Add latest changes from gitlab-org/gitlab@13-10-stable-eev13.10.0-rc40

1 files changed, 13 insertions, 2 deletions

diff --git a/spec/controllers/projects/design_management/designs/raw_images_controller_spec.rb b/spec/controllers/projects/design_management/designs/raw_images_controller_spec.rb
index f664604ac15..e0f86876f67 100644
--- a/spec/controllers/projects/design_management/designs/raw_images_controller_spec.rb
+++ b/spec/controllers/projects/design_management/designs/raw_images_controller_spec.rb
@@ -37,13 +37,24 @@ RSpec.describe Projects::DesignManagement::Designs::RawImagesController do
       # For security, .svg images should only ever be served with Content-Disposition: attachment.
       # If this specs ever fails we must assess whether we should be serving svg images.
       # See https://gitlab.com/gitlab-org/gitlab/issues/12771
-      it 'serves files with `Content-Disposition: attachment`' do
+      it 'serves files with `Content-Disposition` header set to attachment plus the filename' do
         subject
 
-        expect(response.header['Content-Disposition']).to eq('attachment')
+        expect(response.header['Content-Disposition']).to match "attachment; filename=\"#{design.filename}\""
         expect(response).to have_gitlab_http_status(:ok)
       end
 
+      context 'when the feature flag attachment_with_filename is disabled' do
+        it 'serves files with just `attachment` in the disposition header' do
+          stub_feature_flags(attachment_with_filename: false)
+
+          subject
+
+          expect(response.header['Content-Disposition']).to eq('attachment')
+          expect(response).to have_gitlab_http_status(:ok)
+        end
+      end
+
       it 'serves files with Workhorse' do
         subject