diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-23 15:09:30 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-23 15:09:30 +0300 |
commit | f46d20e5088ca9c58793e3b6044facfa74feb7ed (patch) | |
tree | 5affa9b7fb8837a0cef99f0efa4229f019fe38fc /spec/views/projects | |
parent | 17f2e5035c716bccb6bd7073215e9b2d449184e7 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/views/projects')
-rw-r--r-- | spec/views/projects/tracing/show.html.haml_spec.rb | 59 |
1 files changed, 0 insertions, 59 deletions
diff --git a/spec/views/projects/tracing/show.html.haml_spec.rb b/spec/views/projects/tracing/show.html.haml_spec.rb deleted file mode 100644 index 96dc6a18fc7..00000000000 --- a/spec/views/projects/tracing/show.html.haml_spec.rb +++ /dev/null @@ -1,59 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe 'projects/tracings/show' do - let_it_be_with_reload(:project) { create(:project) } - let_it_be(:error_tracking_setting) { create(:project_error_tracking_setting, project: project) } - - before do - assign(:project, project) - allow(view).to receive(:error_tracking_setting) - .and_return(error_tracking_setting) - end - - context 'with project.tracing_external_url' do - let_it_be(:tracing_url) { 'https://tracing.url' } - let_it_be(:tracing_setting) { create(:project_tracing_setting, project: project, external_url: tracing_url) } - - before do - allow(view).to receive(:can?).and_return(true) - allow(view).to receive(:tracing_setting).and_return(tracing_setting) - end - - it 'renders iframe' do - render - - expect(rendered).to match(/iframe/) - end - - context 'with malicious external_url' do - let(:malicious_tracing_url) { "https://replaceme.com/'><script>alert(document.cookie)</script>" } - let(:cleaned_url) { "https://replaceme.com/'>" } - - before do - tracing_setting.update_column(:external_url, malicious_tracing_url) - end - - it 'sanitizes external_url' do - render - - expect(tracing_setting.external_url).to eq(malicious_tracing_url) - expect(rendered).to have_xpath("//iframe[@src=\"#{cleaned_url}\"]") - end - end - end - - context 'without project.tracing_external_url' do - before do - allow(view).to receive(:can?).and_return(true) - end - - it 'renders empty state' do - render - - expect(rendered).to have_link('Add Jaeger URL') - expect(rendered).not_to match(/iframe/) - end - end -end |