RubygemsResearch

Sha256: 73bfdd354d7ef54c4a367f83ab06a02d23171bd5cde77bda108e4d26d73f59e8

Contents?: true

Size: 634 Bytes

Versions: 14

Compression:

Stored size: 634 Bytes

require 'spec_helper'

feature 'Promotion with user rule', js: true do
  stub_authorization!

  given(:promotion) { create :promotion }

  background do
    visit spree.edit_admin_promotion_path(promotion)
  end

  context "with an attempted XSS" do
    let(:xss_string) { %(<script>throw("XSS")</script>) }
    given!(:user) { create(:user, email: xss_string) }

    scenario "adding an option value rule" do
      select2 "User", from: "Add rule of type"
      within("#rules_container") { click_button "Add" }

      select2_search "<script>", from: "Choose users"

      expect(page).to have_content(xss_string)
    end
  end
end

Version data entries

14 entries across 14 versions & 1 rubygems

Version	Path
solidus_backend-1.3.2	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.2.3	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.1.4	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.0.7	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.3.1	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.3.0	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.3.0.rc2	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.3.0.rc1	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.3.0.beta1	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.0.6	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.2.2	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.2.1	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.1.3	spec/features/admin/promotions/user_rule_spec.rb
solidus_backend-1.0.5	spec/features/admin/promotions/user_rule_spec.rb