diff options
author | Robert Speicher <rspeicher@gmail.com> | 2015-05-30 02:01:12 +0300 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2015-06-02 20:04:10 +0300 |
commit | 023dd2907b4afa0bae5f8482cae75e1edd6954a8 (patch) | |
tree | 930783eafc875c69ebab009f6f0188ff58092bf1 /spec | |
parent | 1a52f19c456dfa307dd7fa0e5adbaa2ed1a68889 (diff) |
Add a `pipeline` context option for SanitizationFilter
When this option is `:description`, we use a more restrictive whitelist.
This is used for Project and Group description fields.
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/gitlab/markdown/sanitization_filter_spec.rb | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/spec/lib/gitlab/markdown/sanitization_filter_spec.rb b/spec/lib/gitlab/markdown/sanitization_filter_spec.rb index 4a1aa766149..80f3d2f2634 100644 --- a/spec/lib/gitlab/markdown/sanitization_filter_spec.rb +++ b/spec/lib/gitlab/markdown/sanitization_filter_spec.rb @@ -42,6 +42,13 @@ module Gitlab::Markdown end describe 'custom whitelist' do + it 'customizes the whitelist only once' do + instance = described_class.new('Foo') + 3.times { instance.whitelist } + + expect(instance.whitelist[:transformers].size).to eq 4 + end + it 'allows syntax highlighting' do exp = act = %q{<pre class="code highlight white c"><code><span class="k">def</span></code></pre>} expect(filter(act).to_html).to eq exp @@ -87,5 +94,12 @@ module Gitlab::Markdown expect(doc.at_css('a')['href']).to be_nil end end + + context 'when pipeline is :description' do + it 'uses a stricter whitelist' do + doc = filter('<h1>My Project</h1>', pipeline: :description) + expect(doc.to_html.strip).to eq 'My Project' + end + end end end |