Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2019-11-05 15:06:20 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2019-11-05 15:06:20 +0300
commit: 791785af5540d18eaa97da24f9ff8638e1960b72 (patch)
tree: caeb6f08d9cc10a0052dc6851b46653d94c29022 /spec/lib/gitlab/ci
parent: a92d6b36c2d2892e8c070efb169f0c06815900ee (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/spec/lib/gitlab/ci/ansi2json_spec.rb b/spec/lib/gitlab/ci/ansi2json_spec.rb
index 3cd448d1aae..124379fa321 100644
--- a/spec/lib/gitlab/ci/ansi2json_spec.rb
+++ b/spec/lib/gitlab/ci/ansi2json_spec.rb
@@ -224,17 +224,17 @@ describe Gitlab::Ci::Ansi2json do
         end
       end
 
-      it 'prevents XSS injection' do
-        trace = "#{section_start}section_end:1:2<script>alert('XSS Hack!');</script>#{section_end}"
+      it 'prints HTML tags as is' do
+        trace = "#{section_start}section_end:1:2<div>hello</div>#{section_end}"
         expect(convert_json(trace)).to eq([
           {
             offset: 0,
-            content: [{ text: "section_end:1:2&lt;script>alert('XSS Hack!');&lt;/script>" }],
+            content: [{ text: "section_end:1:2<div>hello</div>" }],
             section: 'prepare-script',
             section_header: true
           },
           {
-            offset: 95,
+            offset: 75,
             content: [],
             section: 'prepare-script',
             section_duration: '01:03'
author	GitLab Bot <gitlab-bot@gitlab.com>	2019-11-05 15:06:20 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2019-11-05 15:06:20 +0300
commit	791785af5540d18eaa97da24f9ff8638e1960b72 (patch)
tree	caeb6f08d9cc10a0052dc6851b46653d94c29022 /spec/lib/gitlab/ci
parent	a92d6b36c2d2892e8c070efb169f0c06815900ee (diff)