diff options
Diffstat (limited to 'spec/lib/banzai/filter/label_reference_filter_spec.rb')
-rw-r--r-- | spec/lib/banzai/filter/label_reference_filter_spec.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/spec/lib/banzai/filter/label_reference_filter_spec.rb b/spec/lib/banzai/filter/label_reference_filter_spec.rb index 5a672de13d7..de7a70db1ac 100644 --- a/spec/lib/banzai/filter/label_reference_filter_spec.rb +++ b/spec/lib/banzai/filter/label_reference_filter_spec.rb @@ -523,7 +523,12 @@ describe Banzai::Filter::LabelReferenceFilter do end context 'when group name has HTML entities' do - let(:another_group) { create(:group, name: '<img src=x onerror=alert(1)>', path: 'another_group') } + let(:another_group) { create(:group, name: 'random', path: 'another_group') } + + before do + another_group.name = "<img src=x onerror=alert(1)>" + another_group.save!(validate: false) + end it 'escapes the HTML entities' do expect(result.text) |