diff options
Diffstat (limited to 'spec/features/projects/wiki/user_updates_wiki_page_spec.rb')
-rw-r--r-- | spec/features/projects/wiki/user_updates_wiki_page_spec.rb | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb index 3f3711f9eb8..d3a0c9b790b 100644 --- a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb +++ b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb @@ -83,15 +83,15 @@ describe 'User updates wiki page' do end it 'updates the commit message as the title is changed', :js do - fill_in(:wiki_title, with: 'Wiki title') + fill_in(:wiki_title, with: '& < > \ \ { } &') - expect(page).to have_field('wiki[message]', with: 'Update Wiki title') + expect(page).to have_field('wiki[message]', with: 'Update & < > \ \ { } &') end - it 'does not allow XSS', :js do - fill_in(:wiki_title, with: '<script>') + it 'correctly escapes the commit message entities', :js do + fill_in(:wiki_title, with: 'Wiki title') - expect(page).to have_field('wiki[message]', with: 'Update <script>') + expect(page).to have_field('wiki[message]', with: 'Update Wiki title') end it 'shows a validation error message' do |