From c1c828ac7f7b3c2e51d81921bbef9d474cd4d0a4 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 27 Oct 2021 12:41:41 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@14-4-stable-ee

---
 lib/api/helpers/projects_helpers.rb                |  1 +
 lib/gitlab/import_export/project/import_export.yml |  1 +
 lib/gitlab/unicode.rb                              | 19 +++++++++++++++++++
 lib/rouge/formatters/html_gitlab.rb                | 14 +++++++++++++-
 4 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 lib/gitlab/unicode.rb

(limited to 'lib')

diff --git a/lib/api/helpers/projects_helpers.rb b/lib/api/helpers/projects_helpers.rb
index becd25595a6..30edbe91125 100644
--- a/lib/api/helpers/projects_helpers.rb
+++ b/lib/api/helpers/projects_helpers.rb
@@ -39,6 +39,7 @@ module API
 
         optional :emails_disabled, type: Boolean, desc: 'Disable email notifications'
         optional :show_default_award_emojis, type: Boolean, desc: 'Show default award emojis'
+        optional :warn_about_potentially_unwanted_characters, type: Boolean, desc: 'Warn about Potentially Unwanted Characters'
         optional :shared_runners_enabled, type: Boolean, desc: 'Flag indication if shared runners are enabled for that project'
         optional :resolve_outdated_diff_discussions, type: Boolean, desc: 'Automatically resolve merge request diffs discussions on lines changed with a push'
         optional :remove_source_branch_after_merge, type: Boolean, desc: 'Remove the source branch by default after merge'
diff --git a/lib/gitlab/import_export/project/import_export.yml b/lib/gitlab/import_export/project/import_export.yml
index c962e0f677b..618ef9a4f43 100644
--- a/lib/gitlab/import_export/project/import_export.yml
+++ b/lib/gitlab/import_export/project/import_export.yml
@@ -325,6 +325,7 @@ excluded_attributes:
     - :marked_for_deletion_by_user_id
     - :compliance_framework_setting
     - :show_default_award_emojis
+    - :warn_about_potentially_unwanted_characters
     - :services
     - :exported_protected_branches
     - :repository_size_limit
diff --git a/lib/gitlab/unicode.rb b/lib/gitlab/unicode.rb
new file mode 100644
index 00000000000..b49c5647dab
--- /dev/null
+++ b/lib/gitlab/unicode.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Gitlab
+  class Unicode
+    # Regular expression for identifying bidirectional control
+    # characters in UTF-8 strings
+    #
+    # Documentation on how this works:
+    # https://idiosyncratic-ruby.com/41-proper-unicoding.html
+    BIDI_REGEXP = /\p{Bidi Control}/.freeze
+
+    class << self
+      # Warning message used to highlight bidi characters in the GUI
+      def bidi_warning
+        _("Potentially unwanted character detected: Unicode BiDi Control")
+      end
+    end
+  end
+end
diff --git a/lib/rouge/formatters/html_gitlab.rb b/lib/rouge/formatters/html_gitlab.rb
index e0e9677fac7..9e76225fc54 100644
--- a/lib/rouge/formatters/html_gitlab.rb
+++ b/lib/rouge/formatters/html_gitlab.rb
@@ -21,12 +21,24 @@ module Rouge
           is_first = false
 
           yield %(<span id="LC#{@line_number}" class="line" lang="#{@tag}">)
-          line.each { |token, value| yield span(token, value.chomp! || value) }
+
+          line.each do |token, value|
+            yield highlight_unicode_control_characters(span(token, value.chomp! || value))
+          end
+
           yield %(</span>)
 
           @line_number += 1
         end
       end
+
+      private
+
+      def highlight_unicode_control_characters(text)
+        text.gsub(Gitlab::Unicode::BIDI_REGEXP) do |char|
+          %(<span class="unicode-bidi has-tooltip" data-toggle="tooltip" title="#{Gitlab::Unicode.bidi_warning}">#{char}</span>)
+        end
+      end
     end
   end
 end
-- 
cgit v1.2.3