X-Git-Url: http://www.aleph1.co.uk/gitweb/?p=yaffs-website;a=blobdiff_plain;f=web%2Fcore%2Fmodules%2Fsystem%2Fsrc%2FTests%2FRouting%2FRouterTest.php;fp=web%2Fcore%2Fmodules%2Fsystem%2Fsrc%2FTests%2FRouting%2FRouterTest.php;h=8d7c43e86a883a2b06167a3a9d27dacb615ce771;hp=83a9c55b39775589e2eeb1640f1b7eb36644df06;hb=0bf8d09d2542548982e81a441b1f16e75873a04f;hpb=74df008bdbb3a11eeea356744f39b802369bda3c

diff --git a/web/core/modules/system/src/Tests/Routing/RouterTest.php b/web/core/modules/system/src/Tests/Routing/RouterTest.php
index 83a9c55b3..8d7c43e86 100644
--- a/web/core/modules/system/src/Tests/Routing/RouterTest.php
+++ b/web/core/modules/system/src/Tests/Routing/RouterTest.php
@@ -320,6 +320,13 @@ class RouterTest extends WebTestBase {
     $this->drupalGet($url);
     $this->assertEqual(1, $this->redirectCount, $url . " redirected to " . $this->url);
     $this->assertUrl($request->getUriForPath('/router_test/test1') . '?qs=test');
+
+    // Ensure that external URLs in destination query params are not redirected
+    // to.
+    $url = $request->getUriForPath('/////////////////////////////////////////////////router_test/test1') . '?qs=test&destination=http://www.example.com%5c@drupal8alt.test';
+    $this->drupalGet($url);
+    $this->assertEqual(1, $this->redirectCount, $url . " redirected to " . $this->url);
+    $this->assertUrl($request->getUriForPath('/router_test/test1') . '?qs=test');
   }
 
 }