acts_as_sanitiled 1.0.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +22 -3
- data/VERSION +1 -1
- data/acts_as_sanitiled.gemspec +65 -0
- data/lib/acts_as_sanitiled.rb +12 -5
- metadata +3 -2
data/README.rdoc
CHANGED
|
@@ -7,9 +7,24 @@ The reasoning behind this approach is simple. Filtering input before it is save
|
|
|
7
7
|
== Requirements
|
|
8
8
|
|
|
9
9
|
* Sanitize >1.1.0 (prior versions had a whitespace issue)
|
|
10
|
+
* Nokogiri >1.3.3
|
|
10
11
|
* RedCloth (for Textile support)
|
|
11
12
|
* ActiveRecord (tested on 2.3.4)
|
|
12
13
|
|
|
14
|
+
== Installation
|
|
15
|
+
|
|
16
|
+
acts_as_sanitiled is distributed via Gemcutter. If you are enlightened you can simply do:
|
|
17
|
+
|
|
18
|
+
gem install acts_as_sanitiled
|
|
19
|
+
|
|
20
|
+
If you haven't checkout out Gemcutter yet:
|
|
21
|
+
|
|
22
|
+
gem install --source http://gemcutter.org acts_as_sanitiled
|
|
23
|
+
|
|
24
|
+
Then in your Rails environment.rb:
|
|
25
|
+
|
|
26
|
+
config.gem 'acts_as_sanitiled'
|
|
27
|
+
|
|
13
28
|
== Changes from acts_as_textiled
|
|
14
29
|
|
|
15
30
|
acts_as_sanitiled mostly maintains the API, but one noticeable difference is that it needs to expose the Sanitize config. Therefore acts_as_textiled use of a hash to provide per-column RedCloth configuration had to be replaced with Sanitize config. RedCloth options can still be passed as an array that applies to all fields listed.
|
|
@@ -90,10 +105,14 @@ Or vice-versa:
|
|
|
90
105
|
acts_as_textilized :body_text, [ :lite_mode ]
|
|
91
106
|
end
|
|
92
107
|
|
|
93
|
-
|
|
94
|
-
|
|
108
|
+
== Default options
|
|
109
|
+
|
|
110
|
+
Most likely you want to use the same options throughout your application, but perhaps not the same options I like. You can set the default options for both Sanitize and RedCloth like so.
|
|
111
|
+
|
|
112
|
+
ActsAsSanitiled.default_redcloth_options = [:no_span_caps]
|
|
113
|
+
ActsAsSanitiled.default_sanitize_options = {:elements => ['em','strong','p','br']}
|
|
95
114
|
|
|
96
|
-
|
|
115
|
+
This should be done in +environment.rb+ or an initializer so it will run before your ActiveRecord classes are defined.
|
|
97
116
|
|
|
98
117
|
== form_for
|
|
99
118
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.1.0
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
# Generated by jeweler
|
|
2
|
+
# DO NOT EDIT THIS FILE
|
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
|
|
4
|
+
# -*- encoding: utf-8 -*-
|
|
5
|
+
|
|
6
|
+
Gem::Specification.new do |s|
|
|
7
|
+
s.name = %q{acts_as_sanitiled}
|
|
8
|
+
s.version = "1.1.0"
|
|
9
|
+
|
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
|
+
s.authors = ["Gabe da Silveira"]
|
|
12
|
+
s.date = %q{2009-10-19}
|
|
13
|
+
s.description = %q{A modernized version of Chris Wansthrath's venerable acts_as_textiled. It automatically textiles and then sanitizes columns to your specification. Ryan Grove's excellent Sanitize gem with nokogiri provides the backend for speedy and robust filtering of your output in order to: restrict Textile to a subset of HTML, guarantee well-formedness, and of course prevent XSS.}
|
|
14
|
+
s.email = %q{gabe@websaviour.com}
|
|
15
|
+
s.extra_rdoc_files = [
|
|
16
|
+
"LICENSE",
|
|
17
|
+
"README.rdoc"
|
|
18
|
+
]
|
|
19
|
+
s.files = [
|
|
20
|
+
"CHANGELOG",
|
|
21
|
+
"LICENSE",
|
|
22
|
+
"README.rdoc",
|
|
23
|
+
"Rakefile",
|
|
24
|
+
"VERSION",
|
|
25
|
+
"acts_as_sanitiled.gemspec",
|
|
26
|
+
"lib/acts_as_sanitiled.rb",
|
|
27
|
+
"rails/init.rb",
|
|
28
|
+
"spec/sanitiled_spec.rb",
|
|
29
|
+
"spec/spec_helper.rb"
|
|
30
|
+
]
|
|
31
|
+
s.homepage = %q{http://github.com/dasil003/acts_as_sanitiled}
|
|
32
