debian-mirror-gitlab/spec/frontend/issues/show/issue_spec.js

44 lines
1.5 KiB
JavaScript
Raw Normal View History

2020-11-24 15:15:51 +05:30
import MockAdapter from 'axios-mock-adapter';
import waitForPromises from 'helpers/wait_for_promises';
2022-03-02 08:16:31 +05:30
import { initIssueApp } from '~/issues/show';
2022-01-26 12:08:38 +05:30
import * as parseData from '~/issues/show/utils/parse_data';
2021-03-11 19:13:27 +05:30
import axios from '~/lib/utils/axios_utils';
2023-04-23 21:23:45 +05:30
import { HTTP_STATUS_OK } from '~/lib/utils/http_status';
2021-01-29 00:20:46 +05:30
import createStore from '~/notes/stores';
2021-09-04 01:27:46 +05:30
import { appProps } from './mock_data/mock_data';
2020-11-24 15:15:51 +05:30
const mock = new MockAdapter(axios);
2023-04-23 21:23:45 +05:30
mock.onGet().reply(HTTP_STATUS_OK);
2020-11-24 15:15:51 +05:30
jest.mock('~/lib/utils/poll');
2021-03-08 18:12:59 +05:30
const setupHTML = (initialData) => {
2021-01-03 14:25:43 +05:30
document.body.innerHTML = `<div id="js-issuable-app"></div>`;
document.getElementById('js-issuable-app').dataset.initial = JSON.stringify(initialData);
2020-11-24 15:15:51 +05:30
};
describe('Issue show index', () => {
2022-03-02 08:16:31 +05:30
describe('initIssueApp', () => {
2023-04-23 21:23:45 +05:30
// https://gitlab.com/gitlab-org/gitlab/-/issues/390368
// eslint-disable-next-line jest/no-disabled-tests
it.skip('should initialize app with no potential XSS attack', async () => {
2020-11-24 15:15:51 +05:30
const alertSpy = jest.spyOn(window, 'alert').mockImplementation(() => {});
const parseDataSpy = jest.spyOn(parseData, 'parseIssuableData');
setupHTML({
...appProps,
initialDescriptionHtml: '<svg onload=window.alert(1)>',
});
2021-02-22 17:27:13 +05:30
const initialDataEl = document.getElementById('js-issuable-app');
const issuableData = parseData.parseIssuableData(initialDataEl);
2022-03-02 08:16:31 +05:30
initIssueApp(issuableData, createStore());
2020-11-24 15:15:51 +05:30
await waitForPromises();
expect(parseDataSpy).toHaveBeenCalled();
expect(alertSpy).not.toHaveBeenCalled();
});
});
});