diff options
author | Tim Zallmann <tzallmann@gitlab.com> | 2017-08-21 09:45:46 +0000 |
---|---|---|
committer | Phil Hughes <me@iamphill.com> | 2017-08-21 09:45:46 +0000 |
commit | 2bfee0706a61b7b1d4d5ea82f6c53ffe07e56065 (patch) | |
tree | 7eab3691a436268d34969ee368eb81c5a3fb22c2 | |
parent | 6509833cfa211804048ec4711572e3b44a5be21c (diff) | |
download | gitlab-ce-2bfee0706a61b7b1d4d5ea82f6c53ffe07e56065.tar.gz |
Resolve "User profile activity feed contains broken image links"
-rw-r--r-- | app/helpers/events_helper.rb | 2 | ||||
-rw-r--r-- | spec/helpers/events_helper_spec.rb | 6 |
2 files changed, 7 insertions, 1 deletions
diff --git a/app/helpers/events_helper.rb b/app/helpers/events_helper.rb index 722a65eeb98..c6f98e7e782 100644 --- a/app/helpers/events_helper.rb +++ b/app/helpers/events_helper.rb @@ -176,7 +176,7 @@ module EventsHelper sanitize( text, tags: %w(a img gl-emoji b pre code p span), - attributes: Rails::Html::WhiteListSanitizer.allowed_attributes + ['style', 'data-name', 'data-unicode-version'] + attributes: Rails::Html::WhiteListSanitizer.allowed_attributes + ['style', 'data-src', 'data-name', 'data-unicode-version'] ) end diff --git a/spec/helpers/events_helper_spec.rb b/spec/helpers/events_helper_spec.rb index aa138f25bd3..4b72dbb7964 100644 --- a/spec/helpers/events_helper_spec.rb +++ b/spec/helpers/events_helper_spec.rb @@ -62,6 +62,12 @@ describe EventsHelper do expect(helper.event_note(input)).to eq(expected) end + it 'preserves data-src for lazy images' do + input = "![ImageTest](/uploads/test.png)" + image_url = "data-src=\"/uploads/test.png\"" + expect(helper.event_note(input)).to match(image_url) + end + context 'labels formatting' do let(:input) { 'this should be ~label_1' } |