angular_xss 0.3.0 → 0.3.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (92) hide show
  1. checksums.yaml +7 -0
  2. data/.rspec +1 -0
  3. data/.ruby-version +1 -0
  4. data/.travis.yml +20 -9
  5. data/Gemfile +1 -0
  6. data/Gemfile.lock +1 -0
  7. data/Rakefile +3 -66
  8. data/gemfiles/Gemfile.rails-3.2 +9 -0
  9. data/gemfiles/Gemfile.rails-3.2.lock +91 -0
  10. data/gemfiles/Gemfile.rails-4.2.haml-4 +8 -0
  11. data/gemfiles/Gemfile.rails-4.2.haml-4.lock +88 -0
  12. data/gemfiles/Gemfile.rails-4.2.haml-5 +8 -0
  13. data/gemfiles/Gemfile.rails-4.2.haml-5.lock +90 -0
  14. data/gemfiles/Gemfile.rails-5.1.haml-4 +8 -0
  15. data/gemfiles/Gemfile.rails-5.1.haml-4.lock +85 -0
  16. data/gemfiles/Gemfile.rails-5.1.haml-5 +8 -0
  17. data/gemfiles/Gemfile.rails-5.1.haml-5.lock +87 -0
  18. data/lib/angular_xss/action_view.rb +2 -1
  19. data/lib/angular_xss/erb.rb +2 -1
  20. data/lib/angular_xss/haml.rb +14 -10
  21. data/lib/angular_xss/safe_buffer.rb +4 -3
  22. data/lib/angular_xss/version.rb +1 -1
  23. data/spec/{shared/tests → angular_xss}/erb_spec.rb +1 -1
  24. data/spec/{shared/tests → angular_xss}/haml_spec.rb +1 -1
  25. data/spec/{shared/tests → angular_xss}/safe_buffer_spec.rb +0 -0
  26. data/spec/spec_helper.rb +37 -0
  27. data/spec/{shared/support → support}/engine_preventing_angular_xss.rb +10 -2
  28. data/spec/{shared/app_root/app/views/test → templates}/_test_erb.erb +0 -0
  29. data/spec/{shared/app_root/app/views/test → templates}/_test_haml.haml +5 -3
  30. metadata +76 -204
  31. data/spec/rails-2.3/Gemfile +0 -12
  32. data/spec/rails-2.3/Gemfile.lock +0 -62
  33. data/spec/rails-2.3/Rakefile +0 -11
  34. data/spec/rails-2.3/app_root/config/boot.rb +0 -129
  35. data/spec/rails-2.3/app_root/config/database.yml +0 -4
  36. data/spec/rails-2.3/app_root/config/environment.rb +0 -14
  37. data/spec/rails-2.3/app_root/config/environments/test.rb +0 -28
  38. data/spec/rails-2.3/app_root/config/preinitializer.rb +0 -20
  39. data/spec/rails-2.3/app_root/config/routes.rb +0 -4
  40. data/spec/rails-2.3/app_root/lib/console_with_fixtures.rb +0 -4
  41. data/spec/rails-2.3/app_root/log/.gitignore +0 -1
  42. data/spec/rails-2.3/app_root/script/console +0 -7
  43. data/spec/rails-2.3/rcov.opts +0 -2
  44. data/spec/rails-2.3/spec.opts +0 -4
  45. data/spec/rails-2.3/spec/spec_helper.rb +0 -20
  46. data/spec/rails-3.2/.rspec +0 -2
  47. data/spec/rails-3.2/Gemfile +0 -10
  48. data/spec/rails-3.2/Gemfile.lock +0 -129
  49. data/spec/rails-3.2/Rakefile +0 -10
  50. data/spec/rails-3.2/app_root/.gitignore +0 -4
  51. data/spec/rails-3.2/app_root/config/application.rb +0 -32
  52. data/spec/rails-3.2/app_root/config/boot.rb +0 -13
  53. data/spec/rails-3.2/app_root/config/database.yml +0 -4
  54. data/spec/rails-3.2/app_root/config/environment.rb +0 -5
  55. data/spec/rails-3.2/app_root/config/environments/test.rb +0 -35
