3 namespace Drupal\KernelTests\Component\Utility;
5 use Drupal\Component\Render\FormattableMarkup;
7 use Drupal\KernelTests\KernelTestBase;
10 * Provides a test covering integration of SafeMarkup with other systems.
14 class SafeMarkupKernelTest extends KernelTestBase {
19 public static $modules = ['system'];
24 protected function setUp() {
27 $this->container->get('router.builder')->rebuild();
31 * Gets arguments for FormattableMarkup based on Url::fromUri() parameters.
34 * The URI of the resource.
35 * @param array $options
36 * The options to pass to Url::fromUri().
40 * - ':url': A URL string.
42 * @see \Drupal\Component\Render\FormattableMarkup
44 protected static function getSafeMarkupUriArgs($uri, $options = []) {
45 $args[':url'] = Url::fromUri($uri, $options)->toString();
50 * Tests URL ":placeholders" in \Drupal\Component\Render\FormattableMarkup.
52 * @dataProvider providerTestSafeMarkupUri
54 public function testSafeMarkupUri($string, $uri, $options, $expected) {
55 $args = self::getSafeMarkupUriArgs($uri, $options);
56 $this->assertEquals($expected, new FormattableMarkup($string, $args));
62 public function providerTestSafeMarkupUri() {
64 $data['routed-url'] = [
65 'Hey giraffe <a href=":url">MUUUH</a>',
68 'Hey giraffe <a href="/admin">MUUUH</a>',
70 $data['routed-with-query'] = [
71 'Hey giraffe <a href=":url">MUUUH</a>',
73 ['query' => ['bar' => 'baz#']],
74 'Hey giraffe <a href="/admin?bar=baz%23">MUUUH</a>',
76 $data['routed-with-fragment'] = [
77 'Hey giraffe <a href=":url">MUUUH</a>',
79 ['fragment' => 'bar<'],
80 'Hey giraffe <a href="/admin#bar&lt;">MUUUH</a>',
82 $data['unrouted-url'] = [
83 'Hey giraffe <a href=":url">MUUUH</a>',
86 'Hey giraffe <a href="/foo">MUUUH</a>',
88 $data['unrouted-with-query'] = [
89 'Hey giraffe <a href=":url">MUUUH</a>',
91 ['query' => ['bar' => 'baz#']],
92 'Hey giraffe <a href="/foo?bar=baz%23">MUUUH</a>',
94 $data['unrouted-with-fragment'] = [
95 'Hey giraffe <a href=":url">MUUUH</a>',
97 ['fragment' => 'bar<'],
98 'Hey giraffe <a href="/foo#bar&lt;">MUUUH</a>',
100 $data['mailto-protocol'] = [
101 'Hey giraffe <a href=":url">MUUUH</a>',
102 'mailto:test@example.com',
104 'Hey giraffe <a href="mailto:test@example.com">MUUUH</a>',
111 * @dataProvider providerTestSafeMarkupUriWithException
113 public function testSafeMarkupUriWithExceptionUri($string, $uri) {
114 // Should throw an \InvalidArgumentException, due to Uri::toString().
115 $this->setExpectedException(\InvalidArgumentException::class);
116 $args = self::getSafeMarkupUriArgs($uri);
118 new FormattableMarkup($string, $args);
124 public function providerTestSafeMarkupUriWithException() {
126 $data['js-protocol'] = [
127 'Hey giraffe <a href=":url">MUUUH</a>',
128 "javascript:alert('xss')",
130 $data['js-with-fromCharCode'] = [
131 'Hey giraffe <a href=":url">MUUUH</a>',
132 "javascript:alert(String.fromCharCode(88,83,83))",
134 $data['non-url-with-colon'] = [
135 'Hey giraffe <a href=":url">MUUUH</a>',
136 "llamas: they are not URLs",
138 $data['non-url-with-html'] = [
139 'Hey giraffe <a href=":url">MUUUH</a>',
140 '<span>not a url</span>',