Failure in qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb:8
Job: https://gitlab.com/gitlab-org/quality/staging/-/jobs/253100977
1) Plan check xss occurence in @mentions in issues user mentions a user in comment
Failure/Error:
user = Resource::User.fabricate_via_api! do |user|
user.name = "eve <img src=x onerror=alert(2)<img src=x onerror=alert(1)>"
user.password = "test1234"
end
QA::Resource::ApiFabricator::ResourceFabricationFailedError:
Fabrication of QA::Resource::User using the API failed (403) with `{"message":"403 Forbidden"}`.
# ./qa/resource/api_fabricator.rb:76:in `api_post'
# ./qa/resource/api_fabricator.rb:30:in `fabricate_via_api!'
# ./qa/resource/user.rb:70:in `rescue in fabricate_via_api!'
# ./qa/resource/user.rb:67:in `fabricate_via_api!'
# ./qa/resource/base.rb:46:in `block (2 levels) in fabricate_via_api!'
# ./qa/resource/base.rb:110:in `log_fabrication'
# ./qa/resource/base.rb:46:in `block in fabricate_via_api!'
# ./qa/resource/base.rb:93:in `do_fabricate!'
# ./qa/resource/base.rb:45:in `fabricate_via_api!'
# ./qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb:12:in `block (3 levels) in <module:QA>'
HTML dump: check_mentions_for_xss_spec.rb_2019-07-17-04-31-18.985.html
QA Logs: