RubyGems - angular_xss - Versions diffs - 0.2.2 → 0.4.0 - Mend

angular_xss 0.2.2 → 0.4.0

Files changed (98) hide show

checksums.yaml +7 -0
data/.github/workflows/test.yml +52 -0
data/.rspec +1 -0
data/.ruby-version +1 -0
data/CHANGELOG.md +72 -0
data/Gemfile +1 -0
data/Gemfile.lock +1 -0
data/Gemfile.rails-3.2 +9 -0
data/Gemfile.rails-3.2.lock +91 -0
data/Gemfile.rails-4.2.haml-4 +8 -0
data/Gemfile.rails-4.2.haml-4.lock +88 -0
data/Gemfile.rails-4.2.haml-5 +8 -0
data/Gemfile.rails-4.2.haml-5.lock +90 -0
data/Gemfile.rails-5.1.haml-4 +8 -0
data/Gemfile.rails-5.1.haml-4.lock +85 -0
data/Gemfile.rails-5.1.haml-5 +8 -0
data/Gemfile.rails-5.1.haml-5.lock +87 -0
data/Gemfile.rails-6.1.haml-5 +8 -0
data/Gemfile.rails-6.1.haml-5.lock +90 -0
data/README.md +12 -4
data/Rakefile +3 -66
data/lib/angular_xss/action_view.rb +2 -1
data/lib/angular_xss/erb.rb +2 -1
data/lib/angular_xss/escaper.rb +2 -2
data/lib/angular_xss/haml.rb +27 -10
data/lib/angular_xss/safe_buffer.rb +4 -3
data/lib/angular_xss/version.rb +1 -1
data/spec/{shared/tests → angular_xss}/erb_spec.rb +1 -1
data/spec/{shared/tests → angular_xss}/haml_spec.rb +1 -1
data/spec/angular_xss/safe_buffer_spec.rb +9 -0
data/spec/spec_helper.rb +37 -0
data/spec/{shared/support → support}/engine_preventing_angular_xss.rb +20 -8
data/spec/{shared/app_root/app/views/test → templates}/_test_erb.erb +0 -0
data/spec/{shared/app_root/app/views/test → templates}/_test_haml.haml +5 -3
metadata +79 -204
data/.travis.yml +0 -15
data/spec/rails-2.3/Gemfile +0 -12
data/spec/rails-2.3/Gemfile.lock +0 -62
data/spec/rails-2.3/Rakefile +0 -11
data/spec/rails-2.3/app_root/config/boot.rb +0 -129
data/spec/rails-2.3/app_root/config/database.yml +0 -4
data/spec/rails-2.3/app_root/config/environment.rb +0 -14
data/spec/rails-2.3/app_root/config/environments/test.rb +0 -28
data/spec/rails-2.3/app_root/config/preinitializer.rb +0 -20
data/spec/rails-2.3/app_root/config/routes.rb +0 -4
data/spec/rails-2.3/app_root/lib/console_with_fixtures.rb +0 -4
data/spec/rails-2.3/app_root/log/.gitignore +0 -1
data/spec/rails-2.3/app_root/script/console +0 -7
data/spec/rails-2.3/rcov.opts +0 -2
data/spec/rails-2.3/spec/spec_helper.rb +0 -20
data/spec/rails-2.3/spec.opts +0 -4
data/spec/rails-3.2/.rspec +0 -2
data/spec/rails-3.2/Gemfile +0 -10
data/spec/rails-3.2/Gemfile.lock +0 -129
data/spec/rails-3.2/Rakefile +0 -10
data/spec/rails-3.2/app_root/.gitignore +0 -4
data/spec/rails-3.2/app_root/config/application.rb +0 -32
data/spec/rails-3.2/app_root/config/boot.rb +0 -13
data/spec/rails-3.2/app_root/config/database.yml +0 -4
data/spec/rails-3.2/app_root/config/environment.rb +0 -5
data/spec/rails-3.2/app_root/config/environments/test.rb +0 -35
data/spec/rails-3.2/app_root/config/initializers/backtrace_silencers.rb +0 -7
data/spec/rails-3.2/app_root/config/initializers/inflections.rb +0 -10
data/spec/rails-3.2/app_root/config/initializers/mime_types.rb +0 -5
data/spec/rails-3.2/app_root/config/initializers/secret_token.rb +0 -7
data/spec/rails-3.2/app_root/config/initializers/session_store.rb +0 -8
data/spec/rails-3.2/app_root/config/routes.rb +0 -58
data/spec/rails-3.2/app_root/lib/tasks/.gitkeep +0 -0
data/spec/rails-3.2/app_root/log/.gitkeep +0 -0
data/spec/rails-3.2/app_root/script/rails +0 -6
data/spec/rails-3.2/rcov.opts +0 -2
data/spec/rails-3.2/spec/spec_helper.rb +0 -20
data/spec/rails-4.2/.rspec +0 -2
data/spec/rails-4.2/Gemfile +0 -10
data/spec/rails-4.2/Gemfile.lock +0 -157
data/spec/rails-4.2/Rakefile +0 -10
data/spec/rails-4.2/app_root/.gitignore +0 -4
data/spec/rails-4.2/app_root/config/application.rb +0 -34
data/spec/rails-4.2/app_root/config/boot.rb +0 -13
data/spec/rails-4.2/app_root/config/database.yml +0 -4
data/spec/rails-4.2/app_root/config/environment.rb +0 -5
data/spec/rails-4.2/app_root/config/environments/test.rb +0 -35
data/spec/rails-4.2/app_root/config/initializers/backtrace_silencers.rb +0 -7
data/spec/rails-4.2/app_root/config/initializers/inflections.rb +0 -10
data/spec/rails-4.2/app_root/config/initializers/mime_types.rb +0 -5
data/spec/rails-4.2/app_root/config/initializers/secret_token.rb +0 -7
data/spec/rails-4.2/app_root/config/initializers/session_store.rb +0 -8
data/spec/rails-4.2/app_root/config/routes.rb +0 -3
data/spec/rails-4.2/app_root/lib/tasks/.gitkeep +0 -0
data/spec/rails-4.2/app_root/log/.gitkeep +0 -0
data/spec/rails-4.2/app_root/script/rails +0 -6
data/spec/rails-4.2/rcov.opts +0 -2
data/spec/rails-4.2/spec/spec_helper.rb +0 -27
data/spec/shared/app_root/app/controllers/application_controller.rb +0 -2
data/spec/shared/app_root/app/helpers/application_helper.rb +0 -3
data/spec/shared/app_root/app/models/.gitkeep +0 -0
data/spec/shared/app_root/config/database.yml +0 -4
data/spec/shared/app_root/db/migrate/.gitkeep +0 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 0d7d2dcd19075eb585a144cfbf52e22e61031155dd20e2350bef4df1e213a1d6
+  data.tar.gz: 06cfba2593dc1c67ba5407575eac8ef032c746cfa127deaaf743f6e752ef85b4
+SHA512:
+  metadata.gz: 19c422e8f23f5e914dd184ffdf443ba2fffcd6785b86347823de54e71e07a0481f5fc7ef594c9de9f0d701983864fa06f90f402ee94e889e71e4e3cca2d72cdb
+  data.tar.gz: ba840f913b4b842217b8056d9da914f7fc56e324fe94dbb6d42e0fbec3dc225ae17bc385ec737b836ac7b4e487726b4b6f1d957e9cbb5e727408d4d22d1ab7eb

data/.github/workflows/test.yml ADDED Viewed

@@ -0,0 +1,52 @@
+---
+name: Tests
+'on':
+  push:
+    branches:
+    - master
+  pull_request:
+    branches:
+    - master
+jobs:
+  test:
+    runs-on: ubuntu-20.04
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-3.2
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-4.2.haml-4
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-4.2.haml-5
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-5.1.haml-4
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-5.1.haml-5
+        - ruby: 2.7.2
+          gemfile: Gemfile.rails-5.1.haml-4
+        - ruby: 2.7.2
+          gemfile: Gemfile.rails-5.1.haml-5
+        - ruby: 2.7.2
+          gemfile: Gemfile.rails-6.1.haml-5
+        - ruby: 3.0.1
+          gemfile: Gemfile.rails-5.1.haml-4
+        - ruby: 3.0.1
+          gemfile: Gemfile.rails-5.1.haml-5
+        - ruby: 3.0.1
+          gemfile: Gemfile.rails-6.1.haml-5
+    env:
+      BUNDLE_GEMFILE: "${{ matrix.gemfile }}"
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: "${{ matrix.ruby }}"
+    - name: Bundle
+      run: |
+        gem install bundler:2.1.4
+        bundle install --no-deployment
+    - name: Run tests
+      run: bundle exec rspec

data/.rspec ADDED Viewed

	@@ -0,0 +1 @@
1	+ --require spec_helper

data/.ruby-version ADDED Viewed

	@@ -0,0 +1 @@
1	+ 2.7.2

data/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,72 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+This project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+## Unreleased
+### Compatible changes
+### Breaking changes
+## 0.4.0 2021-08-23
+### Compatible changes
+- Add compatibility with Rails 6
+- Add compatibility with Haml > 5.2
+- Add compatibility with Ruby 2.7 and Ruby 3
+## 0.3.1 2017-11-21
+### Compatible Changes
+- Add compatibility with Rails 5
+- Add compatibility with Haml 5
+## 0.3.0 2017-07-31
+### Breaking changes
+- Changed the way Angular XSS escapes double braces from ` { { ` to
+  `{{ $root.DOUBLE_LEFT_CURLY_BRACE }}`. This requires a change in the
+  application code. Check the [README](https://github.com/makandra/angular_xss/blob/master/README.md#installation)
+  for details.
+## 0.2.3 2015-04-17
+### Compatible changes
+- Fix a bug where an unexpected nil value would cause problems
+## 0.2.2 2015-04-17
+### Compatible changes
+- Support Rails 4.2
+## 0.2.1 2015-04-13
+### Compatible changes
+- Fix escaping of precompiled attributes in Haml templates
+## 0.2.0 2015-04-13
+### Compatible changes
+- Add option to disable escaping temporarily via `AngularXss.disable do ... end`
+## 0.1.1 2014-01-04
+### Compatible changes
+- Require Haml >= 3.1.5 (lower Hamls don't escape element attribute values)
+## 0.1.0 2014-01-03
+### Compatible changes
+- First version.

data/Gemfile ADDED Viewed

	@@ -0,0 +1 @@
1	+ ./Gemfile.rails-5.1.haml-5

data/Gemfile.lock ADDED Viewed

	@@ -0,0 +1 @@
1	+ ./Gemfile.rails-5.1.haml-5.lock

data/Gemfile.rails-3.2 ADDED Viewed

@@ -0,0 +1,9 @@
+source 'http://rubygems.org'
+gem 'railties', '~>3.2'
+gem 'actionpack', '~>3.2'
+gem 'rspec'
+gem 'haml', '=4.0.2'
+gem 'angular_xss', :path => '.'
+gem 'gemika'
+gem 'rake'

