diff options
| author | Jacopo <beschi.jacopo@gmail.com> | 2017-08-30 17:16:08 +0200 |
|---|---|---|
| committer | Jacopo <beschi.jacopo@gmail.com> | 2017-08-30 21:59:09 +0200 |
| commit | 378ee1dac262a490e48334a3dd3300be5f1c7299 (patch) | |
| tree | 95a80d0dd00de7aa8a781a53f96dcec625e5dd44 | |
| parent | f35d7d7f6ea04a38da822db902ad24108dfe94a2 (diff) | |
| download | gitlab-ce-378ee1dac262a490e48334a3dd3300be5f1c7299.tar.gz | |
Unescape HTML characters in Wiki title
The special characters of a wiki title are now escaped correctly.
| -rw-r--r-- | app/models/wiki_page.rb | 2 | ||||
| -rw-r--r-- | changelogs/unreleased/35686-unescape-wiki-title.yml | 5 | ||||
| -rw-r--r-- | spec/models/wiki_page_spec.rb | 6 |
3 files changed, 12 insertions, 1 deletions
diff --git a/app/models/wiki_page.rb b/app/models/wiki_page.rb index 5c7c2204374..f2315bb3dbb 100644 --- a/app/models/wiki_page.rb +++ b/app/models/wiki_page.rb @@ -84,7 +84,7 @@ class WikiPage # The formatted title of this page. def title if @attributes[:title] - self.class.unhyphenize(@attributes[:title]) + CGI.unescape_html(self.class.unhyphenize(@attributes[:title])) else "" end diff --git a/changelogs/unreleased/35686-unescape-wiki-title.yml b/changelogs/unreleased/35686-unescape-wiki-title.yml new file mode 100644 index 00000000000..4b2b7078163 --- /dev/null +++ b/changelogs/unreleased/35686-unescape-wiki-title.yml @@ -0,0 +1,5 @@ +--- +title: Unescape HTML characters in Wiki title +merge_request: 13942 +author: Jacopo Beschi @jacopo-beschi +type: fixed diff --git a/spec/models/wiki_page_spec.rb b/spec/models/wiki_page_spec.rb index 40a222be24d..9ef8d117123 100644 --- a/spec/models/wiki_page_spec.rb +++ b/spec/models/wiki_page_spec.rb @@ -281,6 +281,12 @@ describe WikiPage do @page.title = "Import-existing-repositories-into-GitLab" expect(@page.title).to eq("Import existing repositories into GitLab") end + + it 'unescapes html' do + @page.title = 'foo & bar' + + expect(@page.title).to eq('foo & bar') + end end describe '#directory' do |