Commit 8f3e25cd authored by alexpott's avatar alexpott

Issue #2207247 by larowlan, sasanikolic, olli, s_leu, Berdir, joelpittet,...

Issue #2207247 by larowlan, sasanikolic, olli, s_leu, Berdir, joelpittet, mrjmd, rpayanm, dawehner, Truptti, nod_, alexpott, Wim Leers: Dialog titles double escaped for views handlers and delete forms
parent 66954069
......@@ -2,6 +2,8 @@
namespace Drupal\Core\Ajax;
use Drupal\Component\Render\PlainTextOutput;
/**
* Defines an AJAX command to open certain content in a dialog.
*
......@@ -69,6 +71,7 @@ class OpenDialogCommand implements CommandInterface, CommandWithAttachedAssetsIn
* populated automatically from the current request.
*/
public function __construct($selector, $title, $content, array $dialog_options = array(), $settings = NULL) {
$title = PlainTextOutput::renderFromHtml($title);
$dialog_options += array('title' => $title);
$this->selector = $selector;
$this->content = $content;
......
......@@ -39,7 +39,7 @@ public function testDialog() {
'data' => $dialog_contents,
'dialogOptions' =>
[
'title' => 'AJAX Dialog contents',
'title' => 'AJAX Dialog & contents',
'modal' => FALSE,
'autoResize' => FALSE,
'resizable' => 'w',
......
......@@ -39,7 +39,7 @@ public function testDialog() {
'data' => $dialog_contents,
'dialogOptions' => array(
'modal' => TRUE,
'title' => 'AJAX Dialog contents',
'title' => 'AJAX Dialog & contents',
),
);
$form_expected_response = array(
......@@ -67,7 +67,7 @@ public function testDialog() {
'data' => $dialog_contents,
'dialogOptions' => array(
'modal' => FALSE,
'title' => 'AJAX Dialog contents',
'title' => 'AJAX Dialog & contents',
),
);
$no_target_expected_response = array(
......@@ -77,7 +77,7 @@ public function testDialog() {
'data' => $dialog_contents,
'dialogOptions' => array(
'modal' => FALSE,
'title' => 'AJAX Dialog contents',
'title' => 'AJAX Dialog & contents',
),
);
$close_expected_response = array(
......@@ -97,6 +97,9 @@ public function testDialog() {
// Emulate going to the JS version of the page and check the JSON response.
$ajax_result = $this->drupalGetAjax('ajax-test/dialog-contents', array('query' => array(MainContentViewSubscriber::WRAPPER_FORMAT => 'drupal_modal')));
$this->assertEqual($modal_expected_response, $ajax_result[3], 'Modal dialog JSON response matches.');
// Test the HTML escaping of & character.
$this->assertEqual($ajax_result[3]['dialogOptions']['title'], 'AJAX Dialog & contents');
$this->assertNotEqual($ajax_result[3]['dialogOptions']['title'], 'AJAX Dialog & contents');
// Check that requesting a "normal" dialog without JS goes to a page.
$this->drupalGet('ajax-test/dialog-contents');
......@@ -152,6 +155,8 @@ public function testDialog() {
// Check that the response matches the expected value.
$this->assertEqual($modal_expected_response, $ajax_result[4], 'POST request modal dialog JSON response matches.');
// Test the HTML escaping of & character.
$this->assertNotEqual($ajax_result[4]['dialogOptions']['title'], 'AJAX Dialog & contents');
// Abbreviated test for "normal" dialogs, testing only the difference.
$ajax_result = $this->drupalPostAjaxForm('ajax-test/dialog', array(), 'button2');
......
......@@ -23,7 +23,7 @@ class AjaxTestController {
public static function dialogContents() {
// This is a regular render array; the keys do not have special meaning.
$content = array(
'#title' => 'AJAX Dialog contents',
'#title' => '<em>AJAX Dialog & contents</em>',
'content' => array(
'#markup' => 'Example message',
),
......
......@@ -93,7 +93,7 @@ public function nonModal(&$form, FormStateInterface $form_state) {
protected function dialog($is_modal = FALSE) {
$content = AjaxTestController::dialogContents();
$response = new AjaxResponse();
$title = $this->t('AJAX Dialog contents');
$title = $this->t('AJAX Dialog & contents');
// Attach the library necessary for using the Open(Modal)DialogCommand and
// set the attachments for this Ajax response.
......
......@@ -2,6 +2,7 @@
namespace Drupal\views_ui\Tests;
use Drupal\Component\Serialization\Json;
use Drupal\views\Views;
/**
......@@ -55,6 +56,23 @@ public function testFieldUI() {
$result = $this->xpath('//details[@id="edit-options-more"]');
$this->assertEqual(empty($result), TRUE, "Container 'more' is empty and should not be displayed.");
// Ensure that dialog titles are not escaped.
$edit_groupby_url = 'admin/structure/views/nojs/handler/test_view/default/field/name';
$this->assertNoLinkByHref($edit_groupby_url, 0, 'No aggregation link found.');
// Enable aggregation on the view.
$edit = array(
'group_by' => TRUE,
);
$this->drupalPostForm('/admin/structure/views/nojs/display/test_view/default/group_by', $edit, t('Apply'));
$this->assertLinkByHref($edit_groupby_url, 0, 'Aggregation link found.');
$edit_handler_url = '/admin/structure/views/ajax/handler-group/test_view/default/field/name';
$this->drupalGet($edit_handler_url);
$data = Json::decode($this->getRawContent());
$this->assertEqual($data[3]['dialogOptions']['title'], 'Configure aggregation settings for field Views test: Name');
}
/**
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment