diff options
author | Takuya Noguchi <takninnovationresearch@gmail.com> | 2017-11-11 00:02:42 +0900 |
---|---|---|
committer | Takuya Noguchi <takninnovationresearch@gmail.com> | 2018-01-25 08:12:19 +0900 |
commit | bb9b7bf6e33ae68d1f898c4cd5e09b44bee2be80 (patch) | |
tree | 17d856aa785b3d8b8a0252623b9b793f0f5084bb | |
parent | 44728e0527bc7c5cf982be2fbbd26e24a79e5d8f (diff) | |
download | gitlab-ce-bb9b7bf6e33ae68d1f898c4cd5e09b44bee2be80.tar.gz |
Handle special characters on API request of issuable templates
-rw-r--r-- | app/assets/javascripts/api.js | 2 | ||||
-rw-r--r-- | changelogs/unreleased/40028-special-characters-on-issuable-templates.yml | 5 | ||||
-rw-r--r-- | config/routes/project.rb | 2 | ||||
-rw-r--r-- | spec/javascripts/api_spec.js | 4 |
4 files changed, 9 insertions, 4 deletions
diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 38c67b5f04e..7cb81bf4d5b 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -178,7 +178,7 @@ const Api = { issueTemplate(namespacePath, projectPath, key, type, callback) { const url = Api.buildUrl(Api.issuableTemplatePath) - .replace(':key', key) + .replace(':key', encodeURIComponent(key)) .replace(':type', type) .replace(':project_path', projectPath) .replace(':namespace_path', namespacePath); diff --git a/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml b/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml new file mode 100644 index 00000000000..ffab28acbd5 --- /dev/null +++ b/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml @@ -0,0 +1,5 @@ +--- +title: Handle special characters on API request of issuable templates +merge_request: 15323 +author: Takuya Noguchi +type: fixed diff --git a/config/routes/project.rb b/config/routes/project.rb index 43ada9ba145..0496bd85b4e 100644 --- a/config/routes/project.rb +++ b/config/routes/project.rb @@ -40,7 +40,7 @@ constraints(ProjectUrlConstrainer.new) do # # Templates # - get '/templates/:template_type/:key' => 'templates#show', as: :template + get '/templates/:template_type/:key' => 'templates#show', as: :template, constraints: { key: /[^\/]+/ } resource :avatar, only: [:show, :destroy] resources :commit, only: [:show], constraints: { id: /\h{7,40}/ } do diff --git a/spec/javascripts/api_spec.js b/spec/javascripts/api_spec.js index 2aa4fb1f6c6..cc5fa42aafe 100644 --- a/spec/javascripts/api_spec.js +++ b/spec/javascripts/api_spec.js @@ -262,9 +262,9 @@ describe('Api', () => { it('fetches an issue template', (done) => { const namespace = 'some namespace'; const project = 'some project'; - const templateKey = 'template key'; + const templateKey = ' template #%?.key '; const templateType = 'template type'; - const expectedUrl = `${dummyUrlRoot}/${namespace}/${project}/templates/${templateType}/${templateKey}`; + const expectedUrl = `${dummyUrlRoot}/${namespace}/${project}/templates/${templateType}/${encodeURIComponent(templateKey)}`; spyOn(jQuery, 'ajax').and.callFake((request) => { expect(request.url).toEqual(expectedUrl); return sendDummyResponse(); |