antisamy 0.2.1 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.rdoc +13 -0
- data/LICENSE.txt +20 -20
- data/README.rdoc +41 -41
- data/lib/antisamy.rb +46 -46
- data/lib/antisamy/css/css_filter.rb +187 -187
- data/lib/antisamy/css/css_scanner.rb +84 -84
- data/lib/antisamy/css/css_validator.rb +128 -128
- data/lib/antisamy/csspool/rsac.rb +1 -1
- data/lib/antisamy/csspool/rsac/sac.rb +14 -14
- data/lib/antisamy/csspool/rsac/sac/conditions.rb +5 -5
- data/lib/antisamy/csspool/rsac/sac/conditions/attribute_condition.rb +50 -50
- data/lib/antisamy/csspool/rsac/sac/conditions/begin_hyphen_condition.rb +18 -18
- data/lib/antisamy/csspool/rsac/sac/conditions/class_condition.rb +18 -18
- data/lib/antisamy/csspool/rsac/sac/conditions/combinator_condition.rb +36 -36
- data/lib/antisamy/csspool/rsac/sac/conditions/condition.rb +29 -29
- data/lib/antisamy/csspool/rsac/sac/conditions/id_condition.rb +23 -23
- data/lib/antisamy/csspool/rsac/sac/conditions/one_of_condition.rb +18 -18
- data/lib/antisamy/csspool/rsac/sac/conditions/pseudo_class_condition.rb +20 -20
- data/lib/antisamy/csspool/rsac/sac/document_handler.rb +66 -66
- data/lib/antisamy/csspool/rsac/sac/error_handler.rb +13 -13
- data/lib/antisamy/csspool/rsac/sac/generated_parser.rb +1012 -1012
- data/lib/antisamy/csspool/rsac/sac/generated_property_parser.rb +9284 -9284
- data/lib/antisamy/csspool/rsac/sac/lexeme.rb +27 -27
- data/lib/antisamy/csspool/rsac/sac/lexical_unit.rb +201 -201
- data/lib/antisamy/csspool/rsac/sac/parse_exception.rb +4 -4
- data/lib/antisamy/csspool/rsac/sac/parser.rb +109 -109
- data/lib/antisamy/csspool/rsac/sac/property_parser.rb +44 -44
- data/lib/antisamy/csspool/rsac/sac/selectors.rb +5 -5
- data/lib/antisamy/csspool/rsac/sac/selectors/child_selector.rb +36 -36
- data/lib/antisamy/csspool/rsac/sac/selectors/conditional_selector.rb +45 -45
- data/lib/antisamy/csspool/rsac/sac/selectors/descendant_selector.rb +36 -36
- data/lib/antisamy/csspool/rsac/sac/selectors/element_selector.rb +35 -35
- data/lib/antisamy/csspool/rsac/sac/selectors/selector.rb +25 -25
- data/lib/antisamy/csspool/rsac/sac/selectors/sibling_selector.rb +35 -35
- data/lib/antisamy/csspool/rsac/sac/selectors/simple_selector.rb +21 -21
- data/lib/antisamy/csspool/rsac/sac/token.rb +25 -25
- data/lib/antisamy/csspool/rsac/sac/tokenizer.rb +185 -185
- data/lib/antisamy/csspool/rsac/stylesheet.rb +3 -3
- data/lib/antisamy/csspool/rsac/stylesheet/rule.rb +20 -20
- data/lib/antisamy/csspool/rsac/stylesheet/stylesheet.rb +76 -76
- data/lib/antisamy/html/handler.rb +112 -99
- data/lib/antisamy/html/sax_filter.rb +305 -302
- data/lib/antisamy/html/scanner.rb +47 -43
- data/lib/antisamy/model/attribute.rb +19 -19
- data/lib/antisamy/model/css_property.rb +39 -39
- data/lib/antisamy/model/tag.rb +31 -31
- data/lib/antisamy/policy.rb +577 -545
- data/lib/antisamy/scan_results.rb +89 -89
- data/spec/antisamy_spec.rb +208 -142
- data/spec/spec_helper.rb +12 -12
- metadata +79 -81
data/spec/spec_helper.rb
CHANGED
@@ -1,12 +1,12 @@
|
|
1
|
-
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
2
|
-
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
3
|
-
require 'rspec'
|
4
|
-
require 'antisamy'
|
5
|
-
|
6
|
-
# Requires supporting files with custom matchers and macros, etc,
|
7
|
-
# in ./support/ and its subdirectories.
|
8
|
-
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
|
9
|
-
|
10
|
-
RSpec.configure do |config|
|
11
|
-
|
12
|
-
end
|
1
|
+
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
2
|
+
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
3
|
+
require 'rspec'
|
4
|
+
require 'antisamy'
