Commit 9bcd0540 authored by mhasbini's avatar mhasbini

whitelist style attribute in event_note

parent b696cbc5
...@@ -162,7 +162,12 @@ module EventsHelper ...@@ -162,7 +162,12 @@ module EventsHelper
def event_note(text, options = {}) def event_note(text, options = {})
text = first_line_in_markdown(text, 150, options) text = first_line_in_markdown(text, 150, options)
sanitize(text, tags: %w(a img b pre code p span))
sanitize(
text,
tags: %w(a img b pre code p span),
attributes: Rails::Html::WhiteListSanitizer.allowed_attributes + ['style']
)
end end
def event_commit_title(message) def event_commit_title(message)
......
---
title: fix background color for labels mention in todo
merge_request: 9155
author: mhasbini
...@@ -61,6 +61,13 @@ describe EventsHelper do ...@@ -61,6 +61,13 @@ describe EventsHelper do
'</code></pre>' '</code></pre>'
expect(helper.event_note(input)).to eq(expected) expect(helper.event_note(input)).to eq(expected)
end end
it 'preserves style attribute within a tag' do
input = '<span class="" style="background-color: #44ad8e; color: #FFFFFF;"></span>'
expected = '<p><span style="background-color: #44ad8e; color: #FFFFFF;"></span></p>'
expect(helper.event_note(input)).to eq(expected)
end
end end
describe '#event_commit_title' do describe '#event_commit_title' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment