Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/requests/external_redirect/external_redirect_controller_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/external_redirect/external_redirect_controller_spec.rb')
-rw-r--r--spec/requests/external_redirect/external_redirect_controller_spec.rb5
1 files changed, 4 insertions, 1 deletions
diff --git a/spec/requests/external_redirect/external_redirect_controller_spec.rb b/spec/requests/external_redirect/external_redirect_controller_spec.rb
index 1b4294f5c4d..881acbd97ac 100644
--- a/spec/requests/external_redirect/external_redirect_controller_spec.rb
+++ b/spec/requests/external_redirect/external_redirect_controller_spec.rb
@@ -45,7 +45,10 @@ RSpec.describe "ExternalRedirect::ExternalRedirectController requests", feature_
[
["when url is bad", "url=javascript:alert(1)"],
["when url is empty", "url="],
- ["when url param is missing", ""]
+ ["when url param is missing", ""],
+ ["when url points to self", "url=http://www.example.com/-/external_redirect?url=#{external_url_encoded}"],
+ ["when url points to self encoded",
+ "url=http%3A%2F%2Fwww.example.com/-/external_redirect?url=#{external_url_encoded}"]
]
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-14 23:52:20 +0300