diff --git a/core/modules/views/src/Tests/Handler/FieldCustomTest.php b/core/modules/views/src/Tests/Handler/FieldCustomTest.php
index a94e46d..cfca608 100644
--- a/core/modules/views/src/Tests/Handler/FieldCustomTest.php
+++ b/core/modules/views/src/Tests/Handler/FieldCustomTest.php
@@ -7,6 +7,7 @@
namespace Drupal\views\Tests\Handler;
+use Drupal\Component\Utility\Xss;
use Drupal\views\Tests\ViewKernelTestBase;
use Drupal\views\Views;
@@ -24,18 +25,24 @@ class FieldCustomTest extends ViewKernelTestBase {
*/
public static $testViews = array('test_view');
+ /**
+ * {@inheritdoc}
+ */
function viewsData() {
$data = parent::viewsData();
$data['views_test_data']['name']['field']['id'] = 'custom';
return $data;
}
+ /**
+ * Ensure that custom fields work and doesn't escape unnecessary markup.
+ */
public function testFieldCustom() {
$view = Views::getView('test_view');
$view->setDisplay();
// Alter the text of the field to a random string.
- $random = $this->randomMachineName();
+ $random = '' . $this->randomMachineName() . '
';
$view->displayHandlers->get('default')->overrideOption('fields', array(
'name' => array(
'id' => 'name',
@@ -53,4 +60,28 @@ public function testFieldCustom() {
$this->assertEqual($random, $view->style_plugin->getField(0, 'name'));
}
+ /**
+ * Ensure that custom field content is XSS filtered.
+ */
+ public function testCustomFieldXss() {
+ $view = Views::getView('test_view');
+ $view->setDisplay();
+
+ // Alter the text of the field to include XSS.
+ $text = '';
+ $view->displayHandlers->get('default')->overrideOption('fields', array(
+ 'name' => array(
+ 'id' => 'name',
+ 'table' => 'views_test_data',
+ 'field' => 'name',
+ 'relationship' => 'none',
+ 'alter' => array(
+ 'text' => $text,
+ ),
+ ),
+ ));
+ $this->executeView($view);
+ $this->assertEqual(Xss::filter($text), $view->style_plugin->getField(0, 'name'));
+ }
+
}