RubyGems - angular_xss - Versions diffs - 0.2.2 → 0.4.0 - Mend

angular_xss 0.2.2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (98) hide show

checksums.yaml +7 -0
data/.github/workflows/test.yml +52 -0
data/.rspec +1 -0
data/.ruby-version +1 -0
data/CHANGELOG.md +72 -0
data/Gemfile +1 -0
data/Gemfile.lock +1 -0
data/Gemfile.rails-3.2 +9 -0
data/Gemfile.rails-3.2.lock +91 -0
data/Gemfile.rails-4.2.haml-4 +8 -0
data/Gemfile.rails-4.2.haml-4.lock +88 -0
data/Gemfile.rails-4.2.haml-5 +8 -0
data/Gemfile.rails-4.2.haml-5.lock +90 -0
data/Gemfile.rails-5.1.haml-4 +8 -0
data/Gemfile.rails-5.1.haml-4.lock +85 -0
data/Gemfile.rails-5.1.haml-5 +8 -0
data/Gemfile.rails-5.1.haml-5.lock +87 -0
data/Gemfile.rails-6.1.haml-5 +8 -0
data/Gemfile.rails-6.1.haml-5.lock +90 -0
data/README.md +12 -4
data/Rakefile +3 -66
data/lib/angular_xss/action_view.rb +2 -1
data/lib/angular_xss/erb.rb +2 -1
data/lib/angular_xss/escaper.rb +2 -2
data/lib/angular_xss/haml.rb +27 -10
data/lib/angular_xss/safe_buffer.rb +4 -3
data/lib/angular_xss/version.rb +1 -1
data/spec/{shared/tests → angular_xss}/erb_spec.rb +1 -1
data/spec/{shared/tests → angular_xss}/haml_spec.rb +1 -1
data/spec/angular_xss/safe_buffer_spec.rb +9 -0
data/spec/spec_helper.rb +37 -0
data/spec/{shared/support → support}/engine_preventing_angular_xss.rb +20 -8
data/spec/{shared/app_root/app/views/test → templates}/_test_erb.erb +0 -0
data/spec/{shared/app_root/app/views/test → templates}/_test_haml.haml +5 -3
metadata +79 -204
data/.travis.yml +0 -15
data/spec/rails-2.3/Gemfile +0 -12
data/spec/rails-2.3/Gemfile.lock +0 -62
data/spec/rails-2.3/Rakefile +0 -11
data/spec/rails-2.3/app_root/config/boot.rb +0 -129
data/spec/rails-2.3/app_root/config/database.yml +0 -4
data/spec/rails-2.3/app_root/config/environment.rb +0 -14
data/spec/rails-2.3/app_root/config/environments/test.rb +0 -28
data/spec/rails-2.3/app_root/config/preinitializer.rb +0 -20
data/spec/rails-2.3/app_root/config/routes.rb +0 -4
data/spec/rails-2.3/app_root/lib/console_with_fixtures.rb +0 -4
data/spec/rails-2.3/app_root/log/.gitignore +0 -1
data/spec/rails-2.3/app_root/script/console +0 -7
data/spec/rails-2.3/rcov.opts +0 -2
data/spec/rails-2.3/spec/spec_helper.rb +0 -20
data/spec/rails-2.3/spec.opts +0 -4
data/spec/rails-3.2/.rspec +0 -2
data/spec/rails-3.2/Gemfile +0 -10
data/spec/rails-3.2/Gemfile.lock +0 -129
data/spec/rails-3.2/Rakefile +0 -10
data/spec/rails-3.2/app_root/.gitignore +0 -4
data/spec/rails-3.2/app_root/config/application.rb +0 -32
data/spec/rails-3.2/app_root/config/boot.rb +0 -13
data/spec/rails-3.2/app_root/config/database.yml +0 -4
data/spec/rails-3.2/app_root/config/environment.rb +0 -5
