diff options
| author | puckipedia <puck@puckipedia.com> | 2018-01-03 03:54:08 +0100 |
|---|---|---|
| committer | Eugen Rochko <eugen@zeonfederated.com> | 2018-01-03 03:54:08 +0100 |
| commit | 545095b3ce312b42ba304d0bb2c76727826e27b4 (patch) | |
| tree | acbfd8c4302f14ea8a352d8d7b9034eafe711ed1 /spec/lib/formatter_spec.rb | |
| parent | d319b3dbe4cf40bfca12a224adb54a8fb6033090 (diff) | |
[!] Sanitize incoming classlist properly (#6162)
* Sanitize classlist properly * Actually properly sanitize every class after the first * Improve Formatter spec to check for multiple classes and non-space whitespace
Diffstat (limited to 'spec/lib/formatter_spec.rb')
| -rw-r--r-- | spec/lib/formatter_spec.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/spec/lib/formatter_spec.rb b/spec/lib/formatter_spec.rb index 71b6b78d2..e79be3645 100644 --- a/spec/lib/formatter_spec.rb +++ b/spec/lib/formatter_spec.rb @@ -332,7 +332,7 @@ RSpec.describe Formatter do end context 'contains malicious classes' do - let(:text) { '<span class="status__content__spoiler-link">Show more</span>' } + let(:text) { '<span class="mention status__content__spoiler-link">Show more</span>' } it 'strips malicious classes' do is_expected.to_not include 'status__content__spoiler-link' |