Unverified Commit 645f7ee8 authored by Constance Okoghenun's avatar Constance Okoghenun Committed by Yorick Peterse

[master] Resolve "[Security] Stored XSS via KaTeX"

parent 77528641
---
title: Fixed XSS content in KaTex links
merge_request:
author:
type: security
require 'spec_helper'
describe 'Math rendering', :js do
let!(:project) { create(:project, :public) }
it 'renders inline and display math correctly' do
description = <<~MATH
This math is inline $`a^2+b^2=c^2`$.
......@@ -11,7 +13,6 @@
```
MATH
project = create(:project, :public)
issue = create(:issue, project: project, description: description)
visit project_issue_path(project, issue)
......@@ -19,4 +20,19 @@
expect(page).to have_selector('.katex .mord.mathdefault', text: 'b')
expect(page).to have_selector('.katex-display .mord.mathdefault', text: 'b')
end
it 'only renders non XSS links' do
description = <<~MATH
This link is valid $`\\href{javascript:alert('xss');}{xss}`$.
This link is valid $`\\href{https://gitlab.com}{Gitlab}`$.
MATH
issue = create(:issue, project: project, description: description)
visit project_issue_path(project, issue)
expect(page).to have_selector('.katex-error', text: "\href{javascript:alert('xss');}{xss}")
expect(page).to have_selector('.katex-html a', text: 'Gitlab')
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment