Add latest changes from gitlab-org/security/gitlab@14-6-stable-ee

5 files changed, 15 insertions, 4 deletions

diff --git a/app/assets/javascripts/notebook/cells/output/html.vue b/app/assets/javascripts/notebook/cells/output/html.vue
index ca02ee18dd1..2d1d8845e41 100644
--- a/app/assets/javascripts/notebook/cells/output/html.vue
+++ b/app/assets/javascripts/notebook/cells/output/html.vue
@@ -30,6 +30,9 @@ export default {
   },
   safeHtmlConfig: {
     ADD_TAGS: ['use'], // to support icon SVGs
+    FORBID_TAGS: ['style'],
+    FORBID_ATTR: ['style'],
+    ALLOW_DATA_ATTR: false,
   },
 };
 </script>
diff --git a/app/views/devise/confirmations/new.html.haml b/app/views/devise/confirmations/new.html.haml
index eee223ff63c..2ae950f3b0d 100644
--- a/app/views/devise/confirmations/new.html.haml
+++ b/app/views/devise/confirmations/new.html.haml
@@ -6,7 +6,7 @@
         = render "devise/shared/error_messages", resource: resource
       .form-group
         = f.label :email
-        = f.email_field :email, class: "form-control gl-form-input", required: true, title: _('Please provide a valid email address.'), value: nil
+        = f.email_field :email, class: "form-control gl-form-input", required: true, autocomplete: 'off', title: _('Please provide a valid email address.'), value: nil
 
       %div
       - if recaptcha_enabled?
diff --git a/app/views/devise/passwords/new.html.haml b/app/views/devise/passwords/new.html.haml
index 7bbde4a39c7..d5372862128 100644
--- a/app/views/devise/passwords/new.html.haml
+++ b/app/views/devise/passwords/new.html.haml
@@ -5,7 +5,7 @@
         = render "devise/shared/error_messages", resource: resource
       .form-group
         = f.label :email
-        = f.email_field :email, class: "form-control gl-form-input", required: true, value: params[:user_email], autofocus: true, title: _('Please provide a valid email address.')
+        = f.email_field :email, class: "form-control gl-form-input", required: true, autocomplete: 'off', value: params[:user_email], autofocus: true, title: _('Please provide a valid email address.')
         .form-text.text-muted
           = _('Requires your primary GitLab email address.')
 
diff --git a/app/views/groups/_import_group_from_another_instance_panel.html.haml b/app/views/groups/_import_group_from_another_instance_panel.html.haml
index 06a86c2465f..3b079ea00b7 100644
--- a/app/views/groups/_import_group_from_another_instance_panel.html.haml
+++ b/app/views/groups/_import_group_from_another_instance_panel.html.haml
@@ -26,6 +26,7 @@
         = s_('GroupsNew|Navigate to user settings to find your %{link_start}personal access token%{link_end}.').html_safe % { link_start: pat_link_start, link_end: '</a>'.html_safe }
       = f.text_field :bulk_import_gitlab_access_token, placeholder: s_('GroupsNew|e.g. h8d3f016698e...'), class: 'gl-form-input gl-mt-3 col-xs-12 col-sm-8',
         required: true,
+        autocomplete: 'off',
         title: s_('GroupsNew|Please fill in your personal access token.'),
         id: 'import_gitlab_token',
         data: { qa_selector: 'import_gitlab_token' }
diff --git a/spec/frontend/notebook/cells/output/html_sanitize_fixtures.js b/spec/frontend/notebook/cells/output/html_sanitize_fixtures.js
index 803ac4a219d..70c7f56b62f 100644
--- a/spec/frontend/notebook/cells/output/html_sanitize_fixtures.js
+++ b/spec/frontend/notebook/cells/output/html_sanitize_fixtures.js
@@ -16,13 +16,20 @@ export default [
     'text/html table',
     {
       input: [
-        '<table>\n',
+        '<style type="text/css">\n',
+        '\n',
+        'body {\n',
+        '  background: red;\n',
+        '}\n',
+        '\n',
+        '</style>\n',
+        '<table data-myattr="XSS">\n',
         '<tr>\n',
         '<th>Header 1</th>\n',
         '<th>Header 2</th>\n',
         '</tr>\n',
         '<tr>\n',
-        '<td>row 1, cell 1</td>\n',
+        '<td style="background: red;">row 1, cell 1</td>\n',
         '<td>row 1, cell 2</td>\n',
         '</tr>\n',
         '<tr>\n',