Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/javascripts/notebook/cells/markdown_spec.js
diff options
context:
space:
mode:
authorJose Ivan Vargas <jvargas@gitlab.com>2018-02-06 00:16:41 +0300
committerJose Ivan Vargas <jvargas@gitlab.com>2018-02-06 00:16:41 +0300
commit46ae03628de47d1bef2683a3a5fe4963b3df7d52 (patch)
treeaca69b4acab10d5699a6315556de7e7530e65dbe /spec/javascripts/notebook/cells/markdown_spec.js
parente6016d0bc2b640801914369e25e1a3639d3e50eb (diff)
parent2150ed4094ddb67d7b403cd56360700c80e7d928 (diff)
Merge branch 'master' into jivl-update-katex
Diffstat (limited to 'spec/javascripts/notebook/cells/markdown_spec.js')
-rw-r--r--spec/javascripts/notebook/cells/markdown_spec.js12
1 files changed, 12 insertions, 0 deletions
diff --git a/spec/javascripts/notebook/cells/markdown_spec.js b/spec/javascripts/notebook/cells/markdown_spec.js
index 58f4fbc5791..8f8ba231ae8 100644
--- a/spec/javascripts/notebook/cells/markdown_spec.js
+++ b/spec/javascripts/notebook/cells/markdown_spec.js
@@ -42,6 +42,18 @@ describe('Markdown component', () => {
expect(vm.$el.querySelector('.markdown h1')).not.toBeNull();
});
+ it('sanitizes output', (done) => {
+ Object.assign(cell, {
+ source: ['[XSS](data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+Cg==)\n'],
+ });
+
+ Vue.nextTick(() => {
+ expect(vm.$el.querySelector('a')).toBeNull();
+
+ done();
+ });
+ });
+
describe('katex', () => {
beforeEach(() => {
json = getJSONFixture('blob/notebook/math.json');
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 23:43:33 +0300