summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTakuya Noguchi <takninnovationresearch@gmail.com>2017-11-11 00:02:42 +0900
committerTakuya Noguchi <takninnovationresearch@gmail.com>2018-01-25 08:12:19 +0900
commitbb9b7bf6e33ae68d1f898c4cd5e09b44bee2be80 (patch)
tree17d856aa785b3d8b8a0252623b9b793f0f5084bb
parent44728e0527bc7c5cf982be2fbbd26e24a79e5d8f (diff)
downloadgitlab-ce-bb9b7bf6e33ae68d1f898c4cd5e09b44bee2be80.tar.gz
Handle special characters on API request of issuable templates
-rw-r--r--app/assets/javascripts/api.js2
-rw-r--r--changelogs/unreleased/40028-special-characters-on-issuable-templates.yml5
-rw-r--r--config/routes/project.rb2
-rw-r--r--spec/javascripts/api_spec.js4
4 files changed, 9 insertions, 4 deletions
diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js
index 38c67b5f04e..7cb81bf4d5b 100644
--- a/app/assets/javascripts/api.js
+++ b/app/assets/javascripts/api.js
@@ -178,7 +178,7 @@ const Api = {
issueTemplate(namespacePath, projectPath, key, type, callback) {
const url = Api.buildUrl(Api.issuableTemplatePath)
- .replace(':key', key)
+ .replace(':key', encodeURIComponent(key))
.replace(':type', type)
.replace(':project_path', projectPath)
.replace(':namespace_path', namespacePath);
diff --git a/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml b/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml
new file mode 100644
index 00000000000..ffab28acbd5
--- /dev/null
+++ b/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml
@@ -0,0 +1,5 @@
+---
+title: Handle special characters on API request of issuable templates
+merge_request: 15323
+author: Takuya Noguchi
+type: fixed
diff --git a/config/routes/project.rb b/config/routes/project.rb
index 43ada9ba145..0496bd85b4e 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -40,7 +40,7 @@ constraints(ProjectUrlConstrainer.new) do
#
# Templates
#
- get '/templates/:template_type/:key' => 'templates#show', as: :template
+ get '/templates/:template_type/:key' => 'templates#show', as: :template, constraints: { key: /[^\/]+/ }
resource :avatar, only: [:show, :destroy]
resources :commit, only: [:show], constraints: { id: /\h{7,40}/ } do
diff --git a/spec/javascripts/api_spec.js b/spec/javascripts/api_spec.js
index 2aa4fb1f6c6..cc5fa42aafe 100644
--- a/spec/javascripts/api_spec.js
+++ b/spec/javascripts/api_spec.js
@@ -262,9 +262,9 @@ describe('Api', () => {
it('fetches an issue template', (done) => {
const namespace = 'some namespace';
const project = 'some project';
- const templateKey = 'template key';
+ const templateKey = ' template #%?.key ';
const templateType = 'template type';
- const expectedUrl = `${dummyUrlRoot}/${namespace}/${project}/templates/${templateType}/${templateKey}`;
+ const expectedUrl = `${dummyUrlRoot}/${namespace}/${project}/templates/${templateType}/${encodeURIComponent(templateKey)}`;
spyOn(jQuery, 'ajax').and.callFake((request) => {
expect(request.url).toEqual(expectedUrl);
return sendDummyResponse();