Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
60913a4b
Commit
60913a4b
authored
Jan 19, 2022
by
Andy Soiron
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Sanitize link markup for vulnerability chat messages
Changelog: security EE: true
parent
d7c3f9ba
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
3 additions
and
1 deletion
+3
-1
ee/app/models/integrations/chat_message/vulnerability_message.rb
...models/integrations/chat_message/vulnerability_message.rb
+1
-1
ee/spec/models/integrations/chat_message/vulnerability_message_spec.rb
...s/integrations/chat_message/vulnerability_message_spec.rb
+2
-0
No files found.
ee/app/models/integrations/chat_message/vulnerability_message.rb
View file @
60913a4b
...
...
@@ -19,7 +19,7 @@ module Integrations
def
attachments
[{
title:
title
,
title:
strip_markup
(
title
)
,
title_link:
vulnerability_url
,
color:
attachment_color
,
fields:
attachment_fields
...
...
ee/spec/models/integrations/chat_message/vulnerability_message_spec.rb
View file @
60913a4b
...
...
@@ -31,6 +31,8 @@ RSpec.describe Integrations::ChatMessage::VulnerabilityMessage do
}
end
it_behaves_like
Integrations
::
ChatMessage
describe
'#message'
do
it
'returns the correct message'
do
expect
(
subject
.
message
).
to
eq
(
"Vulnerability detected in [Foobar Project](https://git.example.com/random/foobar)"
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment