diff --git a/core/includes/theme.inc b/core/includes/theme.inc
index 2c94b6c..b6ce5f0 100644
--- a/core/includes/theme.inc
+++ b/core/includes/theme.inc
@@ -1576,9 +1576,7 @@ function template_preprocess_field_multiple_value_form(&$variables) {
array(
'data' => array(
'#prefix' => '
',
- 'title' => array(
- '#markup' => $element['#title'],
- ),
+ '#markup' => $element['#title'],
'#suffix' => '
',
),
'colspan' => 2,
diff --git a/core/modules/field_ui/src/Tests/EntityFormDisplayWebTest.php b/core/modules/field_ui/src/Tests/EntityFormDisplayWebTest.php
deleted file mode 100644
index 48922d7..0000000
--- a/core/modules/field_ui/src/Tests/EntityFormDisplayWebTest.php
+++ /dev/null
@@ -1,48 +0,0 @@
-drupalCreateUser(['administer entity_test content']);
- $this->drupalLogin($user);
-
- $entity = EntityTestBaseFieldDisplay::create(['name' => $this->randomString()]);
- $entity->save();
-
- $this->drupalGet('entity_test_base_field_display/manage/' . $entity->id());
- $this->assertRaw($entity->label());
- $this->assertText('A field with multiple values');
- $this->drupalPostForm(NULL, [], t('Add another item'));
-
- $edit['test_display_multiple[0][value]'] = $this->randomString();
- $edit['test_display_multiple[1][value]'] = $this->randomString();
- $this->drupalPostForm(NULL, $edit, t('Save'));
- $this->assertText('entity_test_base_field_display ' . $entity->id() . ' has been updated.');
- }
-
-}
diff --git a/core/modules/system/src/Tests/Entity/EntityBaseFieldTest.php b/core/modules/system/src/Tests/Entity/EntityBaseFieldTest.php
new file mode 100644
index 0000000..a13038f
--- /dev/null
+++ b/core/modules/system/src/Tests/Entity/EntityBaseFieldTest.php
@@ -0,0 +1,45 @@
+drupalCreateUser(['administer entity_test content']);
+ $this->drupalLogin($user);
+
+ $entity = EntityTestBaseFieldDisplay::create(['name' => $this->randomString()]);
+ $entity->save();
+
+ $this->drupalGet('entity_test_base_field_display/manage/' . $entity->id());
+ $this->assertResponse(200);
+ $this->assertRaw($entity->label());
+ $this->assertText('A field with multiple values');
+ // Test if labels were XSS filtered.
+ $this->assertEscaped("");
+ }
+
+}
diff --git a/core/modules/system/tests/modules/entity_test/src/Entity/EntityTestBaseFieldDisplay.php b/core/modules/system/tests/modules/entity_test/src/Entity/EntityTestBaseFieldDisplay.php
index 915f057..2a5ca41 100644
--- a/core/modules/system/tests/modules/entity_test/src/Entity/EntityTestBaseFieldDisplay.php
+++ b/core/modules/system/tests/modules/entity_test/src/Entity/EntityTestBaseFieldDisplay.php
@@ -84,6 +84,19 @@ public static function baseFieldDefinitions(EntityTypeInterface $entity_type) {
'weight' => 12,
));
+ // A multi-value base field with a dangerous label.
+ $fields['test_display_another_multiple'] = BaseFieldDefinition::create('text')
+ ->setLabel("")
+ ->setCardinality(FieldStorageDefinition::CARDINALITY_UNLIMITED)
+ ->setDisplayOptions('view', array(
+ 'type' => 'text_default',
+ 'weight' => 12,
+ ))
+ ->setDisplayOptions('form', array(
+ 'type' => 'text_textfield',
+ 'weight' => 12,
+ ));
+
return $fields;
}