Use sanitized user status message for user popover
This commit is contained in:
parent
88f2e9615c
commit
1658f5b62e
|
@ -28,10 +28,10 @@ export default {
|
||||||
},
|
},
|
||||||
computed: {
|
computed: {
|
||||||
statusHtml() {
|
statusHtml() {
|
||||||
if (this.user.status.emoji && this.user.status.message) {
|
if (this.user.status.emoji && this.user.status.message_html) {
|
||||||
return `${glEmojiTag(this.user.status.emoji)} ${this.user.status.message}`;
|
return `${glEmojiTag(this.user.status.emoji)} ${this.user.status.message_html}`;
|
||||||
} else if (this.user.status.message) {
|
} else if (this.user.status.message_html) {
|
||||||
return this.user.status.message;
|
return this.user.status.message_html;
|
||||||
}
|
}
|
||||||
return '';
|
return '';
|
||||||
},
|
},
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
title: Use sanitized user status message for user popover
|
||||||
|
merge_request:
|
||||||
|
author:
|
||||||
|
type: security
|
|
@ -122,7 +122,7 @@ describe('User Popover Component', () => {
|
||||||
describe('status data', () => {
|
describe('status data', () => {
|
||||||
it('should show only message', () => {
|
it('should show only message', () => {
|
||||||
const testProps = Object.assign({}, DEFAULT_PROPS);
|
const testProps = Object.assign({}, DEFAULT_PROPS);
|
||||||
testProps.user.status = { message: 'Hello World' };
|
testProps.user.status = { message_html: 'Hello World' };
|
||||||
|
|
||||||
vm = mountComponent(UserPopover, {
|
vm = mountComponent(UserPopover, {
|
||||||
...DEFAULT_PROPS,
|
...DEFAULT_PROPS,
|
||||||
|
@ -134,12 +134,12 @@ describe('User Popover Component', () => {
|
||||||
|
|
||||||
it('should show message and emoji', () => {
|
it('should show message and emoji', () => {
|
||||||
const testProps = Object.assign({}, DEFAULT_PROPS);
|
const testProps = Object.assign({}, DEFAULT_PROPS);
|
||||||
testProps.user.status = { emoji: 'basketball_player', message: 'Hello World' };
|
testProps.user.status = { emoji: 'basketball_player', message_html: 'Hello World' };
|
||||||
|
|
||||||
vm = mountComponent(UserPopover, {
|
vm = mountComponent(UserPopover, {
|
||||||
...DEFAULT_PROPS,
|
...DEFAULT_PROPS,
|
||||||
target: document.querySelector('.js-user-link'),
|
target: document.querySelector('.js-user-link'),
|
||||||
status: { emoji: 'basketball_player', message: 'Hello World' },
|
status: { emoji: 'basketball_player', message_html: 'Hello World' },
|
||||||
});
|
});
|
||||||
|
|
||||||
expect(vm.$el.textContent).toContain('Hello World');
|
expect(vm.$el.textContent).toContain('Hello World');
|
||||||
|
|
Loading…
Reference in New Issue