Commit 60913a4b authored by Andy Soiron's avatar Andy Soiron

Sanitize link markup for vulnerability chat messages

Changelog: security
EE: true
parent d7c3f9ba
......@@ -19,7 +19,7 @@ module Integrations
def attachments
[{
title: title,
title: strip_markup(title),
title_link: vulnerability_url,
color: attachment_color,
fields: attachment_fields
......
......@@ -31,6 +31,8 @@ RSpec.describe Integrations::ChatMessage::VulnerabilityMessage do
}
end
it_behaves_like Integrations::ChatMessage
describe '#message' do
it 'returns the correct message' do
expect(subject.message).to eq("Vulnerability detected in [Foobar Project](https://git.example.com/random/foobar)")
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment