Add latest changes from gitlab-org/gitlab@15-4-stable-eev15.4.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-09-19 23:18:09 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-09-19 23:18:09 +0000
commit: 6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde (patch)
tree: dc4d20fe6064752c0bd323187252c77e0a89144b /spec/support/helpers/html_escaped_helpers.rb
parent: 9868dae7fc0655bd7ce4a6887d4e6d487690eeed (diff)
download: gitlab-ce-6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde.tar.gz
1 files changed, 24 insertions, 0 deletions
diff --git a/spec/support/helpers/html_escaped_helpers.rb b/spec/support/helpers/html_escaped_helpers.rb
new file mode 100644
index 00000000000..7f6825e9598
--- /dev/null
+++ b/spec/support/helpers/html_escaped_helpers.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module HtmlEscapedHelpers
+  extend self
+
+  # Checks if +content+ contains HTML escaped tags and returns its match.
+  #
+  # It matches escaped opening and closing tags `&lt;<name>` and
+  # `&lt;/<name>`. The match is discarded if the tag is inside a quoted
+  # attribute value.
+  # Foor example, `<div title="We allow # &lt;b&gt;bold&lt;/b&gt;">`.
+  #
+  # @return [MatchData, nil] Returns the match or +nil+ if no match was found.
+  def match_html_escaped_tags(content)
+    match_data = %r{&lt;\s*(?:/\s*)?\w+}.match(content)
+    return unless match_data
+
+    # Escaped HTML tags are allowed inside quoted attribute values like:
+    # `title="Press &lt;back&gt;"`
+    return if %r{=\s*["'][^>]*\z}.match?(match_data.pre_match)
+
+    match_data
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-09-19 23:18:09 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-09-19 23:18:09 +0000
commit	6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde (patch)
tree	dc4d20fe6064752c0bd323187252c77e0a89144b /spec/support/helpers/html_escaped_helpers.rb
parent	9868dae7fc0655bd7ce4a6887d4e6d487690eeed (diff)
download	gitlab-ce-6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde.tar.gz