debian-mirror-gitlab/spec/features/projects/hook_logs/user_reads_log_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'Hook logs' do
  let(:web_hook_log) { create(:web_hook_log, response_body: '<script>') }
  let(:project) { web_hook_log.web_hook.project }
  let(:user) { create(:user) }

  before do
    project.add_maintainer(user)

    sign_in(user)
  end

  it 'user reads log without getting XSS' do
    visit(
      project_hook_hook_log_path(
        project, web_hook_log.web_hook, web_hook_log))

    expect(page).to have_content('<script>')
  end
end
New upstream version 12.2.8 2019-10-12 21:52:04 +05:30			`# frozen_string_literal: true`

New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`require 'spec_helper'`

New upstream version 13.1.0 2020-06-23 00:09:42 +05:30			`RSpec.describe 'Hook logs' do`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`let(:web_hook_log) { create(:web_hook_log, response_body: '<script>') }`
			`let(:project) { web_hook_log.web_hook.project }`
			`let(:user) { create(:user) }`
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30
			`before do`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`project.add_maintainer(user)`
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30
			`sign_in(user)`
			`end`

New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`it 'user reads log without getting XSS' do`
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`visit(`
			`project_hook_hook_log_path(`
			`project, web_hook_log.web_hook, web_hook_log))`

			`expect(page).to have_content('<script>')`
			`end`
			`end`