1# frozen_string_literal: true 2 3require 'spec_helper' 4 5RSpec.describe Banzai::Filter::References::AbstractReferenceFilter do 6 let_it_be(:project) { create(:project) } 7 8 let(:doc) { Nokogiri::HTML.fragment('') } 9 let(:filter) { described_class.new(doc, project: project) } 10 11 describe '#data_attributes_for' do 12 let_it_be(:issue) { create(:issue, project: project) } 13 14 it 'is not an XSS vector' do 15 allow(described_class).to receive(:object_class).and_return(Issue) 16 17 data_attributes = filter.data_attributes_for('xss <img onerror=alert(1) src=x>', project, issue, link_content: true) 18 19 expect(data_attributes[:original]).to eq('xss &lt;img onerror=alert(1) src=x&gt;') 20 end 21 end 22 23 context 'abstract methods' do 24 describe '#find_object' do 25 it 'raises NotImplementedError' do 26 expect { filter.find_object(nil, nil) }.to raise_error(NotImplementedError) 27 end 28 end 29 30 describe '#url_for_object' do 31 it 'raises NotImplementedError' do 32 expect { filter.url_for_object(nil, nil) }.to raise_error(NotImplementedError) 33 end 34 end 35 end 36end 37