diff options
Diffstat (limited to 'spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js')
-rw-r--r-- | spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js b/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js index 85468c5b0db..7ff8d9678fe 100644 --- a/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js +++ b/spec/frontend/vue_mr_widget/components/mr_widget_pipeline_container_spec.js @@ -78,6 +78,18 @@ describe('MrWidgetPipelineContainer', () => { }); }); + it('sanitizes the targetBranch', () => { + factory({ + isPostMerge: true, + mr: { + ...mockStore, + targetBranch: 'Foo<script>alert("XSS")</script>', + }, + }); + + expect(wrapper.find(MrWidgetPipeline).props().sourceBranchLink).toBe('Foo'); + }); + it('renders deployments', () => { const expectedProps = mockStore.postMergeDeployments.map((dep) => expect.objectContaining({ |