diff options
Diffstat (limited to 'spec/helpers')
| -rw-r--r-- | spec/helpers/issuables_helper_spec.rb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/spec/helpers/issuables_helper_spec.rb b/spec/helpers/issuables_helper_spec.rb index 4c93a8387a9..a3945b5bd8a 100644 --- a/spec/helpers/issuables_helper_spec.rb +++ b/spec/helpers/issuables_helper_spec.rb @@ -327,4 +327,12 @@ RSpec.describe IssuablesHelper do end end end + + describe '#sidebar_milestone_tooltip_label' do + it 'escapes HTML in the milestone title' do + milestone = build(:milestone, title: '<img onerror=alert(1)>') + + expect(helper.sidebar_milestone_tooltip_label(milestone)).to eq('<img onerror=alert(1)><br/>Milestone') + end + end end |