Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/lib/banzai/filter/label_reference_filter_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/lib/banzai/filter/label_reference_filter_spec.rb')
-rw-r--r--spec/lib/banzai/filter/label_reference_filter_spec.rb7
1 files changed, 6 insertions, 1 deletions
diff --git a/spec/lib/banzai/filter/label_reference_filter_spec.rb b/spec/lib/banzai/filter/label_reference_filter_spec.rb
index 5a672de13d7..de7a70db1ac 100644
--- a/spec/lib/banzai/filter/label_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/label_reference_filter_spec.rb
@@ -523,7 +523,12 @@ describe Banzai::Filter::LabelReferenceFilter do
end
context 'when group name has HTML entities' do
- let(:another_group) { create(:group, name: '<img src=x onerror=alert(1)>', path: 'another_group') }
+ let(:another_group) { create(:group, name: 'random', path: 'another_group') }
+
+ before do
+ another_group.name = "<img src=x onerror=alert(1)>"
+ another_group.save!(validate: false)
+ end
it 'escapes the HTML entities' do
expect(result.text)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 20:17:46 +0300