  56. data/spec/rails-3.2/app_root/config/initializers/backtrace_silencers.rb +0 -7
  57. data/spec/rails-3.2/app_root/config/initializers/inflections.rb +0 -10
  58. data/spec/rails-3.2/app_root/config/initializers/mime_types.rb +0 -5
  59. data/spec/rails-3.2/app_root/config/initializers/secret_token.rb +0 -7
  60. data/spec/rails-3.2/app_root/config/initializers/session_store.rb +0 -8
  61. data/spec/rails-3.2/app_root/config/routes.rb +0 -58
  62. data/spec/rails-3.2/app_root/lib/tasks/.gitkeep +0 -0
  63. data/spec/rails-3.2/app_root/log/.gitkeep +0 -0
  64. data/spec/rails-3.2/app_root/script/rails +0 -6
  65. data/spec/rails-3.2/rcov.opts +0 -2
  66. data/spec/rails-3.2/spec/spec_helper.rb +0 -20
  67. data/spec/rails-4.2/.rspec +0 -2
  68. data/spec/rails-4.2/Gemfile +0 -10
  69. data/spec/rails-4.2/Gemfile.lock +0 -157
  70. data/spec/rails-4.2/Rakefile +0 -10
  71. data/spec/rails-4.2/app_root/.gitignore +0 -4
  72. data/spec/rails-4.2/app_root/config/application.rb +0 -34
  73. data/spec/rails-4.2/app_root/config/boot.rb +0 -13
  74. data/spec/rails-4.2/app_root/config/database.yml +0 -4
  75. data/spec/rails-4.2/app_root/config/environment.rb +0 -5
  76. data/spec/rails-4.2/app_root/config/environments/test.rb +0 -35
  77. data/spec/rails-4.2/app_root/config/initializers/backtrace_silencers.rb +0 -7
  78. data/spec/rails-4.2/app_root/config/initializers/inflections.rb +0 -10
  79. data/spec/rails-4.2/app_root/config/initializers/mime_types.rb +0 -5
  80. data/spec/rails-4.2/app_root/config/initializers/secret_token.rb +0 -7
  81. data/spec/rails-4.2/app_root/config/initializers/session_store.rb +0 -8
  82. data/spec/rails-4.2/app_root/config/routes.rb +0 -3
  83. data/spec/rails-4.2/app_root/lib/tasks/.gitkeep +0 -0
  84. data/spec/rails-4.2/app_root/log/.gitkeep +0 -0
  85. data/spec/rails-4.2/app_root/script/rails +0 -6
  86. data/spec/rails-4.2/rcov.opts +0 -2
  87. data/spec/rails-4.2/spec/spec_helper.rb +0 -27
  88. data/spec/shared/app_root/app/controllers/application_controller.rb +0 -2
  89. data/spec/shared/app_root/app/helpers/application_helper.rb +0 -3
  90. data/spec/shared/app_root/app/models/.gitkeep +0 -0
  91. data/spec/shared/app_root/config/database.yml +0 -4
  92. data/spec/shared/app_root/db/migrate/.gitkeep +0 -0
@@ -1,10 +0,0 @@
1
- require 'rake'
2
- require 'rspec/core/rake_task'
3
-
4
- desc 'Default: Run all specs for a specific rails version.'
5
- task :default => :spec
6
-
7
- desc "Run all specs for a specific rails version"
8
- RSpec::Core::RakeTask.new(:spec) do |t|
9
- t.pattern = defined?(SPEC) ? SPEC : ['**/*_spec.rb', '../shared/**/*_spec.rb']
10
- end
@@ -1,4 +0,0 @@
1
- .bundle
2
- db/*.sqlite3
3
- log/*.log
4
- tmp/**/*
@@ -1,32 +0,0 @@
1
- require File.expand_path('../boot', __FILE__)
2
-
3
- require 'rails/all'
4
-
5
- # If you have a Gemfile, require the gems listed there, including any gems
6
- # you've limited to :test, :development, or :production.