data/Gemfile.rails-3.2.lock ADDED Viewed

@@ -0,0 +1,91 @@
+PATH
+  remote: .
+  specs:
+    angular_xss (0.4.0)
+      activesupport
+      haml (>= 3.1.5)
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (3.2.22.5)
+      activemodel (= 3.2.22.5)
+      activesupport (= 3.2.22.5)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      journey (~> 1.0.4)
+      rack (~> 1.4.5)
+      rack-cache (~> 1.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.2.1)
+    activemodel (3.2.22.5)
+      activesupport (= 3.2.22.5)
+      builder (~> 3.0.0)
+    activesupport (3.2.22.5)
+      i18n (~> 0.6, >= 0.6.4)
+      multi_json (~> 1.0)
+    builder (3.0.4)
+    concurrent-ruby (1.0.5)
+    diff-lcs (1.3)
+    erubis (2.7.0)
+    gemika (0.6.1)
+    haml (4.0.2)
+      tilt
+    hike (1.2.3)
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
+    journey (1.0.4)
+    json (1.8.6)
+    multi_json (1.12.2)
+    rack (1.4.7)
+    rack-cache (1.7.1)
+      rack (>= 0.4)
+    rack-ssl (1.3.4)
+      rack
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    railties (3.2.22.5)
+      actionpack (= 3.2.22.5)
+      activesupport (= 3.2.22.5)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (>= 0.14.6, < 2.0)
+    rake (12.3.0)
+    rdoc (3.12.2)
+      json (~> 1.4)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    sprockets (2.2.3)
+      hike (~> 1.2)
+      multi_json (~> 1.0)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    thor (0.20.0)
+    tilt (1.4.1)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  actionpack (~> 3.2)
+  angular_xss!
+  gemika
+  haml (= 4.0.2)
+  railties (~> 3.2)
+  rake
+  rspec
+BUNDLED WITH
+   1.17.3

data/Gemfile.rails-4.2.haml-4 ADDED Viewed

@@ -0,0 +1,8 @@
+source 'http://rubygems.org'
+gem 'actionpack', '~>4.2'
+gem 'rspec'
+gem 'haml', '<5'
+gem 'angular_xss', :path => '.'
+gem 'gemika'
+gem 'rake'

data/Gemfile.rails-4.2.haml-4.lock ADDED Viewed

@@ -0,0 +1,88 @@
+PATH
+  remote: .
+  specs:
+    angular_xss (0.4.0)
+      activesupport
+      haml (>= 3.1.5)
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (4.2.10)
+      actionview (= 4.2.10)
+      activesupport (= 4.2.10)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (4.2.10)
+      activesupport (= 4.2.10)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activesupport (4.2.10)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
+    diff-lcs (1.3)
+    erubis (2.7.0)
+    gemika (0.6.1)
+    haml (4.0.7)
+      tilt
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    rack (1.6.8)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.8)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    rake (12.3.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    thread_safe (0.3.6)
+    tilt (2.0.8)
+    tzinfo (1.2.4)
+      thread_safe (~> 0.1)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  actionpack (~> 4.2)
+  angular_xss!
+  gemika
+  haml (< 5)
+  rake
+  rspec
+BUNDLED WITH
+   1.17.3

data/Gemfile.rails-4.2.haml-5 ADDED Viewed

@@ -0,0 +1,8 @@
+source 'http://rubygems.org'
+gem 'actionpack', '~>4.2'
+gem 'rspec'
+gem 'haml', '~> 5'
+gem 'angular_xss', :path => '.'
+gem 'gemika'
+gem 'rake'

data/Gemfile.rails-4.2.haml-5.lock ADDED Viewed

@@ -0,0 +1,90 @@
+PATH
+  remote: .
+  specs:
+    angular_xss (0.4.0)
+      activesupport
+      haml (>= 3.1.5)
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (4.2.10)
+      actionview (= 4.2.10)
+      activesupport (= 4.2.10)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (4.2.10)
+      activesupport (= 4.2.10)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activesupport (4.2.10)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
+    diff-lcs (1.3)
+    erubis (2.7.0)
+    gemika (0.6.1)
+    haml (5.0.4)
+      temple (>= 0.8.0)
+      tilt
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    rack (1.6.8)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.8)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    rake (12.3.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    temple (0.8.0)
+    thread_safe (0.3.6)
+    tilt (2.0.8)
+    tzinfo (1.2.4)
+      thread_safe (~> 0.1)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  actionpack (~> 4.2)
+  angular_xss!
+  gemika
+  haml (~> 5)
+  rake
+  rspec
+BUNDLED WITH
+   1.17.3