Add `sanitize_name` helper to sanitize URLs in user full name

author: Kushal Pandya <kushalspandya@gmail.com> 2019-01-15 19:51:37 +0530
committer: Yorick Peterse <yorickpeterse@gmail.com> 2019-01-31 16:52:21 +0100
commit: 1549039602dd88fa4f33b0c3f82861ab9bdd7669 (patch)
tree: 6f1a36a8b798e1c32743392ac7042e4247f44879 /spec/helpers
parent: b026db4dfc924e2d866f18f0bfd042d6464a224e (diff)
download: gitlab-ce-1549039602dd88fa4f33b0c3f82861ab9bdd7669.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/spec/helpers/emails_helper_spec.rb b/spec/helpers/emails_helper_spec.rb
index 3820cf5cb9d..23d7e41803e 100644
--- a/spec/helpers/emails_helper_spec.rb
+++ b/spec/helpers/emails_helper_spec.rb
@@ -1,6 +1,20 @@
 require 'spec_helper'
 
 describe EmailsHelper do
+  describe 'sanitize_name' do
+    context 'when name contains a valid URL string' do
+      it 'returns name with `.` replaced with `_` to prevent mail clients from auto-linking URLs' do
+        expect(sanitize_name('https://about.gitlab.com')).to eq('https://about_gitlab_com')
+        expect(sanitize_name('www.gitlab.com')).to eq('www_gitlab_com')
+        expect(sanitize_name('//about.gitlab.com/handbook/security/#best-practices')).to eq('//about_gitlab_com/handbook/security/#best-practices')
+      end
+
+      it 'returns name as it is when it does not contain a URL' do
+        expect(sanitize_name('Foo Bar')).to eq('Foo Bar')
+      end
+    end
+  end
+
   describe 'password_reset_token_valid_time' do
     def validate_time_string(time_limit, expected_string)
       Devise.reset_password_within = time_limit
author	Kushal Pandya <kushalspandya@gmail.com>	2019-01-15 19:51:37 +0530
committer	Yorick Peterse <yorickpeterse@gmail.com>	2019-01-31 16:52:21 +0100
commit	1549039602dd88fa4f33b0c3f82861ab9bdd7669 (patch)
tree	6f1a36a8b798e1c32743392ac7042e4247f44879 /spec/helpers
parent	b026db4dfc924e2d866f18f0bfd042d6464a224e (diff)
download	gitlab-ce-1549039602dd88fa4f33b0c3f82861ab9bdd7669.tar.gz