Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/lib/banzai
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-09-29 15:52:24 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2021-09-29 15:52:24 +0300
commitb56d907a1d9065c3df354007fa00daf30626a478 (patch)
tree0868c35228207eece8e012bdc47a8829556d7758 /spec/lib/banzai
parentaee004311cd93409176ea4f6e2bdcd0601487e4b (diff)
Add latest changes from gitlab-org/security/gitlab@14-3-stable-ee
Diffstat (limited to 'spec/lib/banzai')
-rw-r--r--spec/lib/banzai/filter/spaced_link_filter_spec.rb10
1 files changed, 10 insertions, 0 deletions
diff --git a/spec/lib/banzai/filter/spaced_link_filter_spec.rb b/spec/lib/banzai/filter/spaced_link_filter_spec.rb
index 2c64657d69d..820ebeb6945 100644
--- a/spec/lib/banzai/filter/spaced_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/spaced_link_filter_spec.rb
@@ -63,6 +63,16 @@ RSpec.describe Banzai::Filter::SpacedLinkFilter do
end
end
+ it 'does not process malicious input' do
+ Timeout.timeout(10) do
+ doc = filter('[ (](' * 60_000)
+
+ found_links = doc.css('a')
+
+ expect(found_links.size).to eq(0)
+ end
+ end
+
it 'converts multiple URLs' do
link1 = '[first](slug one)'
link2 = '[second](http://example.com/slug two)'
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-20 15:40:27 +0300