diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-09-29 12:59:36 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-09-29 12:59:57 +0000 |
commit | 77e5b153659e884a5fa8442d675f2b88e9de2dd2 (patch) | |
tree | 1e0a5bf0dca7160afbd7f8fa578e61cc665b2ad5 /spec/frontend | |
parent | a3adc9bca8f340d1e88fda2e5c5d24326417acc4 (diff) | |
download | gitlab-ce-77e5b153659e884a5fa8442d675f2b88e9de2dd2.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-3-stable-ee
Diffstat (limited to 'spec/frontend')
-rw-r--r-- | spec/frontend/users_select/index_spec.js | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/spec/frontend/users_select/index_spec.js b/spec/frontend/users_select/index_spec.js index 99caaf61c54..0d2aae78944 100644 --- a/spec/frontend/users_select/index_spec.js +++ b/spec/frontend/users_select/index_spec.js @@ -1,3 +1,5 @@ +import { escape } from 'lodash'; +import UsersSelect from '~/users_select/index'; import { createInputsModelExpectation, createUnassignedExpectation, @@ -91,5 +93,19 @@ describe('~/users_select/index', () => { expect(findDropdownItemsModel()).toEqual(expectation); }); }); + + describe('renderApprovalRules', () => { + const ruleNames = ['simple-name', '"\'<>&', '"><script>alert(1)<script>']; + + it.each(ruleNames)('escapes rule name correctly for %s', (name) => { + const escapedName = escape(name); + + expect( + UsersSelect.prototype.renderApprovalRules('reviewer', [{ name }]), + ).toMatchInterpolatedText( + `<div class="gl-display-flex gl-font-sm"> <span class="gl-text-truncate" title="${escapedName}">${escapedName}</span> </div>`, + ); + }); + }); }); }); |