diff options
author | Tiago Botelho <tiagonbotelho@hotmail.com> | 2017-09-15 15:28:41 +0100 |
---|---|---|
committer | Tiago Botelho <tiagonbotelho@hotmail.com> | 2017-09-15 17:30:55 +0100 |
commit | 0169dd7f6f82bc91635a3d8ddfa8bd4b6a98f2eb (patch) | |
tree | 073dba598e04de1301be2261e9be17ce5c61e019 /spec/helpers | |
parent | 5d3f7b133fba9bba876da5ef13c630320a920e3f (diff) | |
download | gitlab-ce-0169dd7f6f82bc91635a3d8ddfa8bd4b6a98f2eb.tar.gz |
Fixes project denial of service via gitmodules using Extended ASCII.34259-project-denial-of-service-via-gitmodules-fix
Diffstat (limited to 'spec/helpers')
-rw-r--r-- | spec/helpers/submodule_helper_spec.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/spec/helpers/submodule_helper_spec.rb b/spec/helpers/submodule_helper_spec.rb index c4f4e0d21dc..5a2e4b34069 100644 --- a/spec/helpers/submodule_helper_spec.rb +++ b/spec/helpers/submodule_helper_spec.rb @@ -147,6 +147,12 @@ describe SubmoduleHelper do expect(helper.submodule_links(submodule_item)).to eq([nil, nil]) end + it 'sanitizes invalid URL with extended ASCII' do + stub_url('é') + + expect(helper.submodule_links(submodule_item)).to eq([nil, nil]) + end + it 'returns original' do stub_url('http://mygitserver.com/gitlab-org/gitlab-ce') expect(submodule_links(submodule_item)).to eq([repo.submodule_url_for, nil]) |