Commit c0c9e5dd authored by Rémy Coutable's avatar Rémy Coutable

Ensure links in notifications footer are not escaped

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent 9db52451
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
%br %br
- if @target_url - if @target_url
- if @reply_by_email - if @reply_by_email
= _('Reply to this email directly or %{view_it_on_gitlab}.') % { view_it_on_gitlab: link_to(_("view it on GitLab"), @target_url) } = _('Reply to this email directly or %{view_it_on_gitlab}.').html_safe % { view_it_on_gitlab: link_to(_("view it on GitLab"), @target_url) }
- else - else
#{link_to _("View it on GitLab"), @target_url}. #{link_to _("View it on GitLab"), @target_url}.
%br %br
......
---
title: Ensure links in notifications footer are not escaped
merge_request: 21000
author:
type: fixed
...@@ -87,6 +87,10 @@ shared_examples 'an email starting a new thread with reply-by-email enabled' do ...@@ -87,6 +87,10 @@ shared_examples 'an email starting a new thread with reply-by-email enabled' do
include_examples 'an email with X-GitLab headers containing project details' include_examples 'an email with X-GitLab headers containing project details'
include_examples 'a new thread email with reply-by-email enabled' include_examples 'a new thread email with reply-by-email enabled'
it 'includes "Reply to this email directly or <View it on GitLab>"' do
expect(subject.default_part.body).to include(%(Reply to this email directly or <a href="#{Gitlab::UrlBuilder.build(model)}">view it on GitLab</a>.))
end
context 'when reply-by-email is enabled with incoming address with %{key}' do context 'when reply-by-email is enabled with incoming address with %{key}' do
it 'has a Reply-To header' do it 'has a Reply-To header' do
is_expected.to have_header 'Reply-To', /<reply+(.*)@#{Gitlab.config.gitlab.host}>\Z/ is_expected.to have_header 'Reply-To', /<reply+(.*)@#{Gitlab.config.gitlab.host}>\Z/
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment