Highlight BiDi chars on the frontend
What does this MR do and why?
In https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/1862 we added a mechanism on the backend to wrap/highlight BiDi characters on the backend.
This MR Highlights BiDi chars in the refactored source viewer.
This list of characters to be highlighted is based on the paper that was published on the vulnerability and researching packages like this one.
Related to #341837
Screenshots or screen recordings
before | after |
---|---|
How to set up and validate locally
- Enable the Blob Viewer Refactor and highlight.js feature flag
Feature.enable(:refactor_blob_viewer)
Feature.enable(:highlight_js)
-
Add a file containing BiDi override characters (sample)
-
View the file
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Jacques Erasmus