7
- Bundler.require(:default, Rails.env) if defined?(Bundler)
8
-
9
-
10
- module SpecApp
11
- class Application < Rails::Application
12
- config.encoding = "utf-8"
13
-
14
- config.cache_classes = true
15
- config.whiny_nils = true
16
-
17
- config.consider_all_requests_local = true
18
- config.action_controller.perform_caching = false
19
-
20
- config.action_dispatch.show_exceptions = false
21
-
22
- config.action_controller.allow_forgery_protection = false
23
-
24
- config.action_mailer.delivery_method = :test
25
-
26
- config.active_support.deprecation = :stderr
27
-
28
- config.root = File.expand_path('../..', __FILE__)
29
-
30
- # railties.plugins << Rails::Plugin.new(File.expand_path('../../../../..', __FILE__))
31
- end
32
- end
@@ -1,13 +0,0 @@
1
- require 'rubygems'
2
-
3
- # Set up gems listed in the Gemfile.
4
- gemfile = File.expand_path('../../Gemfile', __FILE__)
5
- begin
6
- ENV['BUNDLE_GEMFILE'] = gemfile
7
- require 'bundler'
8
- Bundler.setup
9
- rescue Bundler::GemNotFound => e
10
- STDERR.puts e.message
11
- STDERR.puts "Try running `bundle install`."
12
- exit!
13
- end if File.exist?(gemfile)
@@ -1,4 +0,0 @@
1
- test:
2
- adapter: sqlite3
3
- database: ":memory:"
4
- verbosity: quiet
@@ -1,5 +0,0 @@
1
- # Load the rails application
2
- require File.expand_path('../application', __FILE__)
3
-
4
- # Initialize the rails application
5
- SpecApp::Application.initialize!
@@ -1,35 +0,0 @@
1
- SpecApp::Application.configure do
2
- # Settings specified here will take precedence over those in config/application.rb
3
-
4
- # The test environment is used exclusively to run your application's
5
- # test suite. You never need to work with it otherwise. Remember that
6
- # your test database is "scratch space" for the test suite and is wiped
7
- # and recreated between test runs. Don't rely on the data there!
8
- config.cache_classes = true
9
-
10
- # Log error messages when you accidentally call methods on nil.
11
- config.whiny_nils = true
12
-
13
- # Show full error reports and disable caching
14
- config.consider_all_requests_local = true
15
- config.action_controller.perform_caching = false
16
-
17
- # Raise exceptions instead of rendering exception templates
18
- config.action_dispatch.show_exceptions = false
19
-
20
- # Disable request forgery protection in test environment
21
- config.action_controller.allow_forgery_protection = false
22
-
23
- # Tell Action Mailer not to deliver emails to the real world.
24
- # The :test delivery method accumulates sent emails in the
25
- # ActionMailer::Base.deliveries array.
26
- config.action_mailer.delivery_method = :test
27
-
28
- # Use SQL instead of Active Record's schema dumper when creating the test database.
29
- # This is necessary if your schema can't be completely dumped by the schema dumper,
30
- # like if you have constraints or database-specific column types
31
- # config.active_record.schema_format = :sql
32
-
33
- # Print deprecation notices to the stderr
34
- config.active_support.deprecation = :stderr
35
- end
@@ -1,7 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
4
- # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
5
-
6
- # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
7
- # Rails.backtrace_cleaner.remove_silencers!
