diff options
| author | Sean McGivern <sean@gitlab.com> | 2017-08-31 10:47:03 +0100 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2017-08-31 13:38:33 +0100 |
| commit | 5883ce95efcc4cc04f949f9b4e66d73fbede94e2 (patch) | |
| tree | d02417158bec75160367f5b7663d37043eca9d57 /spec/views/layouts | |
| parent | bf51ab887b92275d0e5b51c53889664f8c8db745 (diff) | |
| download | gitlab-ce-5883ce95efcc4cc04f949f9b4e66d73fbede94e2.tar.gz | |
`current_application_settings` belongs on `Gitlab::CurrentSettings`
The initializers including this were doing so at the top level, so every object
loaded after them had a `current_application_settings` method. However, if
someone had rack-attack enabled (which was loaded before these initializers), it
would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't
have that method.
To fix this:
1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need
`Object.new.current_application_settings` to work.
2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it
like that in several places.
3. Change the initializers to use that new form.
Diffstat (limited to 'spec/views/layouts')
| -rw-r--r-- | spec/views/layouts/_head.html.haml_spec.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/spec/views/layouts/_head.html.haml_spec.rb b/spec/views/layouts/_head.html.haml_spec.rb index 8020faa1f9c..e8e6d2e7a75 100644 --- a/spec/views/layouts/_head.html.haml_spec.rb +++ b/spec/views/layouts/_head.html.haml_spec.rb @@ -1,6 +1,10 @@ require 'spec_helper' describe 'layouts/_head' do + before do + allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings) + end + it 'escapes HTML-safe strings in page_title' do stub_helper_with_safe_string(:page_title) |