Documentation & API reference
public function XssTest::testQuestionSign
Checks that strings starting with a question sign are correctly processed.
File
- drupal/
core/ tests/ Drupal/ Tests/ Component/ Utility/ XssTest.php, line 475 - Contains \Drupal\Tests\Component\Utility\XssTest.
Class
- XssTest
- Tests the Xss utility.
Namespace
Drupal\Tests\Component\UtilityCode
public function testQuestionSign() {
$value = Xss::filter('<?xml:namespace ns="urn:schemas-microsoft-com:time">');
$this
->assertTrue(stripos($value, '<?xml') === FALSE, 'HTML tag stripping evasion -- starting with a question sign (processing instructions).');
}