gitlab-org--gitlab-foss/spec/views/projects/imports/new.html.haml_spec.rb
Robert Speicher e5e94618c5 Merge branch 'fix-hamlit-xss' into 'security-9-1'
New Hamlit XSS fix, does not include extraneous changes

See merge request !2095
2017-05-10 16:48:18 +02:00

22 lines
659 B
Ruby

require "spec_helper"
describe "projects/imports/new.html.haml" do
let(:user) { create(:user) }
context 'when import fails' do
let(:project) { create(:project_empty_repo, import_status: :failed, import_error: '<a href="http://googl.com">Foo</a>', import_type: :gitlab_project, import_source: '/var/opt/gitlab/gitlab-rails/shared/tmp/project_exports/uploads/t.tar.gz', import_url: nil) }
before do
sign_in(user)
project.team << [user, :master]
end
it "escapes HTML in import errors" do
assign(:project, project)
render
expect(rendered).not_to have_link('Foo', href: "http://googl.com")
end
end
end