Commit 136ea694 authored by Sean McGivern's avatar Sean McGivern

Merge branch '23311-fix-double-escaping' into 'master'

Stop event_commit_title from escaping its output

Fixes a double-escape issue (actually triple-escape!) viewing the activity feed

Closes #23311 

Related to #23258 !6832

See merge request !6930
parents 2f7e1c0e 4012c695
......@@ -154,7 +154,7 @@ module EventsHelper
end
def event_commit_title(message)
escape_once(truncate(message.split("\n").first, length: 70))
(message.split("\n").first || "").truncate(70)
rescue
"--broken encoding"
end
......
......@@ -62,4 +62,21 @@ describe EventsHelper do
expect(helper.event_note(input)).to eq(expected)
end
end
describe '#event_commit_title' do
let(:message) { "foo & bar " + "A" * 70 + "\n" + "B" * 80 }
subject { helper.event_commit_title(message) }
it "returns the first line, truncated to 70 chars" do
is_expected.to eq(message[0..66] + "...")
end
it "is not html-safe" do
is_expected.not_to be_a(ActiveSupport::SafeBuffer)
end
it "handles empty strings" do
expect(helper.event_commit_title("")).to eq("")
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment