whitelist allowed file types for custom favicons

author: Alexis Reigel <mail@koffeinfrei.org> 2017-09-27 15:03:49 +0200
committer: Alexis Reigel <mail@koffeinfrei.org> 2018-06-05 16:20:20 +0200
commit: 85a8e6f26a8fa0ea9f430f0094fb14706bfd2991 (patch)
tree: 4afb34773410769406e292b19ba21892a45fd001 /spec/features
parent: 822023c64ccab23cfdacb42e191dcec4f812adfd (diff)
download: gitlab-ce-85a8e6f26a8fa0ea9f430f0094fb14706bfd2991.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/spec/features/admin/admin_appearance_spec.rb b/spec/features/admin/admin_appearance_spec.rb
index 556aa10d226..ffffd14752e 100644
--- a/spec/features/admin/admin_appearance_spec.rb
+++ b/spec/features/admin/admin_appearance_spec.rb
@@ -108,6 +108,12 @@ feature 'Admin Appearance' do
     expect(page).not_to have_css('//img[data-src$="/status_skipped_dk.ico"]')
     expect(page).not_to have_css('//img[data-src$="/status_success_dk.ico"]')
     expect(page).not_to have_css('//img[data-src$="/status_warning_dk.ico"]')
+
+    # allowed file types
+    attach_file(:appearance_favicon, Rails.root.join('spec', 'fixtures', 'sanitized.svg'))
+    click_button 'Save'
+
+    expect(page).to have_content 'Favicon You are not allowed to upload "svg" files, allowed types: png, jpg, jpeg, gif, bmp, tiff, ico'
   end
 
   def expect_custom_sign_in_appearance(appearance)
author	Alexis Reigel <mail@koffeinfrei.org>	2017-09-27 15:03:49 +0200
committer	Alexis Reigel <mail@koffeinfrei.org>	2018-06-05 16:20:20 +0200
commit	85a8e6f26a8fa0ea9f430f0094fb14706bfd2991 (patch)
tree	4afb34773410769406e292b19ba21892a45fd001 /spec/features
parent	822023c64ccab23cfdacb42e191dcec4f812adfd (diff)
download	gitlab-ce-85a8e6f26a8fa0ea9f430f0094fb14706bfd2991.tar.gz