diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-01 14:52:52 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-01 14:53:21 +0300 |
commit | b64b61bfe72c54fe4a7fdce34b2f1591e3822e5e (patch) | |
tree | c8d24132d4bd3c77a3c34a899c79f95756832b5e /spec/features/projects/blobs/blob_show_spec.rb | |
parent | 430576c997e7cfc61b003cf6dbf12817ef899eef (diff) |
Add latest changes from gitlab-org/security/gitlab@15-5-stable-ee
Diffstat (limited to 'spec/features/projects/blobs/blob_show_spec.rb')
-rw-r--r-- | spec/features/projects/blobs/blob_show_spec.rb | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/spec/features/projects/blobs/blob_show_spec.rb b/spec/features/projects/blobs/blob_show_spec.rb index 93e5be18229..d679d1eeeb9 100644 --- a/spec/features/projects/blobs/blob_show_spec.rb +++ b/spec/features/projects/blobs/blob_show_spec.rb @@ -1001,11 +1001,9 @@ RSpec.describe 'File blob', :js do wait_for_requests end - it 'removes `style`, `class`, and `data-*`` attributes from HTML' do - expect(page).to have_css('h1', text: 'Swagger API documentation') - expect(page).not_to have_css('.foo-bar') - expect(page).not_to have_css('[style="background-color: red;"]') - expect(page).not_to have_css('[data-foo-bar="baz"]') + it 'renders sandboxed iframe' do + expected = %(<iframe src="/-/sandbox/swagger" sandbox="allow-scripts" frameborder="0" width="100%" height="1000">) + expect(page.html).to include(expected) end end end |