|
5
|
+
|
6
|
+
# Requires supporting files with custom matchers and macros, etc,
|
7
|
+
# in ./support/ and its subdirectories.
|
8
|
+
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
|
9
|
+
|
10
|
+
RSpec.configure do |config|
|
11
|
+
|
12
|
+
end
|
metadata
CHANGED
@@ -1,116 +1,116 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: antisamy
|
3
|
-
version: !ruby/object:Gem::Version
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.3.0
|
4
5
|
prerelease:
|
5
|
-
version: 0.2.1
|
6
6
|
platform: ruby
|
7
|
-
authors:
|
7
|
+
authors:
|
8
8
|
- Sal Scotto
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
dependencies:
|
16
|
-
- !ruby/object:Gem::Dependency
|
12
|
+
date: 2011-12-21 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
17
15
|
name: rspec
|
18
|
-
requirement: &
|
16
|
+
requirement: &23758128 !ruby/object:Gem::Requirement
|
19
17
|
none: false
|
20
|
-
requirements:
|
21
|
-
- -
|
22
|
-
- !ruby/object:Gem::Version
|
18
|
+
requirements:
|
19
|
+
- - ! '>='
|
20
|
+
- !ruby/object:Gem::Version
|
23
21
|
version: 2.3.0
|
24
22
|
type: :development
|
25
23
|
prerelease: false
|
26
|
-
version_requirements: *
|
27
|
-
- !ruby/object:Gem::Dependency
|
24
|
+
version_requirements: *23758128
|
25
|
+
- !ruby/object:Gem::Dependency
|
28
26
|
name: yard
|
29
|
-
requirement: &
|
27
|
+
requirement: &23757420 !ruby/object:Gem::Requirement
|
30
28
|
none: false
|
31
|
-
requirements:
|
29
|
+
requirements:
|
32
30
|
- - ~>
|
33
|
-
- !ruby/object:Gem::Version
|
31
|
+
- !ruby/object:Gem::Version
|
34
32
|
version: 0.6.0
|
35
33
|
type: :development
|
36
34
|
prerelease: false
|
37
|
-
version_requirements: *
|
38
|
-
- !ruby/object:Gem::Dependency
|
35
|
+
version_requirements: *23757420
|
36
|
+
- !ruby/object:Gem::Dependency
|
39
37
|
name: bundler
|
40
|
-
requirement: &
|
38
|
+
requirement: &23757036 !ruby/object:Gem::Requirement
|
41
39
|
none: false
|
42
|
-
requirements:
|
40
|
+
requirements:
|
43
41
|
- - ~>
|
44
|
-
- !ruby/object:Gem::Version
|
42
|
+
- !ruby/object:Gem::Version
|
45
43
|
version: 1.0.0
|
46
44
|
type: :development
|
47
45
|
prerelease: false
|
48
|
-
version_requirements: *
|
49
|
-
- !ruby/object:Gem::Dependency
|
46
|
+
version_requirements: *23757036
|
47
|
+
- !ruby/object:Gem::Dependency
|
50
48
|
name: jeweler
|
51
|
-
requirement: &
|
49
|
+
requirement: &23756388 !ruby/object:Gem::Requirement
|
52
50
|
none: false
|
53
|
-
requirements:
|
51
|
+
requirements:
|
54
52
|
- - ~>
|
55
|
-
- !ruby/object:Gem::Version
|
53
|
+
- !ruby/object:Gem::Version
|
56
54
|
version: 1.5.2
|
57
55
|
type: :development
|
58
56
|
prerelease: false
|
59
|
-
version_requirements: *
|
60
|
-
- !ruby/object:Gem::Dependency
|
57
|
+
version_requirements: *23756388
|
58
|
+
- !ruby/object:Gem::Dependency
|
61
59
|
name: rcov
|
62
|
-
requirement: &
|
60
|
+
requirement: &23755860 !ruby/object:Gem::Requirement
|
63
61
|
none: false
|
64
|
-
requirements:
|
65
|
-
- -
|
66
|
-
- !ruby/object:Gem::Version
|
67
|
-
version:
|
62
|
+
requirements:
|
63
|
+
- - ! '>='
|
64
|
+
- !ruby/object:Gem::Version
|
65
|
+
version: '0'
|
68
66
|
type: :development
|
69
67
|
prerelease: false
|
70
|
-
version_requirements: *
|
71
|
-
- !ruby/object:Gem::Dependency
|
68
|
+
version_requirements: *23755860
|
69
|
+
- !ruby/object:Gem::Dependency
|
72
70
|
name: nokogiri
|
73
|
-
requirement: &
|
71
|
+
requirement: &23755200 !ruby/object:Gem::Requirement
|
74
72
|
none: false
|
75
|
-
requirements:
|
76
|
-
- -
|
77
|
-
- !ruby/object:Gem::Version
|
78
|
-
version:
|
73
|
+
requirements:
|
74
|
+
- - ! '>='
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
79
77
|
type: :development
|
80
78
|
prerelease: false
|
81
|
-
