make sure the user.name is escaped
Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
This commit is contained in:
Jeroen van Baarsen
parent
5dbbec4612
commit
2a4ee2fd7f
1 changed files with 7 additions and 2 deletions
|
|
@ -24,11 +24,12 @@ describe "User Feed", feature: true do
|
|||
end
|
||||
|
||||
it "should have issue opened event" do
|
||||
body.should have_content("#{user.name} opened issue ##{issue.iid}")
|
||||
expect(body).to have_content("#{safe_name} opened issue ##{issue.iid}")
|
||||
end
|
||||
|
||||
it "should have issue comment event" do
|
||||
body.should have_content("#{user.name} commented on issue ##{issue.iid}")
|
||||
expect(body).
|
||||
to have_content("#{safe_name} commented on issue ##{issue.iid}")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -40,4 +41,8 @@ describe "User Feed", feature: true do
|
|||
def note_event(note, user)
|
||||
EventCreateService.new.leave_note(note, user)
|
||||
end
|
||||
|
||||
def safe_name
|
||||
html_escape(user.name)
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in a new issue