data/spec/rails-3.2/app_root/config/environments/test.rb +0 -35
data/spec/rails-3.2/app_root/config/initializers/backtrace_silencers.rb +0 -7
data/spec/rails-3.2/app_root/config/initializers/inflections.rb +0 -10
data/spec/rails-3.2/app_root/config/initializers/mime_types.rb +0 -5
data/spec/rails-3.2/app_root/config/initializers/secret_token.rb +0 -7
data/spec/rails-3.2/app_root/config/initializers/session_store.rb +0 -8
data/spec/rails-3.2/app_root/config/routes.rb +0 -58
data/spec/rails-3.2/app_root/lib/tasks/.gitkeep +0 -0
data/spec/rails-3.2/app_root/log/.gitkeep +0 -0
data/spec/rails-3.2/app_root/script/rails +0 -6
data/spec/rails-3.2/rcov.opts +0 -2
data/spec/rails-3.2/spec/spec_helper.rb +0 -20
data/spec/rails-4.2/.rspec +0 -2
data/spec/rails-4.2/Gemfile +0 -10
data/spec/rails-4.2/Gemfile.lock +0 -157
data/spec/rails-4.2/Rakefile +0 -10
data/spec/rails-4.2/app_root/.gitignore +0 -4
data/spec/rails-4.2/app_root/config/application.rb +0 -34
data/spec/rails-4.2/app_root/config/boot.rb +0 -13
data/spec/rails-4.2/app_root/config/database.yml +0 -4
data/spec/rails-4.2/app_root/config/environment.rb +0 -5
data/spec/rails-4.2/app_root/config/environments/test.rb +0 -35
data/spec/rails-4.2/app_root/config/initializers/backtrace_silencers.rb +0 -7
data/spec/rails-4.2/app_root/config/initializers/inflections.rb +0 -10
data/spec/rails-4.2/app_root/config/initializers/mime_types.rb +0 -5
data/spec/rails-4.2/app_root/config/initializers/secret_token.rb +0 -7
data/spec/rails-4.2/app_root/config/initializers/session_store.rb +0 -8
data/spec/rails-4.2/app_root/config/routes.rb +0 -3
data/spec/rails-4.2/app_root/lib/tasks/.gitkeep +0 -0
data/spec/rails-4.2/app_root/log/.gitkeep +0 -0
data/spec/rails-4.2/app_root/script/rails +0 -6
data/spec/rails-4.2/rcov.opts +0 -2
data/spec/rails-4.2/spec/spec_helper.rb +0 -27
data/spec/shared/app_root/app/controllers/application_controller.rb +0 -2
data/spec/shared/app_root/app/helpers/application_helper.rb +0 -3
data/spec/shared/app_root/app/models/.gitkeep +0 -0
data/spec/shared/app_root/config/database.yml +0 -4
data/spec/shared/app_root/db/migrate/.gitkeep +0 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 0d7d2dcd19075eb585a144cfbf52e22e61031155dd20e2350bef4df1e213a1d6
+  data.tar.gz: 06cfba2593dc1c67ba5407575eac8ef032c746cfa127deaaf743f6e752ef85b4
+SHA512:
+  metadata.gz: 19c422e8f23f5e914dd184ffdf443ba2fffcd6785b86347823de54e71e07a0481f5fc7ef594c9de9f0d701983864fa06f90f402ee94e889e71e4e3cca2d72cdb
+  data.tar.gz: ba840f913b4b842217b8056d9da914f7fc56e324fe94dbb6d42e0fbec3dc225ae17bc385ec737b836ac7b4e487726b4b6f1d957e9cbb5e727408d4d22d1ab7eb

