/* Redmine - project management software
Copyright (C) 2006-2020 Jean-Philippe Lang */
+function sanitizeHTML(string) {
+ var temp = document.createElement('span');
+ temp.textContent = string;
+ return temp.innerHTML;
+}
+
function checkAll(id, checked) {
$('#'+id).find('input[type=checkbox]:enabled').prop('checked', checked);
}
selectTemplate: function (issue) {
return '#' + issue.original.id;
},
+ menuItemTemplate: function (issue) {
+ return sanitizeHTML(issue.original.label);
+ },
noMatchTemplate: function () {
return '<span style:"visibility: hidden;"></span>';
}
end
assert_equal '[[Page_with_sections]] ', find('#issue_description').value
end
+
+ def test_inline_autocomplete_for_issues_should_escape_html_elements
+ issue = Issue.generate!(subject: 'This issue has a <select> element', project_id: 1, tracker_id: 1)
+
+ log_user('jsmith', 'jsmith')
+ visit 'projects/1/issues/new'
+
+ fill_in 'Description', :with => '#This'
+
+ within('.tribute-container') do
+ assert page.has_text? "Bug ##{issue.id}: This issue has a <select> element"
+ end
+ end
end
projects / redmine.git / commitdiff