diff options
author | Jen-Shin Lin <jen-shin@gitlab.com> | 2017-10-17 10:12:24 +0000 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2017-10-17 15:58:58 -0700 |
commit | bd46c8abfd5ee964c47eff0ace021e45cbbe6687 (patch) | |
tree | e22dc885b8d70829cf3893cc65c49f6351bc2d34 /spec/javascripts | |
parent | 9978ef9884023df12b3fbc5758cf93d166100c80 (diff) | |
download | gitlab-ce-bd46c8abfd5ee964c47eff0ace021e45cbbe6687.tar.gz |
Merge branch 'security-10-1' into '10-1-stable'
Security fixes for 10.1 RC
See merge request gitlab/gitlabhq!2209
Diffstat (limited to 'spec/javascripts')
-rw-r--r-- | spec/javascripts/filtered_search/filtered_search_visual_tokens_spec.js | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/spec/javascripts/filtered_search/filtered_search_visual_tokens_spec.js b/spec/javascripts/filtered_search/filtered_search_visual_tokens_spec.js index 67166802c70..2ecb64d84b5 100644 --- a/spec/javascripts/filtered_search/filtered_search_visual_tokens_spec.js +++ b/spec/javascripts/filtered_search/filtered_search_visual_tokens_spec.js @@ -791,6 +791,29 @@ describe('Filtered Search Visual Tokens', () => { expect(tokenValueElement.innerText.trim()).toBe(dummyUser.name); const avatar = tokenValueElement.querySelector('img.avatar'); expect(avatar.src).toBe(dummyUser.avatar_url); + expect(avatar.alt).toBe(''); + }) + .then(done) + .catch(done.fail); + }); + + it('escapes user name when creating token', (done) => { + const dummyUser = { + name: '<script>', + avatar_url: `${gl.TEST_HOST}/mypics/avatar.png`, + }; + const { tokenValueContainer, tokenValueElement } = findElements(authorToken); + const tokenValue = tokenValueElement.innerText; + usersCacheSpy = (username) => { + expect(`@${username}`).toBe(tokenValue); + return Promise.resolve(dummyUser); + }; + + subject.updateUserTokenAppearance(tokenValueContainer, tokenValueElement, tokenValue) + .then(() => { + expect(tokenValueElement.innerText.trim()).toBe(dummyUser.name); + tokenValueElement.querySelector('.avatar').remove(); + expect(tokenValueElement.innerHTML.trim()).toBe(_.escape(dummyUser.name)); }) .then(done) .catch(done.fail); |