Home Explore Help
Sign In
bachir
/
edlp_d8
1
0
Fork 0
Files Issues 8 Pull Requests 0 Wiki
Tree: fc8365264d
Branches Tags
edlp_d8
/
core
/
tests
/
Drupal
/
KernelTests
/
Core
/
Theme
/
ThemeRenderAndAutoescapeTest.php

ThemeRenderAndAutoescapeTest.php 4.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * @file
    5. 

  5.  * Contains \Drupal\KernelTests\Core\Theme\ThemeRenderAndAutoescapeTest.
    6. 

  6.  */
    7. 

  7. 

  8. namespace Drupal\KernelTests\Core\Theme;
    9. 

  9. 

  10. use Drupal\Component\Utility\Html;
    11. 

  11. use Drupal\Core\GeneratedLink;
    12. 

  12. use Drupal\Core\Link;
    13. 

  13. use Drupal\Core\Render\RenderContext;
    14. 

  14. use Drupal\Core\Render\Markup;
    15. 

  15. use Drupal\Core\Url;
    16. 

  16. use Drupal\KernelTests\KernelTestBase;
    17. 

  17. 

  18. /**
    19. 

  19.  * Tests the theme_render_and_autoescape() function.
    20. 

  20.  *
    21. 

  21.  * @group Theme
    22. 

  22.  */
    23. 

  23. class ThemeRenderAndAutoescapeTest extends KernelTestBase {
    24. 

  24. 

  25.   /**
    26. 

  26.    * {@inheritdoc}
    27. 

  27.    */
    28. 

  28.   public static $modules = ['system'];
    29. 

  29. 

  30.   /**
    31. 

  31.    * {@inheritdoc}
    32. 

  32.    */
    33. 

  33.   protected function setUp() {
    34. 

  34.     parent::setUp();
    35. 

  35. 

  36.     \Drupal::service('router.builder')->rebuild();
    37. 

  37.   }
    38. 

  38. 

  39.   /**
    40. 

  40.    * @dataProvider providerTestThemeRenderAndAutoescape
    41. 

  41.    */
    42. 

  42.   public function testThemeRenderAndAutoescape($arg, $expected) {
    43. 

  43.     if (is_array($arg) && isset($arg['#type']) && $arg['#type'] === 'link') {
    44. 

  44.       $arg = Link::createFromRoute($arg['#title'], $arg['#url']);
    45. 

  45.     }
    46. 

  46. 

  47.     $context = new RenderContext();
    48. 

  48.     // Use a closure here since we need to render with a render context.
    49. 

  49.     $theme_render_and_autoescape = function () use ($arg) {
    50. 

  50.       return theme_render_and_autoescape($arg);
    51. 

  51.     };
    52. 

  52.     /** @var \Drupal\Core\Render\RendererInterface $renderer */
    53. 

  53.     $renderer = \Drupal::service('renderer');
    54. 

  54.     $output = $renderer->executeInRenderContext($context, $theme_render_and_autoescape);
    55. 

  55.     $this->assertEquals($expected, $output);
    56. 

  56.     $this->assertInternalType('string', $output);
    57. 

  57.   }
    58. 

  58. 

  59.   /**
    60. 

  60.    * Provide test examples.
    61. 

  61.    */
    62. 

  62.   public function providerTestThemeRenderAndAutoescape() {
    63. 

  63.     return [
    64. 

  64.       'empty string unchanged' => ['', ''],
    65. 

  65.       'simple string unchanged' => ['ab', 'ab'],
    66. 

  66.       'int (scalar) cast to string' => [111, '111'],
    67. 

  67.       'float (scalar) cast to string' => [2.10, '2.10'],
    68. 

  68.       '> is escaped' => ['>', '&gt;'],
    69. 

  69.       'Markup EM tag is unchanged' => [Markup::create('<em>hi</em>'), '<em>hi</em>'],
    70. 

  70.       'Markup SCRIPT tag is unchanged' => [Markup::create('<script>alert("hi");</script>'), '<script>alert("hi");</script>'],
    71. 

  71.       'EM tag in string is escaped' => ['<em>hi</em>', Html::escape('<em>hi</em>')],
    72. 

