Commit 0ff39331 authored by Robert Speicher's avatar Robert Speicher Committed by Ruben Davila

Merge branch 'rs-issue-21017' into 'master'

Update Hamlit to 2.6.1

Fixes gitlab-org/gitlab-ce#21025 and gitlab-org/gitlab-ce#21017

See merge request !5873
parent 25fb93ce
...@@ -77,7 +77,7 @@ gem 'rack-cors', '~> 0.4.0', require: 'rack/cors' ...@@ -77,7 +77,7 @@ gem 'rack-cors', '~> 0.4.0', require: 'rack/cors'
gem 'kaminari', '~> 0.17.0' gem 'kaminari', '~> 0.17.0'
# HAML # HAML
gem 'hamlit', '~> 2.5' gem 'hamlit', '~> 2.6.1'
# Files attachments # Files attachments
gem 'carrierwave', '~> 0.10.0' gem 'carrierwave', '~> 0.10.0'
......
...@@ -321,7 +321,7 @@ GEM ...@@ -321,7 +321,7 @@ GEM
grape-entity (0.4.8) grape-entity (0.4.8)
activesupport activesupport
multi_json (>= 1.3.2) multi_json (>= 1.3.2)
hamlit (2.5.0) hamlit (2.6.1)
temple (~> 0.7.6) temple (~> 0.7.6)
thor thor
tilt tilt
...@@ -865,7 +865,7 @@ DEPENDENCIES ...@@ -865,7 +865,7 @@ DEPENDENCIES
gon (~> 6.1.0) gon (~> 6.1.0)
grape (~> 0.15.0) grape (~> 0.15.0)
grape-entity (~> 0.4.2) grape-entity (~> 0.4.2)
hamlit (~> 2.5) hamlit (~> 2.6.1)
health_check (~> 2.1.0) health_check (~> 2.1.0)
hipchat (~> 1.5.0) hipchat (~> 1.5.0)
html-pipeline (~> 1.11.0) html-pipeline (~> 1.11.0)
......
...@@ -97,5 +97,14 @@ describe PageLayoutHelper do ...@@ -97,5 +97,14 @@ describe PageLayoutHelper do
expect(tags).to include %q(<meta property="twitter:data1" content="bar" />) expect(tags).to include %q(<meta property="twitter:data1" content="bar" />)
end end
end end
it 'escapes content' do
allow(helper).to receive(:page_card_attributes)
.and_return(foo: %q{foo" http-equiv="refresh}.html_safe)
tags = helper.page_card_meta_tags
expect(tags).to include(%q{content="foo&quot; http-equiv=&quot;refresh"})
end
end end
end end
require 'spec_helper'
describe 'layouts/_head' do
before do
stub_template 'layouts/_user_styles.html.haml' => ''
end
it 'escapes HTML-safe strings in page_title' do
stub_helper_with_safe_string(:page_title)
render
expect(rendered).to match(%{content="foo&quot; http-equiv=&quot;refresh"})
end
it 'escapes HTML-safe strings in page_description' do
stub_helper_with_safe_string(:page_description)
render
expect(rendered).to match(%{content="foo&quot; http-equiv=&quot;refresh"})
end
it 'escapes HTML-safe strings in page_image' do
stub_helper_with_safe_string(:page_image)
render
expect(rendered).to match(%{content="foo&quot; http-equiv=&quot;refresh"})
end
def stub_helper_with_safe_string(method)
allow_any_instance_of(PageLayoutHelper).to receive(method)
.and_return(%q{foo" http-equiv="refresh}.html_safe)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment