Add latest changes from gitlab-org/gitlab@14-6-stable-eev14.6.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-12-20 16:37:47 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-12-20 16:37:47 +0300
commit: aee0a117a889461ce8ced6fcf73207fe017f1d99 (patch)
tree: 891d9ef189227a8445d83f35c1b0fc99573f4380 /app/services/protected_branches
parent: 8d46af3258650d305f53b819eabf7ab18d22f59e (diff)
1 files changed, 5 insertions, 12 deletions
diff --git a/app/services/protected_branches/base_service.rb b/app/services/protected_branches/base_service.rb
index df801311aaf..1ab3ccfcaae 100644
--- a/app/services/protected_branches/base_service.rb
+++ b/app/services/protected_branches/base_service.rb
@@ -2,6 +2,8 @@
 
 module ProtectedBranches
   class BaseService < ::BaseService
+    include ProtectedRefNameSanitizer
+
     # current_user - The user that performs the action
     # params - A hash of parameters
     def initialize(project, current_user = nil, params = {})
@@ -14,22 +16,13 @@ module ProtectedBranches
       # overridden in EE::ProtectedBranches module
     end
 
+    private
+
     def filtered_params
       return unless params
 
-      params[:name] = sanitize_branch_name(params[:name]) if params[:name].present?
+      params[:name] = sanitize_name(params[:name]) if params[:name].present?
       params
     end
-
-    private
-
-    def sanitize_branch_name(name)
-      name = CGI.unescapeHTML(name)
-      name = Sanitize.fragment(name)
-
-      # Sanitize.fragment escapes HTML chars, so unescape again to allow names
-      # like `feature->master`
-      CGI.unescapeHTML(name)
-    end
   end
 end
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-12-20 16:37:47 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-12-20 16:37:47 +0300
commit	aee0a117a889461ce8ced6fcf73207fe017f1d99 (patch)
tree	891d9ef189227a8445d83f35c1b0fc99573f4380 /app/services/protected_branches
parent	8d46af3258650d305f53b819eabf7ab18d22f59e (diff)