blob: c3bc35565f690c2ddd0da93e707238e29a6b2f0c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
require 'spec_helper'
describe 'Hook logs' do
let(:web_hook_log) { create(:web_hook_log, response_body: '<script>') }
let(:project) { web_hook_log.web_hook.project }
let(:user) { create(:user) }
before do
project.add_master(user)
sign_in(user)
end
it 'user reads log without getting XSS' do
visit(
project_hook_hook_log_path(
project, web_hook_log.web_hook, web_hook_log))
expect(page).to have_content('<script>')
end
end
|