tests the search help text and search page text.
13 class SearchPageTextTest extends SearchTestBase {
15 * A user with permission to use advanced search.
17 * @var \Drupal\user\UserInterface
19 protected $searchingUser;
26 public static $modules = ['block'];
31 protected function setUp() {
35 $this->searchingUser = $this->drupalCreateUser(['search content', 'access user profiles', 'use advanced search']);
36 $this->drupalPlaceBlock('local_tasks_block');
37 $this->drupalPlaceBlock('page_title_block');
41 * Tests for XSS in search module local task.
43 * This is a regression test for https://www.drupal.org/node/2338081
45 public function testSearchLabelXSS() {
46 $this->drupalLogin($this->drupalCreateUser(['administer search']));
48 $keys['label'] = '<script>alert("Dont Panic");</script>';
49 $this->drupalPostForm('admin/config/search/pages/manage/node_search', $keys, t('Save search page'));
51 $this->drupalLogin($this->searchingUser);
52 $this->drupalGet('search/node');
53 $this->assertEscaped($keys['label']);
57 * Tests the failed search text, and various other text on the search page.
59 public function testSearchText() {
60 $this->drupalLogin($this->searchingUser);
61 $this->drupalGet('search/node');
62 $this->assertText(t('Enter your keywords'));
63 $this->assertText(t('Search'));
64 $this->assertTitle(t('Search') . ' | Drupal', 'Search page title is correct');
67 $search_terms = 'bike shed ' . $this->randomMachineName();
68 $edit['keys'] = $search_terms;
69 $this->drupalPostForm('search/node', $edit, t('Search'));
70 $this->assertText('search yielded no results');
71 $this->assertText(t('Search'));
72 $title_source = 'Search for @keywords | Drupal';
73 $this->assertTitle(t($title_source, ['@keywords' => Unicode::truncate($search_terms, 60, TRUE, TRUE)]), 'Search page title is correct');
74 $this->assertNoText('Node', 'Erroneous tab and breadcrumb text is not present');
75 $this->assertNoText(t('Node'), 'Erroneous translated tab and breadcrumb text is not present');
76 $this->assertText(t('Content'), 'Tab and breadcrumb text is present');
78 $this->clickLink('Search help');
79 $this->assertText('Search help', 'Correct title is on search help page');
80 $this->assertText('Use upper-case OR to get more results', 'Correct text is on content search help page');
82 // Search for a longer text, and see that it is in the title, truncated.
84 $search_terms = 'Every word is like an unnecessary stain on silence and nothingness.';
85 $edit['keys'] = $search_terms;
86 $this->drupalPostForm('search/node', $edit, t('Search'));
87 $this->assertTitle(t($title_source, ['@keywords' => 'Every word is like an unnecessary stain on silence and…']), 'Search page title is correct');
89 // Search for a string with a lot of special characters.
90 $search_terms = 'Hear nothing > "see nothing" `feel' . " '1982.";
91 $edit['keys'] = $search_terms;
92 $this->drupalPostForm('search/node', $edit, t('Search'));
93 $actual_title = (string) current($this->xpath('//title'));
94 $this->assertEqual($actual_title, Html::decodeEntities(t($title_source, ['@keywords' => Unicode::truncate($search_terms, 60, TRUE, TRUE)])), 'Search page title is correct');
96 $edit['keys'] = $this->searchingUser->getUsername();
97 $this->drupalPostForm('search/user', $edit, t('Search'));
98 $this->assertText(t('Search'));
99 $this->assertTitle(t($title_source, ['@keywords' => Unicode::truncate($this->searchingUser->getUsername(), 60, TRUE, TRUE)]));
101 $this->clickLink('Search help');
102 $this->assertText('Search help', 'Correct title is on search help page');
103 $this->assertText('user names and partial user names', 'Correct text is on user search help page');
105 // Test that search keywords containing slashes are correctly loaded
106 // from the GET params and displayed in the search form.
107 $arg = $this->randomMachineName() . '/' . $this->randomMachineName();
108 $this->drupalGet('search/node', ['query' => ['keys' => $arg]]);
109 $input = $this->xpath("//input[@id='edit-keys' and @value='{$arg}']");
110 $this->assertFalse(empty($input), 'Search keys with a / are correctly set as the default value in the search box.');
112 // Test a search input exceeding the limit of AND/OR combinations to test
113 // the Denial-of-Service protection.
114 $limit = $this->config('search.settings')->get('and_or_limit');
116 for ($i = 0; $i < $limit + 1; $i++) {
117 // Use a key of 4 characters to ensure we never generate 'AND' or 'OR'.
118 $keys[] = $this->randomMachineName(4);
123 $edit['keys'] = implode(' ', $keys);
124 $this->drupalPostForm('search/node', $edit, t('Search'));
125 $this->assertRaw(t('Your search used too many AND/OR expressions. Only the first @count terms were included in this search.', ['@count' => $limit]));
127 // Test that a search on Node or User with no keywords entered generates
128 // the "Please enter some keywords" message.
129 $this->drupalPostForm('search/node', [], t('Search'));
130 $this->assertText(t('Please enter some keywords'), 'With no keywords entered, message is displayed on node page');
131 $this->drupalPostForm('search/user', [], t('Search'));
132 $this->assertText(t('Please enter some keywords'), 'With no keywords entered, message is displayed on user page');
134 // Make sure the "Please enter some keywords" message is NOT displayed if
135 // you use "or" words or phrases in Advanced Search.
136 $this->drupalPostForm('search/node', ['or' => $this->randomMachineName() . ' ' . $this->randomMachineName()], t('Advanced search'));
137 $this->assertNoText(t('Please enter some keywords'), 'With advanced OR keywords entered, no keywords message is not displayed on node page');
138 $this->drupalPostForm('search/node', ['phrase' => '"' . $this->randomMachineName() . '" "' . $this->randomMachineName() . '"'], t('Advanced search'));
139 $this->assertNoText(t('Please enter some keywords'), 'With advanced phrase entered, no keywords message is not displayed on node page');
141 // Verify that if you search for a too-short keyword, you get the right
142 // message, and that if after that you search for a longer keyword, you
143 // do not still see the message.
144 $this->drupalPostForm('search/node', ['keys' => $this->randomMachineName(1)], t('Search'));
145 $this->assertText('You must include at least one keyword', 'Keyword message is displayed when searching for short word');
146 $this->assertNoText(t('Please enter some keywords'), 'With short word entered, no keywords message is not displayed');
147 $this->drupalPostForm(NULL, ['keys' => $this->randomMachineName()], t('Search'));
148 $this->assertNoText('You must include at least one keyword', 'Keyword message is not displayed when searching for long word after short word search');
150 // Test that if you search for a URL with .. in it, you still end up at
151 // the search page. See issue https://www.drupal.org/node/890058.
152 $this->drupalPostForm('search/node', ['keys' => '../../admin'], t('Search'));
153 $this->assertResponse(200, 'Searching for ../../admin with non-admin user does not lead to a 403 error');
154 $this->assertText('no results', 'Searching for ../../admin with non-admin user gives you a no search results page');
156 // Test that if you search for a URL starting with "./", you still end up
157 // at the search page. See issue https://www.drupal.org/node/1421560.
158 $this->drupalPostForm('search/node', ['keys' => '.something'], t('Search'));
159 $this->assertResponse(200, 'Searching for .something does not lead to a 403 error');
160 $this->assertText('no results', 'Searching for .something gives you a no search results page');