data/.github/workflows/test.yml ADDED Viewed

@@ -0,0 +1,52 @@
+---
+name: Tests
+'on':
+  push:
+    branches:
+    - master
+  pull_request:
+    branches:
+    - master
+jobs:
+  test:
+    runs-on: ubuntu-20.04
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-3.2
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-4.2.haml-4
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-4.2.haml-5
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-5.1.haml-4
+        - ruby: 2.3.5
+          gemfile: Gemfile.rails-5.1.haml-5
+        - ruby: 2.7.2
+          gemfile: Gemfile.rails-5.1.haml-4
+        - ruby: 2.7.2
+          gemfile: Gemfile.rails-5.1.haml-5
+        - ruby: 2.7.2
+          gemfile: Gemfile.rails-6.1.haml-5
+        - ruby: 3.0.1
+          gemfile: Gemfile.rails-5.1.haml-4
+        - ruby: 3.0.1
+          gemfile: Gemfile.rails-5.1.haml-5
+        - ruby: 3.0.1
+          gemfile: Gemfile.rails-6.1.haml-5
+    env:
+      BUNDLE_GEMFILE: "${{ matrix.gemfile }}"
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: "${{ matrix.ruby }}"
+    - name: Bundle
+      run: |
+        gem install bundler:2.1.4
+        bundle install --no-deployment
+    - name: Run tests
+      run: bundle exec rspec

data/.rspec ADDED Viewed

	@@ -0,0 +1 @@
1	+ --require spec_helper

data/.ruby-version ADDED Viewed

	@@ -0,0 +1 @@
1	+ 2.7.2

data/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,72 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+This project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+## Unreleased
+### Compatible changes
+### Breaking changes
+## 0.4.0 2021-08-23
+### Compatible changes
+- Add compatibility with Rails 6
+- Add compatibility with Haml > 5.2
+- Add compatibility with Ruby 2.7 and Ruby 3
+## 0.3.1 2017-11-21
+### Compatible Changes
+- Add compatibility with Rails 5
+- Add compatibility with Haml 5
+## 0.3.0 2017-07-31
+### Breaking changes
+- Changed the way Angular XSS escapes double braces from ` { { ` to
+  `{{ $root.DOUBLE_LEFT_CURLY_BRACE }}`. This requires a change in the
+  application code. Check the [README](https://github.com/makandra/angular_xss/blob/master/README.md#installation)
+  for details.
+## 0.2.3 2015-04-17
+### Compatible changes
+- Fix a bug where an unexpected nil value would cause problems
+## 0.2.2 2015-04-17
+### Compatible changes
+- Support Rails 4.2
+## 0.2.1 2015-04-13
+### Compatible changes
+- Fix escaping of precompiled attributes in Haml templates
+## 0.2.0 2015-04-13
+### Compatible changes
+- Add option to disable escaping temporarily via `AngularXss.disable do ... end`
+## 0.1.1 2014-01-04
+### Compatible changes
+- Require Haml >= 3.1.5 (lower Hamls don't escape element attribute values)
+## 0.1.0 2014-01-03
+### Compatible changes
+- First version.

data/Gemfile ADDED Viewed

	@@ -0,0 +1 @@
1	+ ./Gemfile.rails-5.1.haml-5

data/Gemfile.lock ADDED Viewed

	@@ -0,0 +1 @@
1	+ ./Gemfile.rails-5.1.haml-5.lock

data/Gemfile.rails-3.2 ADDED Viewed

@@ -0,0 +1,9 @@
+source 'http://rubygems.org'
+gem 'railties', '~>3.2'
+gem 'actionpack', '~>3.2'
+gem 'rspec'
+gem 'haml', '=4.0.2'
+gem 'angular_xss', :path => '.'
+gem 'gemika'
+gem 'rake'

