/**
* @magentoDataFixture Mage/Catalog/_files/product_simple_xss.php
* @magentoDataFixture Mage/Customer/_files/customer.php
*/
public function testAddActionProductNameXss()
{
$this->dispatch('wishlist/index/add/product/1?nocookie=1');
$messages = $this->_customerSession->getMessages()->getItems();
$isProductNamePresent = false;
foreach ($messages as $message) {
if (strpos($message->getCode(), '<script>alert("xss");</script>') !== false) {
$isProductNamePresent = true;
}
$this->assertNotContains('<script>alert("xss");</script>', $message->getCode());
}
$this->assertTrue($isProductNamePresent, 'Product name was not found in session messages');
}
