diff options
author | Rémy Coutable <remy@rymai.me> | 2018-01-25 16:19:36 +0000 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2018-01-25 16:19:36 +0000 |
commit | e4c2ce6f67ffdaa88ee394c93e07f175f6e309eb (patch) | |
tree | d446d5543f62769e3694e8505fbd3dc6f228d517 | |
parent | 5c68c839c09f2a091fa677d35cbfd3de5a2e6d43 (diff) | |
parent | bb9b7bf6e33ae68d1f898c4cd5e09b44bee2be80 (diff) | |
download | gitlab-ce-e4c2ce6f67ffdaa88ee394c93e07f175f6e309eb.tar.gz |
Merge branch '40028-special-characters-on-issuable-templates' into 'master'
Handling special characters in Issuable Templates
Closes #40028
See merge request gitlab-org/gitlab-ce!15323
-rw-r--r-- | app/assets/javascripts/api.js | 2 | ||||
-rw-r--r-- | changelogs/unreleased/40028-special-characters-on-issuable-templates.yml | 5 | ||||
-rw-r--r-- | config/routes/project.rb | 2 | ||||
-rw-r--r-- | spec/javascripts/api_spec.js | 4 |
4 files changed, 9 insertions, 4 deletions
diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 38c67b5f04e..7cb81bf4d5b 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -178,7 +178,7 @@ const Api = { issueTemplate(namespacePath, projectPath, key, type, callback) { const url = Api.buildUrl(Api.issuableTemplatePath) - .replace(':key', key) + .replace(':key', encodeURIComponent(key)) .replace(':type', type) .replace(':project_path', projectPath) .replace(':namespace_path', namespacePath); diff --git a/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml b/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml new file mode 100644 index 00000000000..ffab28acbd5 --- /dev/null +++ b/changelogs/unreleased/40028-special-characters-on-issuable-templates.yml @@ -0,0 +1,5 @@ +--- +title: Handle special characters on API request of issuable templates +merge_request: 15323 +author: Takuya Noguchi +type: fixed diff --git a/config/routes/project.rb b/config/routes/project.rb index 43ada9ba145..0496bd85b4e 100644 --- a/config/routes/project.rb +++ b/config/routes/project.rb @@ -40,7 +40,7 @@ constraints(ProjectUrlConstrainer.new) do # # Templates # - get '/templates/:template_type/:key' => 'templates#show', as: :template + get '/templates/:template_type/:key' => 'templates#show', as: :template, constraints: { key: /[^\/]+/ } resource :avatar, only: [:show, :destroy] resources :commit, only: [:show], constraints: { id: /\h{7,40}/ } do diff --git a/spec/javascripts/api_spec.js b/spec/javascripts/api_spec.js index 2aa4fb1f6c6..cc5fa42aafe 100644 --- a/spec/javascripts/api_spec.js +++ b/spec/javascripts/api_spec.js @@ -262,9 +262,9 @@ describe('Api', () => { it('fetches an issue template', (done) => { const namespace = 'some namespace'; const project = 'some project'; - const templateKey = 'template key'; + const templateKey = ' template #%?.key '; const templateType = 'template type'; - const expectedUrl = `${dummyUrlRoot}/${namespace}/${project}/templates/${templateType}/${templateKey}`; + const expectedUrl = `${dummyUrlRoot}/${namespace}/${project}/templates/${templateType}/${encodeURIComponent(templateKey)}`; spyOn(jQuery, 'ajax').and.callFake((request) => { expect(request.url).toEqual(expectedUrl); return sendDummyResponse(); |