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
|
33
|
+
s.require_paths = ["lib"]
|
|
34
|
+
s.rubygems_version = %q{1.3.5}
|
|
35
|
+
s.summary = %q{Automatically textiles and/or sanitizes ActiveRecord columns}
|
|
36
|
+
s.test_files = [
|
|
37
|
+
"spec/sanitiled_spec.rb",
|
|
38
|
+
"spec/spec_helper.rb"
|
|
39
|
+
]
|
|
40
|
+
|
|
41
|
+
if s.respond_to? :specification_version then
|
|
42
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
|
43
|
+
s.specification_version = 3
|
|
44
|
+
|
|
45
|
+
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
|
46
|
+
s.add_runtime_dependency(%q<nokogiri>, ["~> 1.3.3"])
|
|
47
|
+
s.add_runtime_dependency(%q<sanitize>, ["~> 1.1.0"])
|
|
48
|
+
s.add_runtime_dependency(%q<RedCloth>, [">= 0"])
|
|
49
|
+
s.add_development_dependency(%q<bacon>, [">= 0"])
|
|
50
|
+
s.add_development_dependency(%q<activesupport>, [">= 0"])
|
|
51
|
+
else
|
|
52
|
+
s.add_dependency(%q<nokogiri>, ["~> 1.3.3"])
|
|
53
|
+
s.add_dependency(%q<sanitize>, ["~> 1.1.0"])
|
|
54
|
+
s.add_dependency(%q<RedCloth>, [">= 0"])
|
|
55
|
+
s.add_dependency(%q<bacon>, [">= 0"])
|
|
56
|
+
s.add_dependency(%q<activesupport>, [">= 0"])
|
|
57
|
+
end
|
|
58
|
+
else
|
|
59
|
+
s.add_dependency(%q<nokogiri>, ["~> 1.3.3"])
|
|
60
|
+
s.add_dependency(%q<sanitize>, ["~> 1.1.0"])
|
|
61
|
+
s.add_dependency(%q<RedCloth>, [">= 0"])
|
|
62
|
+
s.add_dependency(%q<bacon>, [">= 0"])
|
|
63
|
+
s.add_dependency(%q<activesupport>, [">= 0"])
|
|
64
|
+
end
|
|
65
|
+
end
|
data/lib/acts_as_sanitiled.rb
CHANGED
|
@@ -1,8 +1,15 @@
|
|
|
1
1
|
require 'rubygems'
|
|
2
2
|
require 'sanitize'
|
|
3
3
|
require 'RedCloth'
|
|
4
|
+
require 'activesupport'
|
|
4
5
|
|
|
5
6
|
module ActsAsSanitiled #:nodoc: all
|
|
7
|
+
mattr_accessor :default_redcloth_options
|
|
8
|
+
mattr_accessor :default_sanitize_options
|
|
9
|
+
|
|
10
|
+
@@default_redcloth_options = []
|
|
11
|
+
@@default_sanitize_options = Sanitize::Config::RELAXED
|
|
12
|
+
|
|
6
13
|
def self.included(klass)
|
|
7
14
|
klass.extend ClassMethods
|
|
8
15
|
end
|
|
@@ -27,14 +34,14 @@ module ActsAsSanitiled #:nodoc: all
|
|
|
27
34
|
|
|
28
35
|
@textiled_unicode = String.new.respond_to? :chars
|
|
29
36
|
|
|
30
|
-
options = attributes.last.is_a?(Hash) ? attributes.pop :
|
|
31
|
-
skip_textile = options.delete(:skip_textile)
|
|
32
|
-
skip_sanitize = options.delete(:skip_sanitize)
|
|
37
|
+
options = attributes.last.is_a?(Hash) ? attributes.pop : nil
|
|
38
|
+
skip_textile = options && options.delete(:skip_textile)
|
|
39
|
+
skip_sanitize = options && options.delete(:skip_sanitize)
|
|
33
40
|
|
|
34
41
|
raise 'Both textile and sanitize were skipped' if skip_textile && skip_sanitize
|
|
35
42
|
|
|
36
|
-
sanitize_options = options.
|
|
37
|
-
red_cloth_options = attributes.last && attributes.last.is_a?(Array) ? attributes.pop :
|
|
43
|
+
sanitize_options = options.nil? ? ActsAsSanitiled.default_sanitize_options : options
|
|
44
|
+
red_cloth_options = attributes.last && attributes.last.is_a?(Array) ? attributes.pop : ActsAsSanitiled.default_redcloth_options
|
|
38
45
|
|
|
39
46
|
raise 'No attributes were specified to filter' if attributes.empty?
|
|
40
47
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: acts_as_sanitiled
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabe da Silveira
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-10-
|
|
12
|
+
date: 2009-10-19 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -77,6 +77,7 @@ files:
|
|
|
77
77
|
- README.rdoc
|
|
78
78
|
- Rakefile
|
|
79
79
|
- VERSION
|
|
80
|
+
- acts_as_sanitiled.gemspec
|
|
80
81
|
- lib/acts_as_sanitiled.rb
|
|
81
82
|
- rails/init.rb
|
|
82
83
|
- spec/sanitiled_spec.rb
|