Commit 1d8f75b3 authored by alexpott's avatar alexpott

Issue #2315255 by Dave Reid: Fixed Xss::split() fails on custom HTML elements...

Issue #2315255 by Dave Reid: Fixed Xss::split() fails on custom HTML elements with dashes in the name.
parent dd0c49dc
......@@ -152,7 +152,7 @@ protected static function split($string, $html_tags, $split_mode) {
return '<';
}
if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?|(<!--.*?-->)$%', $string, $matches)) {
if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9\-]+)([^>]*)>?|(<!--.*?-->)$%', $string, $matches)) {
// Seriously malformed.
return '';
}
......
......@@ -59,11 +59,19 @@ protected function setUp() {
* The expected result.
* @param string $message
* The assertion message to display upon failure.
* @param array $allowed_tags
* (optional) The allowed HTML tags to be passed to \Drupal\Component\Utility\Xss::filter().
*
* @dataProvider providerTestFilterXssNormalized
*/
public function testFilterXssNormalized($value, $expected, $message) {
$this->assertNormalized(Xss::filter($value), $expected, $message);
public function testFilterXssNormalized($value, $expected, $message, array $allowed_tags = NULL) {
if ($allowed_tags === NULL) {
$value = Xss::filter($value);
}
else {
$value = Xss::filter($value, $allowed_tags);
}
$this->assertNormalized($value, $expected, $message);
}
/**
......@@ -76,6 +84,8 @@ public function testFilterXssNormalized($value, $expected, $message) {
* - The value to filter.
* - The value to expect after filtering.
* - The assertion message.
* - (optional) The allowed HTML HTML tags array that should be passed to
* \Drupal\Component\Utility\Xss::filter().
*/
public function providerTestFilterXssNormalized() {
return array(
......@@ -94,6 +104,13 @@ public function providerTestFilterXssNormalized() {
"who&amp;#039; online",
'HTML filter -- double encoded html entity number',
),
// Custom elements with dashes in the tag name.
array(
"<test-element></test-element>",
"<test-element></test-element>",
'Custom element with dashes in tag name.',
array('test-element'),
),
);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment