kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/spec/helpers
History
Robert Speicher 7cc239528e Remove persistent XSS vulnerability in commit_person_link helper 
Because we were incorrectly supplying the tooltip title as
`data-original-title` (which Bootstrap's Tooltip JS automatically
applies based on the `title` attribute; we should never be setting it
directly), the value was being passed through as-is.

Instead, we should be supplying the normal `title` attribute and letting
Rails escape the value, which also negates the need for us to call
`sanitize` on it.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15126
2016-04-17 18:42:49 -04:00
..
application_helper_spec.rb Revert "Merge branch 'avatar-cropping' into 'master' " 2016-03-15 14:55:40 +01:00
auth_helper_spec.rb
blob_helper_spec.rb Refactor Gitlab::Highlight and fix tests 2016-01-19 14:52:41 +01:00
broadcast_messages_helper_spec.rb Move BroadcastMessage#status to a helper since it's presentational 2016-01-13 11:49:59 -05:00
ci_status_helper_spec.rb Define CI status icon colors in SCSS instead of a helper 2015-12-12 13:18:51 -05:00
commits_helper_spec.rb Remove persistent XSS vulnerability in commit_person_link helper 2016-04-17 18:42:49 -04:00
diff_helper_spec.rb Use Gitlab::Git::DiffCollections 2016-03-03 18:38:44 +01:00
emails_helper_spec.rb
events_helper_spec.rb
form_helper_spec.rb Standardize the way we check for and display form errors 2016-04-04 21:37:07 -04:00
gitlab_markdown_helper_spec.rb Remove random_markdown_tip helper 2016-04-09 20:43:59 -04:00
graph_helper_spec.rb
groups_helper_spec.rb Tweaks, refactoring, and specs 2016-03-20 21:04:07 +01:00
icons_helper_spec.rb
issues_helper_spec.rb improve specs code syntax 2016-04-07 17:49:33 -03:00
labels_helper_spec.rb change the css class has_tooltip to has-tooltip universally 2016-03-20 21:37:22 +01:00
merge_requests_helper_spec.rb Move ci_build_details_path helper spec to correct location 2015-12-21 21:57:51 -05:00
nav_helper_spec.rb
notifications_helper_spec.rb Refactor notification helper and fix notification service 2016-03-30 10:44:20 +02:00
page_layout_helper_spec.rb Don't override issue page description in project layout. 2016-01-06 13:02:51 +01:00
preferences_helper_spec.rb Implementing 'Groups View' and 'TODOs View' as options for dashboard preferences. 2016-03-24 19:59:54 +01:00
projects_helper_spec.rb Merge branch 'master' into issue_12658 2016-03-21 23:22:21 +01:00
runners_helper_spec.rb
search_helper_spec.rb Fix broken tests 2016-02-04 17:00:32 +01:00
submodule_helper_spec.rb
tab_helper_spec.rb
time_helper_spec.rb
tree_helper_spec.rb
visibility_level_helper_spec.rb Improve group visibility level feature 2016-03-18 16:58:04 -03:00