berns 3.1.6 → 3.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 35456041201304fa20aa55c6c0ee8b056fed532cca353b7a7c8229347e9e85e9
-  data.tar.gz: b8f585c668d24887a5f483654ad4a377a4e5b9274f790a1889b8f3afe0b827cb
+  metadata.gz: 8befdd27a627569fd4d81d583c107e97af40e9b8f29423c4178fffa1decb92e9
+  data.tar.gz: e268d19c3fafd596d310fefddcda6e9ca2393f06f668d52c3d92a7d748e41c77
 SHA512:
-  metadata.gz: 941492438079fc0fa16d906f5164eb1389fd79836dfff72ecae0fdff5983625980269312bf267128ef9118ee17cf53f5e3543b62498b471480f0d7cdb4d4810d
-  data.tar.gz: c9296d7ed90bb530ccc47c7b1f6dcee704e7212c4d824d7d536e87e941256bd413db77379a146c93afa3bcafab18965e327c3f1331c16d6a46374afc3e46a7b2
+  metadata.gz: d14dbff87be26716aa466fab088ac036e25e27e72fd2893c4fb67f02422560c88d8bd2d15c08b176c6c9b4fa706ed3a4098edcfe54af273a43eef5cacd295142
+  data.tar.gz: 34c7b95ee33095ea4e8712e280ad90cfe7d79d983996c72c0c245bb63ee9c10c28150a8bfbc3da0f56236ec5ac7df35f61a11f1f4a5e5f0255c167896e4bae5c

data/LICENSE.txt

@@ -1,21 +1,20 @@
 The MIT License (MIT)
 
-Copyright (c) 2018 Taylor Beck
+Copyright © 2021 Taylor Beck and Evan Lecklider
 
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the “Software”), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
 
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.org

@@ -91,6 +91,10 @@ The =sanitize= method strips HTML tags from strings.
 Berns.sanitize('This <span>should be clean</span>') # => 'This should be clean'
 #+end_src
 
+Note that this is an extremely naive implementation of HTML sanitization that
+literally just looks for "<" and ">" characters and removes the contents between
+them. This should probably only be used on trusted strings.
+
 *** Standard and void elements
 
 All standard and void HTML elements are defined as methods on Berns, so you can
@@ -114,3 +118,8 @@ Berns.
 #+begin_example
 area base br col embed hr img input link menuitem meta param source track wbr
 #+end_example
+
+** Trivia
+
+The name "Berns" is taken from the name of [[https://en.wikipedia.org/wiki/HTML#Development][the inventor of HTML]], [[https://en.wikipedia.org/wiki/Tim_Berners-Lee][Sir Tim
+Berners-Lee]].

data/ext/berns/berns.c

@@ -49,9 +49,8 @@ static const size_t sllen = 1;
   static VALUE external_##element_name##_element(int argc, VALUE *argv, RB_UNUSED_VAR(VALUE self)) { \
     rb_check_arity(argc, 0, 1); \
     \
-    VALUE attrs = argv[0]; \
     const char *tag = #element_name; \
-    char *string = void_element(tag, strlen(tag), attrs); \
+    char *string = void_element(tag, strlen(tag), argv[0]); \
     VALUE rstring = rb_utf8_str_new_cstr(string); \
     free(string); \
     \
@@ -65,10 +64,9 @@ static const size_t sllen = 1;
   static VALUE external_##element_name##_element(int argc, VALUE *argv, RB_UNUSED_VAR(VALUE self)) { \
     rb_check_arity(argc, 0, 1); \
     \
-    CONTENT_FROM_BLOCK; \
-    VALUE attrs = argv[0]; \
+    CONTENT_FROM_BLOCK \
     const char *tag = #element_name; \
-    char *string = element(tag, strlen(tag), RSTRING_PTR(content), RSTRING_LEN(content), attrs); \
+    char *string = element(tag, strlen(tag), RSTRING_PTR(content), RSTRING_LEN(content), argv[0]); \
     VALUE rstring = rb_utf8_str_new_cstr(string); \
     free(string); \
     \
@@ -95,13 +93,65 @@ static char * stecpy(char *destination, const char *source, const char *end) {
   return destination;
 }
 
