summaryrefslogtreecommitdiff
path: root/spec/views/explore/projects/page_out_of_bounds.html.haml_spec.rb
blob: 1ace28be5b4f16dd0fbab24a18608e55dc1816cb (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'explore/projects/page_out_of_bounds.html.haml', feature_category: :projects do
  let(:page_limit) { 10 }
  let(:unsafe_param) { 'hacked_using_unsafe_param!' }

  before do
    assign(:max_page_number, page_limit)

    controller.params[:action] = 'index'
    controller.params[:host] = unsafe_param
    controller.params[:protocol] = unsafe_param
    controller.params[:sort] = 'name_asc'
  end

  it 'removes unsafe params from the link' do
    render

    href = "/explore/projects?page=#{page_limit}&sort=name_asc"
    button_text = format(_("Back to page %{number}"), number: page_limit)
    expect(rendered).to have_link(button_text, href: href)
    expect(rendered).not_to include(unsafe_param)
  end
end
View Lorry Controller Status