diff options
| author | Go MAEDA <maeda@farend.jp> | 2021-03-19 04:24:31 +0000 |
|---|---|---|
| committer | Go MAEDA <maeda@farend.jp> | 2021-03-19 04:24:31 +0000 |
| commit | bbfade972865e78e4d865af2cdb93e6cb57d5a45 (patch) | |
| tree | 7e2eefdf0d781172202474b37c9753a959b5bed3 /test | |
| parent | 984fdcdc5373193ac8a61191513b9199549e8674 (diff) | |
| download | redmine-bbfade972865e78e4d865af2cdb93e6cb57d5a45.tar.gz redmine-bbfade972865e78e4d865af2cdb93e6cb57d5a45.zip | |
Fix that inline issue auto complete does not sanitize HTML tags (#33846).
Patch by Marius BALTEANU.
git-svn-id: http://svn.redmine.org/redmine/trunk@20827 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test')
| -rw-r--r-- | test/system/inline_autocomplete_test.rb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/test/system/inline_autocomplete_test.rb b/test/system/inline_autocomplete_test.rb index f3c7daef6..b2f943d05 100644 --- a/test/system/inline_autocomplete_test.rb +++ b/test/system/inline_autocomplete_test.rb @@ -151,4 +151,17 @@ class InlineAutocompleteSystemTest < ApplicationSystemTestCase end assert_equal '[[Page_with_sections]] ', find('#issue_description').value end + + def test_inline_autocomplete_for_issues_should_escape_html_elements + issue = Issue.generate!(subject: 'This issue has a <select> element', project_id: 1, tracker_id: 1) + + log_user('jsmith', 'jsmith') + visit 'projects/1/issues/new' + + fill_in 'Description', :with => '#This' + + within('.tribute-container') do + assert page.has_text? "Bug ##{issue.id}: This issue has a <select> element" + end + end end |