From 386b6dbcda5bb479ff0a6038d5dcf188bcd878b8 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Thu, 31 Mar 2022 00:04:18 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@14-9-stable-ee

---
 app/assets/javascripts/blob/openapi/index.js | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

(limited to 'app/assets')

diff --git a/app/assets/javascripts/blob/openapi/index.js b/app/assets/javascripts/blob/openapi/index.js
index b19cc19cb8c..a04da98ff77 100644
--- a/app/assets/javascripts/blob/openapi/index.js
+++ b/app/assets/javascripts/blob/openapi/index.js
@@ -1,6 +1,5 @@
 import { SwaggerUIBundle } from 'swagger-ui-dist';
 import createFlash from '~/flash';
-import { removeParams, updateHistory } from '~/lib/utils/url_utility';
 import { __ } from '~/locale';
 
 export default () => {
@@ -8,14 +7,10 @@ export default () => {
 
   Promise.all([import(/* webpackChunkName: 'openapi' */ 'swagger-ui-dist/swagger-ui.css')])
     .then(() => {
-      // Temporary fix to prevent an XSS attack due to "useUnsafeMarkdown"
-      // Once we upgrade Swagger to "4.0.0", we can safely remove this as it will be deprecated
-      // Follow-up issue: https://gitlab.com/gitlab-org/gitlab/-/issues/339696
-      updateHistory({ url: removeParams(['useUnsafeMarkdown']), replace: true });
       SwaggerUIBundle({
         url: el.dataset.endpoint,
         dom_id: '#js-openapi-viewer',
-        useUnsafeMarkdown: false,
+        deepLinking: true,
       });
     })
     .catch((error) => {
-- 
cgit v1.2.1