data/Gemfile.rails-3.2.lock ADDED Viewed

@@ -0,0 +1,91 @@
+PATH
+  remote: .
+  specs:
+    angular_xss (0.4.0)
+      activesupport
+      haml (>= 3.1.5)
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (3.2.22.5)
+      activemodel (= 3.2.22.5)
+      activesupport (= 3.2.22.5)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      journey (~> 1.0.4)
+      rack (~> 1.4.5)
+      rack-cache (~> 1.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.2.1)
+    activemodel (3.2.22.5)
+      activesupport (= 3.2.22.5)
+      builder (~> 3.0.0)
+    activesupport (3.2.22.5)
+      i18n (~> 0.6, >= 0.6.4)
+      multi_json (~> 1.0)
+    builder (3.0.4)
+    concurrent-ruby (1.0.5)
+    diff-lcs (1.3)
+    erubis (2.7.0)
+    gemika (0.6.1)
+    haml (4.0.2)
+      tilt
+    hike (1.2.3)
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
+    journey (1.0.4)
+    json (1.8.6)
+    multi_json (1.12.2)
+    rack (1.4.7)
+    rack-cache (1.7.1)
+      rack (>= 0.4)
+    rack-ssl (1.3.4)
+      rack
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    railties (3.2.22.5)
+      actionpack (= 3.2.22.5)
+      activesupport (= 3.2.22.5)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (>= 0.14.6, < 2.0)
+    rake (12.3.0)
+    rdoc (3.12.2)
+      json (~> 1.4)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    sprockets (2.2.3)
+      hike (~> 1.2)
+      multi_json (~> 1.0)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    thor (0.20.0)
+    tilt (1.4.1)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  actionpack (~> 3.2)
+  angular_xss!
+  gemika
+  haml (= 4.0.2)
+  railties (~> 3.2)
+  rake
+  rspec
+BUNDLED WITH
+   1.17.3

data/Gemfile.rails-4.2.haml-4 ADDED Viewed

@@ -0,0 +1,8 @@
+source 'http://rubygems.org'
+gem 'actionpack', '~>4.2'
+gem 'rspec'
+gem 'haml', '<5'
+gem 'angular_xss', :path => '.'
+gem 'gemika'
+gem 'rake'

data/Gemfile.rails-4.2.haml-4.lock ADDED Viewed

@@ -0,0 +1,88 @@
+PATH
+  remote: .
+  specs:
+    angular_xss (0.4.0)
+      activesupport
+      haml (>= 3.1.5)
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (4.2.10)
+      actionview (= 4.2.10)
+      activesupport (= 4.2.10)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (4.2.10)
+      activesupport (= 4.2.10)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activesupport (4.2.10)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
+    diff-lcs (1.3)
+    erubis (2.7.0)
+    gemika (0.6.1)
+    haml (4.0.7)
+      tilt
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    rack (1.6.8)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.8)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    rake (12.3.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    thread_safe (0.3.6)
+    tilt (2.0.8)
+    tzinfo (1.2.4)
+      thread_safe (~> 0.1)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  actionpack (~> 4.2)
+  angular_xss!
+  gemika
+  haml (< 5)
+  rake
+  rspec
+BUNDLED WITH
+   1.17.3

data/Gemfile.rails-4.2.haml-5 ADDED Viewed

@@ -0,0 +1,8 @@
+source 'http://rubygems.org'
+gem 'actionpack', '~>4.2'
+gem 'rspec'
+gem 'haml', '~> 5'
+gem 'angular_xss', :path => '.'
+gem 'gemika'
+gem 'rake'

data/Gemfile.rails-4.2.haml-5.lock ADDED Viewed

@@ -0,0 +1,90 @@
+PATH
+  remote: .
+  specs:
+    angular_xss (0.4.0)
+      activesupport
+      haml (>= 3.1.5)
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (4.2.10)
+      actionview (= 4.2.10)
+      activesupport (= 4.2.10)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (4.2.10)
+      activesupport (= 4.2.10)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activesupport (4.2.10)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
+    diff-lcs (1.3)
+    erubis (2.7.0)
+    gemika (0.6.1)
+    haml (5.0.4)
+      temple (>= 0.8.0)
+      tilt
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    rack (1.6.8)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.8)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    rake (12.3.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    temple (0.8.0)
+    thread_safe (0.3.6)
+    tilt (2.0.8)
+    tzinfo (1.2.4)
+      thread_safe (~> 0.1)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  actionpack (~> 4.2)
+  angular_xss!
+  gemika
+  haml (~> 5)
+  rake
+  rspec
+BUNDLED WITH
+   1.17.3