@@ -1,10 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- # Add new inflection rules using the following format
4
- # (all these examples are active by default):
5
- # ActiveSupport::Inflector.inflections do |inflect|
6
- # inflect.plural /^(ox)$/i, '\1en'
7
- # inflect.singular /^(ox)en/i, '\1'
8
- # inflect.irregular 'person', 'people'
9
- # inflect.uncountable %w( fish sheep )
10
- # end
@@ -1,5 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- # Add new mime types for use in respond_to blocks:
4
- # Mime::Type.register "text/richtext", :rtf
5
- # Mime::Type.register_alias "text/html", :iphone
@@ -1,7 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- # Your secret key for verifying the integrity of signed cookies.
4
- # If you change this key, all old signed cookies will become invalid!
5
- # Make sure the secret is at least 30 characters and all random,
6
- # no regular words or you'll be exposed to dictionary attacks.
7
- SpecApp::Application.config.secret_token = 'cb014a08a45243e7143f31e04774c342c1fba329fd594ae1a480d8283b1a851f425dc08044311fb4be6d000b6e6681de7c76d19148419a5ffa0a9f84556d3b33'
@@ -1,8 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- SpecApp::Application.config.session_store :cookie_store, :key => '_app_root_session'
4
-
5
- # Use the database for sessions instead of the cookie-based default,
6
- # which shouldn't be used to store highly confidential information
7
- # (create the session table with "rails generate session_migration")
8
- # SpecApp::Application.config.session_store :active_record_store
@@ -1,58 +0,0 @@
1
- SpecApp::Application.routes.draw do
2
- # The priority is based upon order of creation:
3
- # first created -> highest priority.
4
-
5
- # Sample of regular route:
6
- # match 'products/:id' => 'catalog#view'
7
- # Keep in mind you can assign values other than :controller and :action
8
-
9
- # Sample of named route:
10
- # match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
11
- # This route can be invoked with purchase_url(:id => product.id)
12
-
13
- # Sample resource route (maps HTTP verbs to controller actions automatically):
14
- # resources :products
15
-
16
- # Sample resource route with options:
17
- # resources :products do
18
- # member do
19
- # get 'short'
20
- # post 'toggle'
21
- # end
22
- #
23
- # collection do
24
- # get 'sold'
25
- # end
26
- # end
27
-
28
- # Sample resource route with sub-resources:
29
- # resources :products do
30
- # resources :comments, :sales
31
- # resource :seller
32
- # end
33
-
34
- # Sample resource route with more complex sub-resources
35
- # resources :products do
36
- # resources :comments
37
- # resources :sales do
38
- # get 'recent', :on => :collection
39
- # end
40
- # end
41
-
42
- # Sample resource route within a namespace:
43
- # namespace :admin do
44
- # # Directs /admin/products/* to Admin::ProductsController
45
- # # (app/controllers/admin/products_controller.rb)
46
- # resources :products
47
- # end
48
-
49
- # You can have the root of your site routed with "root"
50
- # just remember to delete public/index.html.
51
- # root :to => "welcome#index"
52
-
53
- # See how all your routes lay out with "rake routes"
54
-
55
- # This is a legacy wild controller route that's not recommended for RESTful applications.
56
- # Note: This route will make all actions in every controller accessible via GET requests.
57
- match ':controller(/:action(/:id(.:format)))'
58
- end
File without changes
@@ -1,6 +0,0 @@
1
- #!/usr/bin/env ruby1.8
2
- # This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
3
-
4
- APP_PATH = File.expand_path('../../config/application', __FILE__)
5
- require File.expand_path('../../config/boot', __FILE__)
6
- require 'rails/commands'
@@ -1,2 +0,0 @@
1
- --exclude "spec/*,gems/*"
2
- --rails
@@ -1,20 +0,0 @@
1
- $: << File.join(File.dirname(__FILE__), "/../../lib" )
2
-
3
- ENV['RAILS_ENV'] = 'test'
4
- ENV['RAILS_ROOT'] = 'app_root'
5
-
6
- # Load the Rails environment and testing framework
7
- require "#{File.dirname(__FILE__)}/../app_root/config/environment"
8
- require 'rspec/rails'
9
- Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
10
- require 'rspec_candy/all'
11
-
12
- # Run the migrations
13
- print "\033[30m" # dark gray text
14
- ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate")
15
- print "\033[0m"
16
-
17
- RSpec.configure do |config|
18
- config.use_transactional_fixtures = true
19
- config.use_instantiated_fixtures = false
20
- end
@@ -1,2 +0,0 @@
1
- --colour
2
- --format progress
@@ -1,10 +0,0 @@
1
- source 'http://rubygems.org'
2
-
3
- gem 'sqlite3'
4
- gem 'rails', '~>4.2'
5
- gem 'rspec'
6
- gem 'rspec-rails'
7
- gem 'rspec_candy'
8
- gem 'haml'
9
- gem 'haml-rails'
10
- gem 'angular_xss', :path => '../..'