+/*
+ * The external API for Berns.sanitize
+ *
+ *   string should be a string or nil, anything else will raise an error.
+ *
+ */
+static VALUE external_sanitize(RB_UNUSED_VAR(VALUE self), VALUE string) {
+  if (TYPE(string) == T_NIL) {
+    return Qnil;
+  }
+
+  StringValue(string);
+
+  size_t slen = RSTRING_LEN(string);
+  char *str = RSTRING_PTR(string);
+
+  char dest[slen + 1];
+
+  unsigned int index = 0;
+  unsigned int open = 0;
+  unsigned int modified = 0;
+  unsigned int entity = 0;
+
+  for (unsigned int i = 0; i < slen; i++) {
+    if (str[i] == '<') {
+      open = 1;
+      modified = 1;
+    } else if (str[i] == '>') {
+      open = 0;
+    } else if (str[i] == '&') {
+      entity = 1;
+      modified = 1;
+    } else if (str[i] == ';') {
+      entity = 0;
+    } else if (!open && !entity) {
+      dest[index++] = str[i];
+    }
+  }
+
+  dest[index] = '\0';
+
+  /*
+   * If the string was never modified, return the original string, otherwise
+   * create a new string from our destination buffer.
+   */
+  if (modified) {
+    return rb_utf8_str_new_cstr(dest);
+  } else {
+    return string;
+  }
+}
+
 /*
  * The external API for Berns.escape_html.
  *
  *   string should be a string, anything else will raise an error.
  *
  */
-static VALUE external_escape_html(const VALUE self, VALUE string) {
+static VALUE external_escape_html(RB_UNUSED_VAR(VALUE self), VALUE string) {
   StringValue(string);
 
   uint8_t *dest = NULL;
@@ -528,7 +578,7 @@ static VALUE external_element(int argc, VALUE *arguments, RB_UNUSED_VAR(VALUE se
 
   StringValue(tag);
 
-  CONTENT_FROM_BLOCK;
+  CONTENT_FROM_BLOCK
 
   char *string = element(RSTRING_PTR(tag), RSTRING_LEN(tag), RSTRING_PTR(content), RSTRING_LEN(content), attributes);
   VALUE rstring = rb_utf8_str_new_cstr(string);
@@ -653,6 +703,7 @@ void Init_berns() {
 
   rb_define_singleton_method(Berns, "element", external_element, -1);
   rb_define_singleton_method(Berns, "escape_html", external_escape_html, 1);
+  rb_define_singleton_method(Berns, "sanitize", external_sanitize, 1);
   rb_define_singleton_method(Berns, "to_attribute", external_to_attribute, 2);
   rb_define_singleton_method(Berns, "to_attributes", external_to_attributes, 1);
   rb_define_singleton_method(Berns, "void", external_void_element, -1);

data/ext/berns/extconf.rb

@@ -9,6 +9,5 @@ append_cflags '-Wstrict-overflow'
 append_cflags '-flto'
 append_cflags '-fno-strict-aliasing'
 append_cflags '-msse4'
-append_cflags '-std=c99'
 
 create_makefile 'berns/berns'

data/lib/berns/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Berns
-  VERSION = '3.1.6'
+  VERSION = '3.3.1'
 end

data/lib/berns.rb

@@ -1,25 +1,3 @@
 # frozen_string_literal: true
 require 'berns/berns'
 require 'berns/version'
-
-module Berns # :nodoc:
-  class Error < StandardError; end
-
-  EMPTY = ''
-
-  # Regular expression for basic HTML tag sanitizing.
-  SANITIZE_REGEX = /<[^>]+>/.freeze
-
-  # Sanitize text input by stripping HTML tags.
-  #
-  # @example Sanitize some text, removing HTML elements.
-  #   sanitize('This <span>should be clean</span>') # => "This should be clean"
-  #
-  # @param text [String]
-  #   The string to sanitize.
-  # @return [nil, String]
-  #   nil unless a string was passed in, otherwise the sanitized string.
-  def self.sanitize(string)
-    string&.gsub(SANITIZE_REGEX, EMPTY)
-  end
-end

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: berns
 version: !ruby/object:Gem::Version
-  version: 3.1.6
+  version: 3.3.1
 platform: ruby
 authors:
 - Taylor Beck
 - Evan Lecklider
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-19 00:00:00.000000000 Z
+date: 2021-12-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: benchmark-ips
@@ -167,15 +167,16 @@ files:
 - ext/berns/hescape.c
 - ext/berns/hescape.h
 - lib/berns.rb
-- lib/berns/berns.so
+- lib/berns/berns.bundle
 - lib/berns/version.rb
 homepage: https://github.com/evanleck/berns
 licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/evanleck/berns/issues
+  rubygems_mfa_required: 'true'
   source_code_uri: https://github.com/evanleck/berns
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -188,10 +189,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.0'
 requirements: []
-rubygems_version: 3.2.15
-signing_key: 
+rubygems_version: 3.3.3
+signing_key:
 specification_version: 4
 summary: A utility library for generating HTML strings.
 test_files: []