diff options
Diffstat (limited to 'spec/frontend/issue_show/index_spec.js')
| -rw-r--r-- | spec/frontend/issue_show/index_spec.js | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/spec/frontend/issue_show/index_spec.js b/spec/frontend/issue_show/index_spec.js new file mode 100644 index 00000000000..e80d1b83c11 --- /dev/null +++ b/spec/frontend/issue_show/index_spec.js @@ -0,0 +1,19 @@ +import initIssueableApp from '~/issue_show'; + +describe('Issue show index', () => { + describe('initIssueableApp', () => { + it('should initialize app with no potential XSS attack', () => { + const d = document.createElement('div'); + d.id = 'js-issuable-app-initial-data'; + d.innerHTML = JSON.stringify({ + initialDescriptionHtml: '<img src=x onerror=alert(1)>', + }); + document.body.appendChild(d); + + const alertSpy = jest.spyOn(window, 'alert'); + initIssueableApp(); + + expect(alertSpy).not.toHaveBeenCalled(); + }); + }); +}); |