version_requirements: *
|
82
|
-
- !ruby/object:Gem::Dependency
|
79
|
+
version_requirements: *23755200
|
80
|
+
- !ruby/object:Gem::Dependency
|
83
81
|
name: nokogiri
|
84
|
-
requirement: &
|
82
|
+
requirement: &23754468 !ruby/object:Gem::Requirement
|
85
83
|
none: false
|
86
|
-
requirements:
|
87
|
-
- -
|
88
|
-
- !ruby/object:Gem::Version
|
89
|
-
version:
|
84
|
+
requirements:
|
85
|
+
- - ! '>='
|
86
|
+
- !ruby/object:Gem::Version
|
87
|
+
version: '0'
|
90
88
|
type: :runtime
|
91
89
|
prerelease: false
|
92
|
-
version_requirements: *
|
93
|
-
- !ruby/object:Gem::Dependency
|
90
|
+
version_requirements: *23754468
|
91
|
+
- !ruby/object:Gem::Dependency
|
94
92
|
name: nokogiri
|
95
|
-
requirement: &
|
93
|
+
requirement: &23753832 !ruby/object:Gem::Requirement
|
96
94
|
none: false
|
97
|
-
requirements:
|
98
|
-
- -
|
99
|
-
- !ruby/object:Gem::Version
|
100
|
-
version:
|
95
|
+
requirements:
|
96
|
+
- - ! '>='
|
97
|
+
- !ruby/object:Gem::Version
|
98
|
+
version: '0'
|
101
99
|
type: :development
|
102
100
|
prerelease: false
|
103
|
-
version_requirements: *
|
104
|
-
description: "\n AntiSamy is a library to clean user-supplied HTML/CSS. This
|
101
|
+
version_requirements: *23753832
|
102
|
+
description: ! "\n AntiSamy is a library to clean user-supplied HTML/CSS. This
|
103
|
+
gem is a port of the anti-samy framework created for OWASP (http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project)\n
|
104
|
+
\ AntiSamy works by using a policy to removed any dangerous input you specify
|
105
|
+
from attributes to tags. This gem is built using nokogiri\n "
|
105
106
|
email: sal.scotto@gmail.com
|
106
107
|
executables: []
|
107
|
-
|
108
108
|
extensions: []
|
109
|
-
|
110
|
-
|
109
|
+
extra_rdoc_files:
|
110
|
+
- CHANGELOG.rdoc
|
111
111
|
- LICENSE.txt
|
112
112
|
- README.rdoc
|
113
|
-
files:
|
113
|
+
files:
|
114
114
|
- lib/antisamy.rb
|
115
115
|
- lib/antisamy/css/css_filter.rb
|
116
116
|
- lib/antisamy/css/css_scanner.rb
|
@@ -156,41 +156,39 @@ files:
|
|
156
156
|
- lib/antisamy/model/tag.rb
|
157
157
|
- lib/antisamy/policy.rb
|
158
158
|
- lib/antisamy/scan_results.rb
|
159
|
+
- CHANGELOG.rdoc
|
159
160
|
- LICENSE.txt
|
160
161
|
- README.rdoc
|
161
162
|
- spec/antisamy_spec.rb
|
162
163
|
- spec/spec_helper.rb
|
163
|
-
has_rdoc: true
|
164
164
|
homepage: http://github.com/washu/antisamy-ruby
|
165
|
-
licenses:
|
165
|
+
licenses:
|
166
166
|
- MIT
|
167
167
|
post_install_message:
|
168
168
|
rdoc_options: []
|
169
|
-
|
170
|
-
require_paths:
|
169
|
+
require_paths:
|
171
170
|
- lib
|
172
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
171
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
173
172
|
none: false
|
174
|
-
requirements:
|
175
|
-
- -
|
176
|
-
- !ruby/object:Gem::Version
|
177
|
-
|
178
|
-
segments:
|
173
|
+
requirements:
|
174
|
+
- - ! '>='
|
175
|
+
- !ruby/object:Gem::Version
|
176
|
+
version: '0'
|
177
|
+
segments:
|
179
178
|
- 0
|
180
|
-
|
181
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
179
|
+
hash: -447607437
|
180
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
182
181
|
none: false
|
183
|
-
requirements:
|
184
|
-
- -
|
185
|
-
- !ruby/object:Gem::Version
|
186
|
-
version:
|
182
|
+
requirements:
|
183
|
+
- - ! '>='
|
184
|
+
- !ruby/object:Gem::Version
|
185
|
+
version: '0'
|
187
186
|
requirements: []
|
188
|
-
|
189
187
|
rubyforge_project:
|
190
|
-
rubygems_version: 1.
|
188
|
+
rubygems_version: 1.8.12
|
191
189
|
signing_key:
|
192
190
|
specification_version: 3
|
193
191
|
summary: AntiSamy implmentation for Ruby.
|
194
|
-
test_files:
|
192
|
+
test_files:
|
195
193
|
- spec/antisamy_spec.rb
|
196
194
|
- spec/spec_helper.rb
|