Remove persistent XSS vulnerability in `commit_person_link` helper

Because we were incorrectly supplying the tooltip title as `data-original-title` (which Bootstrap's Tooltip JS automatically applies based on the `title` attribute; we should never be setting it directly), the value was being passed through as-is. Instead, we should be supplying the normal `title` attribute and letting Rails escape the value, which also negates the need for us to call `sanitize` on it. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15126
author: Robert Speicher <rspeicher@gmail.com> 2016-04-17 17:48:51 -0400
committer: Robert Speicher <rspeicher@gmail.com> 2016-04-17 18:42:49 -0400
commit: 7cc239528ea7f4905e6d773771006ec661d628d6 (patch)
tree: 8b718249cae653d938b00c36213c2d4943cf29ec /features
parent: 1c93b33587a5e0a0596b43772ee9e709e9962368 (diff)
download: gitlab-ce-7cc239528ea7f4905e6d773771006ec661d628d6.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/features/steps/project/commits/user_lookup.rb b/features/steps/project/commits/user_lookup.rb
index 40cada6da45..2d43be5a386 100644
--- a/features/steps/project/commits/user_lookup.rb
+++ b/features/steps/project/commits/user_lookup.rb
@@ -29,8 +29,9 @@ class Spinach::Features::ProjectCommitsUserLookup < Spinach::FeatureSteps
 
   def check_author_link(email, user)
     author_link = find('.commit-author-link')
+
     expect(author_link['href']).to eq user_path(user)
-    expect(author_link['data-original-title']).to eq email
+    expect(author_link['title']).to eq email
     expect(find('.commit-author-name').text).to eq user.name
   end
author	Robert Speicher <rspeicher@gmail.com>	2016-04-17 17:48:51 -0400
committer	Robert Speicher <rspeicher@gmail.com>	2016-04-17 18:42:49 -0400
commit	7cc239528ea7f4905e6d773771006ec661d628d6 (patch)
tree	8b718249cae653d938b00c36213c2d4943cf29ec /features
parent	1c93b33587a5e0a0596b43772ee9e709e9962368 (diff)
download	gitlab-ce-7cc239528ea7f4905e6d773771006ec661d628d6.tar.gz