diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-01 09:04:30 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-01 09:04:59 +0000 |
| commit | b2e1abee084bfd9f96da4bcb3fa26865d7fe6b6d (patch) | |
| tree | 4f978a0fa2167d23e671b5973ae14a5113131ac8 /spec | |
| parent | 23330db102f66781cc9a22cd006433cfcbd13863 (diff) | |
| download | gitlab-ce-b2e1abee084bfd9f96da4bcb3fa26865d7fe6b6d.tar.gz | |
Add latest changes from gitlab-org/security/gitlab@13-8-stable-ee
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js b/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js index 85468c5b0db..7ff8d9678fe 100644 --- a/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js +++ b/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js @@ -78,6 +78,18 @@ describe('MrWidgetPipelineContainer', () => { }); }); + it('sanitizes the targetBranch', () => { + factory({ + isPostMerge: true, + mr: { + ...mockStore, + targetBranch: 'Foo<script>alert("XSS")</script>', + }, + }); + + expect(wrapper.find(MrWidgetPipeline).props().sourceBranchLink).toBe('Foo'); + }); + it('renders deployments', () => { const expectedProps = mockStore.postMergeDeployments.map((dep) => expect.objectContaining({ |