diff options
author | Robert Speicher <rspeicher@gmail.com> | 2017-09-22 11:51:09 -0400 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2017-09-22 12:00:02 -0400 |
commit | c3bda6c3894528fb211c582c5b8da8d6ae125e52 (patch) | |
tree | 94a9e8a02cc4f978a7b8f1d74c28c5ec88df60be /spec | |
parent | f9df0e13e3224e90dcddded6d8ae4f1eabc3b6db (diff) | |
download | gitlab-ce-c3bda6c3894528fb211c582c5b8da8d6ae125e52.tar.gz |
Re-allow `name` attribute on user-provided anchor HTML
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/banzai/filter/sanitization_filter_spec.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/spec/lib/banzai/filter/sanitization_filter_spec.rb b/spec/lib/banzai/filter/sanitization_filter_spec.rb index 01ceb21dfaa..69bd062ebcd 100644 --- a/spec/lib/banzai/filter/sanitization_filter_spec.rb +++ b/spec/lib/banzai/filter/sanitization_filter_spec.rb @@ -101,16 +101,18 @@ describe Banzai::Filter::SanitizationFilter do expect(filter(act).to_html).to eq exp end - it 'disallows the `name` attribute globally' do + it 'disallows the `name` attribute globally, allows on `a`' do html = <<~HTML <img name="getElementById" src=""> <span name="foo" class="bar">Hi</span> + <a name="foo" class="bar">Bye</a> HTML doc = filter(html) expect(doc.at_css('img')).not_to have_attribute('name') expect(doc.at_css('span')).not_to have_attribute('name') + expect(doc.at_css('a')).to have_attribute('name') end it 'allows `summary` elements' do |