  72.       'type link render array is rendered' => [['#type' => 'link', '#title' => 'Text', '#url' => '<none>'], '<a href="">Text</a>'],
    73. 

  73.       'type markup with EM tags is rendered' => [['#markup' => '<em>hi</em>'], '<em>hi</em>'],
    74. 

  74.       'SCRIPT tag in string is escaped' => [
    75. 

  75.         '<script>alert(123)</script>',
    76. 

  76.         Html::escape('<script>alert(123)</script>')
    77. 

  77.       ],
    78. 

  78.       'type plain_text render array EM tag is escaped' => [['#plain_text' => '<em>hi</em>'], Html::escape('<em>hi</em>')],
    79. 

  79.       'type hidden render array is rendered' => [['#type' => 'hidden', '#name' => 'foo', '#value' => 'bar'], "<input type=\"hidden\" name=\"foo\" value=\"bar\" />\n"],
    80. 

  80.     ];
    81. 

  81.   }
    82. 

  82. 

  83.   /**
    84. 

  84.    * Ensures invalid content is handled correctly.
    85. 

  85.    */
    86. 

  86.   public function testThemeEscapeAndRenderNotPrintable() {
    87. 

  87.     $this->setExpectedException(\Exception::class);
    88. 

  88.     theme_render_and_autoescape(new NonPrintable());
    89. 

  89.   }
    90. 

  90. 

  91.   /**
    92. 

  92.    * Ensure cache metadata is bubbled when using theme_render_and_autoescape().
    93. 

  93.    */
    94. 

  94.   public function testBubblingMetadata() {
    95. 

  95.     $link = new GeneratedLink();
    96. 

  96.     $link->setGeneratedLink('<a href="http://example.com"></a>');
    97. 

  97.     $link->addCacheTags(['foo']);
    98. 

  98.     $link->addAttachments(['library' => ['system/base']]);
    99. 

  99. 

  100.     $context = new RenderContext();
    101. 

  101.     // Use a closure here since we need to render with a render context.
    102. 

  102.     $theme_render_and_autoescape = function () use ($link) {
    103. 

  103.       return theme_render_and_autoescape($link);
    104. 

  104.     };
    105. 

  105.     /** @var \Drupal\Core\Render\RendererInterface $renderer */
    106. 

  106.     $renderer = \Drupal::service('renderer');
    107. 

  107.     $output = $renderer->executeInRenderContext($context, $theme_render_and_autoescape);
    108. 

  108.     $this->assertEquals('<a href="http://example.com"></a>', $output);
    109. 

  109.     /** @var \Drupal\Core\Render\BubbleableMetadata $metadata */
    110. 

  110.     $metadata = $context->pop();
    111. 

  111.     $this->assertEquals(['foo'], $metadata->getCacheTags());
    112. 

  112.     $this->assertEquals(['library' => ['system/base']], $metadata->getAttachments());
    113. 

  113.   }
    114. 

  114. 

  115.   /**
    116. 

  116.    * Ensure cache metadata is bubbled when using theme_render_and_autoescape().
    117. 

  117.    */
    118. 

  118.   public function testBubblingMetadataWithRenderable() {
    119. 

  119.     $link = new Link('', Url::fromRoute('<current>'));
    120. 

  120. 

  121.     $context = new RenderContext();
    122. 

  122.     // Use a closure here since we need to render with a render context.
    123. 

  123.     $theme_render_and_autoescape = function () use ($link) {
    124. 

  124.       return theme_render_and_autoescape($link);
    125. 

  125.     };
    126. 

  126.     /** @var \Drupal\Core\Render\RendererInterface $renderer */
    127. 

  127.     $renderer = \Drupal::service('renderer');
    128. 

  128.     $output = $renderer->executeInRenderContext($context, $theme_render_and_autoescape);
    129. 

  129.     $this->assertEquals('<a href="/' . urlencode('<none>') . '"></a>', $output);
    130. 

  130.     /** @var \Drupal\Core\Render\BubbleableMetadata $metadata */
    131. 

  131.     $metadata = $context->pop();
    132. 

  132.     $this->assertEquals(['route'], $metadata->getCacheContexts());
    133. 

  133.   }
    134. 

  134. 

  135. }
    136. 

  136. 

  137. class NonPrintable {}
    138.