Commit 5430a99b authored by Paul Slaughter's avatar Paul Slaughter

Merge branch 'sstern-master-patch-98531' into 'master'

Update doc/development/fe_guide/security.md

See merge request gitlab-org/gitlab!56055
parents ecb0c75d eed46dd7
......@@ -105,3 +105,9 @@ element.appendChild(sanitize(unsafeHtml));
This `sanitize` function takes the same configuration as the
original.
### Fixing Security Issues
When refactoring old code, it's important that we don't accidentally remove specs written to catch security issues which might still be relevant.
We should mark specs with `#security` in either the `describe` or `it` blocks to communicate to the engineer reading the code that by removing these specs could have severe consequences down the road, and you are removing code that could catch a reintroduction of a security issue.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment