Commit 371ae05c authored by Douwe Maan's avatar Douwe Maan

Don't match email addresses or foo@bar as user references

parent 322c9be8
...@@ -369,6 +369,7 @@ class User < ActiveRecord::Base ...@@ -369,6 +369,7 @@ class User < ActiveRecord::Base
# Pattern used to extract `@user` user references from text # Pattern used to extract `@user` user references from text
def reference_pattern def reference_pattern
%r{ %r{
(?<!\w)
#{Regexp.escape(reference_prefix)} #{Regexp.escape(reference_prefix)}
(?<user>#{Gitlab::PathRegex::FULL_NAMESPACE_FORMAT_REGEX}) (?<user>#{Gitlab::PathRegex::FULL_NAMESPACE_FORMAT_REGEX})
}x }x
......
---
title: Don't match email addresses or foo@bar as user references
merge_request:
author:
...@@ -16,6 +16,11 @@ describe Banzai::Filter::UserReferenceFilter, lib: true do ...@@ -16,6 +16,11 @@ describe Banzai::Filter::UserReferenceFilter, lib: true do
expect(reference_filter(act).to_html).to eq(exp) expect(reference_filter(act).to_html).to eq(exp)
end end
it 'ignores references with text before the @ sign' do
exp = act = "Hey foo#{reference}"
expect(reference_filter(act).to_html).to eq(exp)
end
%w(pre code a style).each do |elem| %w(pre code a style).each do |elem|
it "ignores valid references contained inside '#{elem}' element" do it "ignores valid references contained inside '#{elem}' element" do
exp = act = "<#{elem}>Hey #{reference}</#{elem}>" exp = act = "<#{elem}>Hey #{reference}</#{elem}>"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment