consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check the alt attribute in XSS tests

Browse Source 
Not doing so was causing a test to fail when checking that all rendered
image contain an `alt` attribute.
This commit is contained in:
Javi Martín
2024-10-12 22:52:37 +02:00
parent a6e6a90bef
commit 815a4078d5
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spec/system/xss_spec.rb
View File

@@ -170,7 +170,7 @@ describe "Cross-Site Scripting protection" do
end
scenario "legislation version body filters script tags but not header IDs nor tags like images" do
markdown = "# Title 1\n<a href='https://domain.com/url'>link</a><img src='/image.png'>"
markdown = "# Title 1\n<a href='https://domain.com/url'>link</a><img src='/image.png' alt='text'>"
version = create(:legislation_draft_version, :published, body: "#{markdown}#{attack_code}")
visit legislation_process_draft_version_path(version.process, version)
@@ -178,6 +178,6 @@ describe "Cross-Site Scripting protection" do
expect(page.text).not_to be_empty
expect(page).to have_css "h1#title-1", text: "Title 1"
expect(page).to have_link "link", href: "https://domain.com/url"
expect(page).to have_css('img[src="/image.png"')
expect(page).to have_css('img[src="/image.png"]')
end
end