diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2017-04-24 13:22:03 +0300 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2017-04-24 13:22:03 +0300 |
commit | bc695e264c1976d85b8f03868bd7efb967602902 (patch) | |
tree | b4e2bdb73b26223c4a5d45e16beefa3bf8a1c280 /spec/lib/gitlab/other_markup_spec.rb | |
parent | c76812c79ffe3ca35b00faeaaf7fa1c362d1d27d (diff) | |
download | gitlab-ce-bc695e264c1976d85b8f03868bd7efb967602902.tar.gz |
Fix incorrect spec filenames which were ingored by CIdz-fix-spec-filenames-ce
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Diffstat (limited to 'spec/lib/gitlab/other_markup_spec.rb')
-rw-r--r-- | spec/lib/gitlab/other_markup_spec.rb | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/spec/lib/gitlab/other_markup_spec.rb b/spec/lib/gitlab/other_markup_spec.rb new file mode 100644 index 00000000000..8f5a353b381 --- /dev/null +++ b/spec/lib/gitlab/other_markup_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe Gitlab::OtherMarkup, lib: true do + context "XSS Checks" do + links = { + 'links' => { + file: 'file.rdoc', + input: 'XSS[JaVaScriPt:alert(1)]', + output: '<p><a>XSS</a></p>' + } + } + links.each do |name, data| + it "does not convert dangerous #{name} into HTML" do + expect(render(data[:file], data[:input], context)).to eql data[:output] + end + end + end + + def render(*args) + described_class.render(*args) + end +end |