X-Git-Url: http://www.aleph1.co.uk/gitweb/?a=blobdiff_plain;f=web%2Fcore%2Fmodules%2Fsystem%2Fsrc%2FTests%2FTheme%2FTwigRawTest.php;fp=web%2Fcore%2Fmodules%2Fsystem%2Fsrc%2FTests%2FTheme%2FTwigRawTest.php;h=8be63dbb5183c12e576f0a7bdc44829a3f349fcc;hb=a2bd1bf0c2c1f1a17d188f4dc0726a45494cefae;hp=0000000000000000000000000000000000000000;hpb=57c063afa3f66b07c4bbddc2d6129a96d90f0aad;p=yaffs-website

diff --git a/web/core/modules/system/src/Tests/Theme/TwigRawTest.php b/web/core/modules/system/src/Tests/Theme/TwigRawTest.php
new file mode 100644
index 000000000..8be63dbb5
--- /dev/null
+++ b/web/core/modules/system/src/Tests/Theme/TwigRawTest.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace Drupal\system\Tests\Theme;
+
+use Drupal\simpletest\WebTestBase;
+
+/**
+ * Tests Twig 'raw' filter.
+ *
+ * @group Theme
+ */
+class TwigRawTest extends WebTestBase {
+
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */
+  public static $modules = ['twig_theme_test'];
+
+  /**
+   * Tests the raw filter inside an autoescape tag.
+   */
+  public function testAutoescapeRaw() {
+    $test = [
+      '#theme' => 'twig_raw_test',
+      '#script' => '<script>alert("This alert is real because I will put it through the raw filter!");</script>',
+    ];
+    $rendered = \Drupal::service('renderer')->renderRoot($test);
+    $this->setRawContent($rendered);
+    $this->assertRaw('<script>alert("This alert is real because I will put it through the raw filter!");</script>');
+  }
+
+  /**
+   * Tests autoescaping of unsafe content.
+   *
+   * This is one of the most important tests in Drupal itself in terms of
+   * security.
+   */
+  public function testAutoescape() {
+    $script = '<script>alert("This alert is unreal!");</script>';
+    $build = [
+      '#theme' => 'twig_autoescape_test',
+      '#script' => $script,
+    ];
+    $rendered = \Drupal::service('renderer')->renderRoot($build);
+    $this->setRawContent($rendered);
+    $this->assertEscaped($script);
+  }
+
+}