diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-26 14:57:55 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-26 14:57:55 +0000 |
commit | 10fc441cba99167120253ed05c53bcb16e80771c (patch) | |
tree | 3ed7611858cda4f3d7989f11ad4aa902dfbef906 /spec/lib/gitlab/static_site_editor/config_spec.rb | |
parent | 4cc9d3e28ab73ad593b2abb9f43831865f040e22 (diff) | |
download | gitlab-ce-10fc441cba99167120253ed05c53bcb16e80771c.tar.gz |
Add latest changes from gitlab-org/security/gitlab@12-10-stable-ee
Diffstat (limited to 'spec/lib/gitlab/static_site_editor/config_spec.rb')
-rw-r--r-- | spec/lib/gitlab/static_site_editor/config_spec.rb | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/spec/lib/gitlab/static_site_editor/config_spec.rb b/spec/lib/gitlab/static_site_editor/config_spec.rb index 8f61476722d..8fd4c844375 100644 --- a/spec/lib/gitlab/static_site_editor/config_spec.rb +++ b/spec/lib/gitlab/static_site_editor/config_spec.rb @@ -57,5 +57,23 @@ describe Gitlab::StaticSiteEditor::Config do it { is_expected.to include(is_supported_content: false) } end + + context 'when return_url is not a valid URL' do + let(:return_url) { 'example.com' } + + it { is_expected.to include(return_url: nil) } + end + + context 'when return_url has a javascript scheme' do + let(:return_url) { 'javascript:alert(document.domain)' } + + it { is_expected.to include(return_url: nil) } + end + + context 'when return_url is missing' do + let(:return_url) { nil } + + it { is_expected.to include(return_url: nil) } + end end end |