@@ -1,157 +0,0 @@
1
- PATH
2
- remote: ../..
3
- specs:
4
- angular_xss (0.3.0)
5
- activesupport
6
- haml (>= 3.1.5)
7
-
8
- GEM
9
- remote: http://rubygems.org/
10
- specs:
11
- actionmailer (4.2.1)
12
- actionpack (= 4.2.1)
13
- actionview (= 4.2.1)
14
- activejob (= 4.2.1)
15
- mail (~> 2.5, >= 2.5.4)
16
- rails-dom-testing (~> 1.0, >= 1.0.5)
17
- actionpack (4.2.1)
18
- actionview (= 4.2.1)
19
- activesupport (= 4.2.1)
20
- rack (~> 1.6)
21
- rack-test (~> 0.6.2)
22
- rails-dom-testing (~> 1.0, >= 1.0.5)
23
- rails-html-sanitizer (~> 1.0, >= 1.0.1)
24
- actionview (4.2.1)
25
- activesupport (= 4.2.1)
26
- builder (~> 3.1)
27
- erubis (~> 2.7.0)
28
- rails-dom-testing (~> 1.0, >= 1.0.5)
29
- rails-html-sanitizer (~> 1.0, >= 1.0.1)
30
- activejob (4.2.1)
31
- activesupport (= 4.2.1)
32
- globalid (>= 0.3.0)
33
- activemodel (4.2.1)
34
- activesupport (= 4.2.1)
35
- builder (~> 3.1)
36
- activerecord (4.2.1)
37
- activemodel (= 4.2.1)
38
- activesupport (= 4.2.1)
39
- arel (~> 6.0)
40
- activesupport (4.2.1)
41
- i18n (~> 0.7)
42
- json (~> 1.7, >= 1.7.7)
43
- minitest (~> 5.1)
44
- thread_safe (~> 0.3, >= 0.3.4)
45
- tzinfo (~> 1.1)
46
- arel (6.0.0)
47
- builder (3.2.2)
48
- diff-lcs (1.2.5)
49
- erubis (2.7.0)
50
- globalid (0.3.5)
51
- activesupport (>= 4.1.0)
52
- haml (4.0.6)
53
- tilt
54
- haml-rails (0.9.0)
55
- actionpack (>= 4.0.1)
56
- activesupport (>= 4.0.1)
57
- haml (>= 4.0.6, < 5.0)
58
- html2haml (>= 1.0.1)
59
- railties (>= 4.0.1)
60
- html2haml (2.0.0)
61
- erubis (~> 2.7.0)
62
- haml (~> 4.0.0)
63
- nokogiri (~> 1.6.0)
64
- ruby_parser (~> 3.5)
65
- i18n (0.7.0)
66
- json (1.8.2)
67
- loofah (2.0.1)
68
- nokogiri (>= 1.5.9)
69
- mail (2.6.3)
70
- mime-types (>= 1.16, < 3)
71
- mime-types (2.4.3)
72
- mini_portile (0.6.2)
73
- minitest (5.6.0)
74
- nokogiri (1.6.6.2)
75
- mini_portile (~> 0.6.0)
76
- rack (1.6.0)
77
- rack-test (0.6.3)
78
- rack (>= 1.0)
79
- rails (4.2.1)
80
- actionmailer (= 4.2.1)
81
- actionpack (= 4.2.1)
82
- actionview (= 4.2.1)
83
- activejob (= 4.2.1)
84
- activemodel (= 4.2.1)
85
- activerecord (= 4.2.1)
86
- activesupport (= 4.2.1)
87
- bundler (>= 1.3.0, < 2.0)
88
- railties (= 4.2.1)
89
