diff options
author | Fatih Acet <acetfatih@gmail.com> | 2018-08-23 22:53:35 +0200 |
---|---|---|
committer | André Luís <aluis@gitlab.com> | 2018-09-11 13:30:36 +0100 |
commit | 6d360c210d3d822fc266eecc04753481ae4bda70 (patch) | |
tree | 2884f5d800cd8f26020bcf0913aa78c11bc3a61d /spec/features/issues/issue_detail_spec.rb | |
parent | c56f2b96159afaf6f1e0831d0e7a756a40568cab (diff) | |
download | gitlab-ce-6d360c210d3d822fc266eecc04753481ae4bda70.tar.gz |
Properly sanitize JSON data to fix XSS on Issue details page.
Diffstat (limited to 'spec/features/issues/issue_detail_spec.rb')
-rw-r--r-- | spec/features/issues/issue_detail_spec.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/spec/features/issues/issue_detail_spec.rb b/spec/features/issues/issue_detail_spec.rb index 088ab114df3..76bc93e9766 100644 --- a/spec/features/issues/issue_detail_spec.rb +++ b/spec/features/issues/issue_detail_spec.rb @@ -18,6 +18,23 @@ describe 'Issue Detail', :js do end end + context 'when issue description has xss snippet' do + before do + issue.update!(description: '![xss" onload=alert(1);//](a)') + sign_in(user) + visit project_issue_path(project, issue) + wait_for_requests + end + + it 'should encode the description to prevent xss issues' do + page.within('.issuable-details .detail-page-description') do + expect(page).to have_selector('img', count: 1) + expect(find('img')['onerror']).to be_nil + expect(find('img')['src']).to end_with('/a') + end + end + end + context 'when edited by a user who is later deleted' do before do sign_in(user) |