diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-30 11:43:14 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-30 11:43:21 +0000 |
commit | 16fa5cf183d9f59a66c1e258ce36cd3f09c8d3fd (patch) | |
tree | b1662c1ee4766bba9d71cf2dc06204ab281a4d11 /spec/features | |
parent | 33e4d44c11427a31ada41e7a0757d35f03d62ce7 (diff) | |
download | gitlab-ce-16fa5cf183d9f59a66c1e258ce36cd3f09c8d3fd.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-0-stable-ee
Diffstat (limited to 'spec/features')
-rw-r--r-- | spec/features/snippets/notes_on_personal_snippets_spec.rb | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/spec/features/snippets/notes_on_personal_snippets_spec.rb b/spec/features/snippets/notes_on_personal_snippets_spec.rb index 47dad9bd88e..e03f71c5352 100644 --- a/spec/features/snippets/notes_on_personal_snippets_spec.rb +++ b/spec/features/snippets/notes_on_personal_snippets_spec.rb @@ -65,18 +65,6 @@ RSpec.describe 'Comments on personal snippets', :js do expect(page).to have_content(user_name) end end - - context 'when the author name contains HTML' do - let(:user_name) { '<h1><a href="https://bad.link/malicious.exe" class="evil">Fake Content<img class="fake-icon" src="image.png"></a></h1>' } - - it 'renders the name as plain text' do - visit snippet_path(snippet) - - content = find("#note_#{snippet_notes[0].id} .note-header-author-name").text - - expect(content).to eq user_name - end - end end context 'when submitting a note' do |