- sprockets-rails
90
- rails-deprecated_sanitizer (1.0.3)
91
- activesupport (>= 4.2.0.alpha)
92
- rails-dom-testing (1.0.6)
93
- activesupport (>= 4.2.0.beta, < 5.0)
94
- nokogiri (~> 1.6.0)
95
- rails-deprecated_sanitizer (>= 1.0.1)
96
- rails-html-sanitizer (1.0.2)
97
- loofah (~> 2.0)
98
- railties (4.2.1)
99
- actionpack (= 4.2.1)
100
- activesupport (= 4.2.1)
101
- rake (>= 0.8.7)
102
- thor (>= 0.18.1, < 2.0)
103
- rake (10.4.2)
104
- rspec (3.2.0)
105
- rspec-core (~> 3.2.0)
106
- rspec-expectations (~> 3.2.0)
107
- rspec-mocks (~> 3.2.0)
108
- rspec-core (3.2.3)
109
- rspec-support (~> 3.2.0)
110
- rspec-expectations (3.2.1)
111
- diff-lcs (>= 1.2.0, < 2.0)
112
- rspec-support (~> 3.2.0)
113
- rspec-mocks (3.2.1)
114
- diff-lcs (>= 1.2.0, < 2.0)
115
- rspec-support (~> 3.2.0)
116
- rspec-rails (3.2.1)
117
- actionpack (>= 3.0, < 4.3)
118
- activesupport (>= 3.0, < 4.3)
119
- railties (>= 3.0, < 4.3)
120
- rspec-core (~> 3.2.0)
121
- rspec-expectations (~> 3.2.0)
122
- rspec-mocks (~> 3.2.0)
123
- rspec-support (~> 3.2.0)
124
- rspec-support (3.2.2)
125
- rspec_candy (0.4.0)
126
- rspec
127
- sneaky-save
128
- ruby_parser (3.6.6)
129
- sexp_processor (~> 4.1)
130
- sexp_processor (4.5.0)
131
- sneaky-save (0.1.0)
132
- activerecord (>= 3.2.0)
133
- sprockets (3.0.1)
134
- rack (~> 1.0)
135
- sprockets-rails (2.2.4)
136
- actionpack (>= 3.0)
137
- activesupport (>= 3.0)
138
- sprockets (>= 2.8, < 4.0)
139
- sqlite3 (1.3.10)
140
- thor (0.19.1)
141
- thread_safe (0.3.5)
142
- tilt (2.0.1)
143
- tzinfo (1.2.2)
144
- thread_safe (~> 0.1)
145
-
146
- PLATFORMS
147
- ruby
148
-
149
- DEPENDENCIES
150
- angular_xss!
151
- haml
152
- haml-rails
153
- rails (~> 4.2)
154
- rspec
155
- rspec-rails
156
- rspec_candy
157
- sqlite3
@@ -1,10 +0,0 @@
1
- require 'rake'
2
- require 'rspec/core/rake_task'
3
-
4
- desc 'Default: Run all specs for a specific rails version.'
5
- task :default => :spec
6
-
7
- desc "Run all specs for a specific rails version"
8
- RSpec::Core::RakeTask.new(:spec) do |t|
9
- t.pattern = defined?(SPEC) ? SPEC : ['**/*_spec.rb', '../shared/**/*_spec.rb']
10
- end
@@ -1,4 +0,0 @@
1
- .bundle
2
- db/*.sqlite3
3
- log/*.log
4
- tmp/**/*