forgejo/web_src/js/components/PullRequestMergeForm.test.js
Gusted 5d85dc2d91 fix: Don't double escape delete branch text
- Don't double escape the 'Delete branch "$BRANCH"' text. `Locale.Tr`
escapes the argument already and Vue does too by default.
- Let Vue escape the text and add a unit test ensuring that it escapes.
- Resolves #5582

(cherry picked from commit 8c8b31f304)
2024-10-19 21:29:27 +00:00

34 lines
1.3 KiB
JavaScript

// Copyright 2024 The Forgejo Authors. All rights reserved.
// SPDX-License-Identifier: MIT
import {flushPromises, mount} from '@vue/test-utils';
import PullRequestMergeForm from './PullRequestMergeForm.vue';
async function renderMergeForm(branchName) {
window.config.pageData.pullRequestMergeForm = {
textDeleteBranch: `Delete branch "${branchName}"`,
textDoMerge: 'Merge',
defaultMergeStyle: 'merge',
isPullBranchDeletable: true,
canMergeNow: true,
mergeStyles: [{
'name': 'merge',
'allowed': true,
'textDoMerge': 'Merge',
'mergeTitleFieldText': 'Merge PR',
'mergeMessageFieldText': 'Description',
'hideAutoMerge': 'Hide this message',
}],
};
const mergeform = mount(PullRequestMergeForm);
mergeform.get('.merge-button').trigger('click');
await flushPromises();
return mergeform;
}
test('renders escaped branch name', async () => {
let mergeform = await renderMergeForm('<b>evil</b>');
expect(mergeform.get('label[for="delete-branch-after-merge"]').text()).toBe('Delete branch "<b>evil</b>"');
mergeform = await renderMergeForm('<script class="evil">alert("evil message");</script>');
expect(mergeform.get('label[for="delete-branch-after-merge"]').text()).toBe('Delete branch "<script class="evil">alert("evil message");</script>"');
});