kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/features/steps/project
History
Robert Speicher 7cc239528e Remove persistent XSS vulnerability in `commit_person_link` helper 
Because we were incorrectly supplying the tooltip title as
`data-original-title` (which Bootstrap's Tooltip JS automatically
applies based on the `title` attribute; we should never be setting it
directly), the value was being passed through as-is.

Instead, we should be supplying the normal `title` attribute and letting
Rails escape the value, which also negates the need for us to call
`sanitize` on it.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15126
 		2016-04-17 18:42:49 -04:00
..
badges Reuse `no_cache_headers` method in badges controller 2016-03-17 12:16:34 +01:00
builds Add a spec for coverage indicator in project's builds list 2016-02-22 19:34:35 +01:00
commits Remove persistent XSS vulnerability in `commit_person_link` helper 2016-04-17 18:42:49 -04:00
issues Removed references to subscribe-button CSS class 2016-04-12 13:35:06 +01:00
merge_requests Add traits for each access_level to ProjectMember factory 2016-03-06 16:53:22 -05:00
source Addressed feedback 2016-04-11 09:43:59 +01:00
active_tab.rb Revert "Merge branch 'new-navigation-prototype' into 'master'" 2016-04-07 21:20:16 +00:00
archived.rb Update all `should`-style syntax to `expect` in features 2015-06-12 05:12:09 -04:00
create.rb Fix specs and remove unnecessary console.log 2016-03-20 05:53:43 -07:00
deploy_keys.rb Change `within` to `page.within` in feature steps 2015-06-12 05:12:42 -04:00
fork.rb Revert "Merge branch 'new-navigation-prototype' into 'master'" 2016-04-07 21:20:16 +00:00
forked_merge_requests.rb Fixed builds 2016-04-06 12:52:07 +01:00
graph.rb Add tests and changelog item for language graphs 2015-12-08 02:38:59 +01:00
hooks.rb web hooks to webhooks 2016-03-10 14:48:29 -05:00
labels.rb Removed references to subscribe-button CSS class 2016-04-12 13:35:06 +01:00
merge_requests.rb Removed references to subscribe-button CSS class 2016-04-12 13:35:06 +01:00
network_graph.rb Remove sleeps from network graph feature spec 2016-03-13 22:09:42 -07:00
project.rb Revert "Merge branch 'new-navigation-prototype' into 'master'" 2016-04-07 21:20:16 +00:00
project_find_file.rb Merge branch 'master' of github.com:gitlabhq/gitlabhq 2016-01-07 12:56:18 +01:00
project_group_links.rb Add finders logic and tests for shared projects feature 2016-03-11 18:55:17 +01:00
project_milestone.rb Don't repeat labels listed on Labels tab. 2016-02-22 13:17:38 -05:00
project_shortcuts.rb Add shortcut for project activity page 2015-07-08 12:43:46 +02:00
redirects.rb Fix rubocop warnings in features 2015-10-03 19:59:54 -05:00
services.rb Backport JIRA service 2015-12-18 14:19:48 -06:00
snippets.rb Fixed tests for comment forms 2016-03-04 10:44:04 +00:00
star.rb spinach tests will pass now 2015-12-23 12:26:50 -05:00
team_management.rb Bring shared project feature tests from EE 2016-03-12 14:45:14 +01:00
wiki.rb Wrap images in discussions and wikis with a link to the image source using ImageLinkFilter. 2016-04-04 19:44:07 -06:00