diff options
author | Benedict Etzel <developer@beheh.de> | 2016-01-22 13:47:14 +0100 |
---|---|---|
committer | Benedict Etzel <developer@beheh.de> | 2016-01-23 20:38:06 +0100 |
commit | 6435f78a8c66be92613c3a8ea4ec8171d0c38fea (patch) | |
tree | fe633fc0e6bfcb481e196616105b654dbda85877 /spec | |
parent | dc78ee4e8b4911edf04949e2aa036997623d60ae (diff) | |
download | gitlab-ce-6435f78a8c66be92613c3a8ea4ec8171d0c38fea.tar.gz |
Whitelist raw "abbr" elements when parsing Markdown
Closes #12517
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/banzai/filter/sanitization_filter_spec.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/spec/lib/banzai/filter/sanitization_filter_spec.rb b/spec/lib/banzai/filter/sanitization_filter_spec.rb index 760d60a4190..9c63d227044 100644 --- a/spec/lib/banzai/filter/sanitization_filter_spec.rb +++ b/spec/lib/banzai/filter/sanitization_filter_spec.rb @@ -75,6 +75,11 @@ describe Banzai::Filter::SanitizationFilter, lib: true do expect(filter(act).to_html).to eq exp end + it 'allows `abbr` elements' do + exp = act = %q{<abbr title="HyperText Markup Language">HTML</abbr>} + expect(filter(act).to_html).to eq exp + end + it 'removes `rel` attribute from `a` elements' do act = %q{<a href="#" rel="nofollow">Link</a>} exp = %q{<a href="#">Link</a>} |