Commit df703e9f authored by Kushal Pandya's avatar Kushal Pandya

Merge branch 'djadmin-xss-test' into 'master'

Add more specs for safe links

See merge request gitlab-org/gitlab!27613
parents 48384751 217f67b4
...@@ -19,10 +19,13 @@ describe('VulnerabilityDetails component', () => { ...@@ -19,10 +19,13 @@ describe('VulnerabilityDetails component', () => {
}); });
}; };
const expectSafeLink = (link, { href, text }) => { const expectSafeLink = ({ link, href, text, isExternal = true }) => {
expect(link.is(SafeLink)).toBe(true); expect(link.is(SafeLink)).toBe(true);
expect(link.props('href')).toBe(href); expect(link.props('href')).toBe(href);
expect(link.text()).toBe(text); expect(link.text()).toBe(text);
if (isExternal) {
expect(link.props('rel')).toContain('noopener noreferrer');
}
}; };
const findLink = name => wrapper.find({ ref: `${name}Link` }); const findLink = name => wrapper.find({ ref: `${name}Link` });
...@@ -43,9 +46,11 @@ describe('VulnerabilityDetails component', () => { ...@@ -43,9 +46,11 @@ describe('VulnerabilityDetails component', () => {
const vulnerability = makeVulnerability(); const vulnerability = makeVulnerability();
componentFactory(vulnerability); componentFactory(vulnerability);
expectSafeLink(findLink('project'), { expectSafeLink({
link: findLink('project'),
href: vulnerability.project.full_path, href: vulnerability.project.full_path,
text: vulnerability.project.full_name, text: vulnerability.project.full_name,
isExternal: false,
}); });
}); });
...@@ -96,28 +101,25 @@ describe('VulnerabilityDetails component', () => { ...@@ -96,28 +101,25 @@ describe('VulnerabilityDetails component', () => {
}); });
it('for the link field', () => { it('for the link field', () => {
expectSafeLink(findLink('links'), { expectSafeLink({ link: findLink('links'), href: badUrl, text: badUrl });
href: badUrl,
text: badUrl,
});
}); });
it('for the identifiers field', () => { it('for the identifiers field', () => {
expectSafeLink(findLink('identifiers'), { expectSafeLink({ link: findLink('identifiers'), href: badUrl, text: 'BAD_URL' });
href: badUrl,
text: 'BAD_URL',
});
}); });
it('for the file field', () => { it('for the file field', () => {
expectSafeLink(findLink('file'), { expectSafeLink({
link: findLink('file'),
href: badUrl, href: badUrl,
text: 'badFile.lock', text: 'badFile.lock',
isExternal: false,
}); });
}); });
it('for the instances field', () => { it('for the instances field', () => {
expectSafeLink(wrapper.find('.report-block-list-issue-description-link .break-link'), { expectSafeLink({
link: wrapper.find('.report-block-list-issue-description-link .break-link'),
href: badUrl, href: badUrl,
text: badUrl, text: badUrl,
}); });
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment