Skip to content

Highlight BiDi chars on the frontend

Jacques Erasmus requested to merge 341837-highlight-bidi-chars into master

What does this MR do and why?

In https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/1862 we added a mechanism on the backend to wrap/highlight BiDi characters on the backend.

This MR Highlights BiDi chars in the refactored source viewer.

This list of characters to be highlighted is based on the paper that was published on the vulnerability and researching packages like this one.

Related to #341837

Screenshots or screen recordings

before after
Screenshot_2022-03-30_at_08.52.15 Screenshot_2022-03-30_at_08.53.37

How to set up and validate locally

  1. Enable the Blob Viewer Refactor and highlight.js feature flag
Feature.enable(:refactor_blob_viewer)
Feature.enable(:highlight_js)
  1. Add a file containing BiDi override characters (sample)

  2. View the file

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Jacques Erasmus

Merge request reports

Loading