diff --git a/CHANGELOG b/CHANGELOG
index ca8d1ec2ef16840f21a5b471bdbb88ccbb21dfc6..032a80982027d903340f26390e487a033d99b208 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -11,6 +11,7 @@ v 7.12.0 (unreleased)
- Fix resolving of relative links to repository files in AsciiDoc documents. (Jakub Jirutka)
- Use the user list from the target project in a merge request (Stan Hu)
- Default extention for wiki pages is now .md instead of .markdown (Jeroen van Baarsen)
+ - Add validation to wiki page creation (only [a-zA-Z0-9/_-] are allowed) (Jeroen van Baarsen)
v 7.11.2
- no changes
diff --git a/app/assets/javascripts/wikis.js.coffee b/app/assets/javascripts/wikis.js.coffee
index 66757565d3aae583405e2e6ef1aebc5602cad83c..81cfc37b956f5ef458d6fc849db1d5206fd4fa2c 100644
--- a/app/assets/javascripts/wikis.js.coffee
+++ b/app/assets/javascripts/wikis.js.coffee
@@ -1,9 +1,17 @@
class @Wikis
constructor: ->
- $('.build-new-wiki').bind "click", ->
+ $('.build-new-wiki').bind "click", (e) ->
+ $('[data-error~=slug]').addClass("hidden")
+ $('p.hint').show()
field = $('#new_wiki_path')
- slug = field.val()
- path = field.attr('data-wikis-path')
+ valid_slug_pattern = /^[\w\/-]+$/
- if(slug.length > 0)
- location.href = path + "/" + slug
+ slug = field.val()
+ if slug.match valid_slug_pattern
+ path = field.attr('data-wikis-path')
+ if(slug.length > 0)
+ location.href = path + "/" + slug
+ else
+ e.preventDefault()
+ $('p.hint').hide()
+ $('[data-error~=slug]').removeClass("hidden")
diff --git a/app/views/projects/wikis/_new.html.haml b/app/views/projects/wikis/_new.html.haml
index 6834969de8b44e3a77b57b5f05fc6758d44e23d3..b2c085f34b18299cb1bb74a531d1ac3b65ccdcc4 100644
--- a/app/views/projects/wikis/_new.html.haml
+++ b/app/views/projects/wikis/_new.html.haml
@@ -8,6 +8,8 @@
= label_tag :new_wiki_path do
%span Page slug
= text_field_tag :new_wiki_path, nil, placeholder: 'how-to-setup', class: 'form-control', required: true, :'data-wikis-path' => namespace_project_wikis_path(@project.namespace, @project)
+ %p.hidden.text-danger{data: { error: "slug" }}
+ The page slug is invalid. Please don't use characters other then: a-z 0-9 _ - and /
%p.hint
Please don't use spaces.
.modal-footer
diff --git a/features/project/wiki.feature b/features/project/wiki.feature
index 977cd609a117d630c71f949a82e94fdf6997840d..7a70f3487541619925f17c3a1c00d183c03f2f87 100644
--- a/features/project/wiki.feature
+++ b/features/project/wiki.feature
@@ -69,6 +69,11 @@ Feature: Project Wiki
And I click on the "Pages" button
Then I should see non-escaped link in the pages list
+ @javascript @focus
+ Scenario: Creating an invalid new page
+ Given I create a New page with an invalid name
+ Then I should see an error message
+
@javascript
Scenario: Edit Wiki page that has a path
Given I create a New page with paths
diff --git a/features/steps/project/wiki.rb b/features/steps/project/wiki.rb
index 717132da45df0c90f738f54138f4b79ef8681a4b..58cb0ceb3f196776a1b8b70475cb5d72c7e6168f 100644
--- a/features/steps/project/wiki.rb
+++ b/features/steps/project/wiki.rb
@@ -133,6 +133,16 @@ class Spinach::Features::ProjectWiki < Spinach::FeatureSteps
current_path.should include 'one/two/three'
end
+ step 'I create a New page with an invalid name' do
+ click_on 'New Page'
+ fill_in 'Page slug', with: 'invalid name'
+ click_on 'Build'
+ end
+
+ step 'I should see an error message' do
+ expect(page).to have_content "The page slug is invalid"
+ end
+
step 'I should see non-escaped link in the pages list' do
page.should have_xpath("//a[@href='/#{project.path_with_namespace}/wikis/one/two/three']")
end