Ensure that view components have no HTML escaped tags
What does this MR do and why?
This MR is a follow-up of !97733 (merged) and ensures that view components does not render any HTML escated tags. Previously, we were only checking for HTML escaped tags only in views templates.
How to set up and validate locally
- Add
= raw '<a'
to a component template. For example,app/components/pajamas/avatar_component.html.haml
- Run component specs via
bin/spec spec/components/pajamas/avatar_component_spec.rb
- See the following exception
1) Pajamas::AvatarComponent avatar shape for a Project has default shape (rect)
Failure/Error:
raise <<~MESSAGE
The following string contains HTML escaped tags:
#{string}
Please consider using `.html_safe`.
This check can be disabled via:
it #{example.description.inspect}, :skip_html_escaped_tags_check do
RuntimeError:
The following string contains HTML escaped tags:
64 gl-avatar-identicon gl-avatar-identicon-bg2">
«<a»
P
</div>
</body></html>
Please consider using `.html_safe`.
This check can be disabled via:
it "has default shape (rect)", :skip_html_escaped_tags_check do
...
end
Refs !98358 (comment 1110957395)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Peter Leitzen