RubyGems - better_html - Versions diffs - 1.0.1 → 1.0.2 - Mend

better_html 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

checksums.yaml +4 -4
data/lib/better_html/ast/iterator.rb +3 -3
data/lib/better_html/ast/node.rb +6 -2
data/lib/better_html/errors.rb +2 -11
data/lib/better_html/test_helper/ruby_node.rb +103 -0
data/lib/better_html/test_helper/safe_erb/allowed_script_type.rb +29 -0
data/lib/better_html/test_helper/safe_erb/base.rb +56 -0
data/lib/better_html/test_helper/safe_erb/no_javascript_tag_helper.rb +34 -0
data/lib/better_html/test_helper/safe_erb/no_statements.rb +40 -0
data/lib/better_html/test_helper/safe_erb/script_interpolation.rb +65 -0
data/lib/better_html/test_helper/safe_erb/tag_interpolation.rb +163 -0
data/lib/better_html/test_helper/safe_erb_tester.rb +32 -285
data/lib/better_html/tokenizer/location.rb +1 -1
data/lib/better_html/version.rb +1 -1
data/test/better_html/errors_test.rb +13 -0
data/test/better_html/test_helper/ruby_node_test.rb +288 -0
data/test/better_html/test_helper/safe_erb/allowed_script_type_test.rb +45 -0
data/test/better_html/test_helper/safe_erb/no_javascript_tag_helper_test.rb +37 -0
data/test/better_html/test_helper/safe_erb/no_statements_test.rb +128 -0
data/test/better_html/test_helper/safe_erb/script_interpolation_test.rb +149 -0
data/test/better_html/test_helper/safe_erb/tag_interpolation_test.rb +295 -0
data/test/test_helper.rb +1 -0
metadata +23 -7
data/lib/better_html/test_helper/ruby_expr.rb +0 -117
data/test/better_html/test_helper/ruby_expr_test.rb +0 -283
data/test/better_html/test_helper/safe_erb_tester_test.rb +0 -450

data/test/test_helper.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 require "active_support"
 require "minitest/autorun"
 require 'better_html'
+require 'better_html/parser'
 # Filter out Minitest backtrace while allowing backtrace from other libraries
 # to be shown.

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: better_html
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - Francois Chagnon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-01-10 00:00:00.000000000 Z
+date: 2018-01-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ast
@@ -146,7 +146,13 @@ files:
 - lib/better_html/html_attributes.rb
 - lib/better_html/parser.rb
 - lib/better_html/railtie.rb
-- lib/better_html/test_helper/ruby_expr.rb
+- lib/better_html/test_helper/ruby_node.rb
+- lib/better_html/test_helper/safe_erb/allowed_script_type.rb
+- lib/better_html/test_helper/safe_erb/base.rb
+- lib/better_html/test_helper/safe_erb/no_javascript_tag_helper.rb
+- lib/better_html/test_helper/safe_erb/no_statements.rb
+- lib/better_html/test_helper/safe_erb/script_interpolation.rb
+- lib/better_html/test_helper/safe_erb/tag_interpolation.rb
 - lib/better_html/test_helper/safe_erb_tester.rb
 - lib/better_html/test_helper/safe_lodash_tester.rb
 - lib/better_html/test_helper/safety_error.rb
@@ -163,10 +169,15 @@ files:
 - lib/better_html/version.rb
 - lib/tasks/better_html_tasks.rake
 - test/better_html/better_erb/implementation_test.rb
+- test/better_html/errors_test.rb
 - test/better_html/helpers_test.rb
 - test/better_html/parser_test.rb
-- test/better_html/test_helper/ruby_expr_test.rb
-- test/better_html/test_helper/safe_erb_tester_test.rb
+- test/better_html/test_helper/ruby_node_test.rb
+- test/better_html/test_helper/safe_erb/allowed_script_type_test.rb
+- test/better_html/test_helper/safe_erb/no_javascript_tag_helper_test.rb
+- test/better_html/test_helper/safe_erb/no_statements_test.rb
+- test/better_html/test_helper/safe_erb/script_interpolation_test.rb
+- test/better_html/test_helper/safe_erb/tag_interpolation_test.rb
 - test/better_html/test_helper/safe_lodash_tester_test.rb
 - test/better_html/tokenizer/html_erb_test.rb
 - test/better_html/tokenizer/html_lodash_test.rb
@@ -269,11 +280,16 @@ test_files:
 - test/dummy/Rakefile
 - test/test_helper.rb
 - test/better_html/helpers_test.rb
+- test/better_html/errors_test.rb
 - test/better_html/parser_test.rb
 - test/better_html/better_erb/implementation_test.rb
-- test/better_html/test_helper/safe_erb_tester_test.rb
+- test/better_html/test_helper/safe_erb/script_interpolation_test.rb
+- test/better_html/test_helper/safe_erb/no_javascript_tag_helper_test.rb
+- test/better_html/test_helper/safe_erb/tag_interpolation_test.rb
+- test/better_html/test_helper/safe_erb/no_statements_test.rb
+- test/better_html/test_helper/safe_erb/allowed_script_type_test.rb
+- test/better_html/test_helper/ruby_node_test.rb
 - test/better_html/test_helper/safe_lodash_tester_test.rb
-- test/better_html/test_helper/ruby_expr_test.rb
 - test/better_html/tokenizer/location_test.rb
 - test/better_html/tokenizer/html_lodash_test.rb
 - test/better_html/tokenizer/html_erb_test.rb

data/lib/better_html/test_helper/ruby_expr.rb DELETED Viewed

@@ -1,117 +0,0 @@
-require 'parser/current'
-module BetterHtml
-  module TestHelper
-    class RubyExpr
-      BLOCK_EXPR = /\s*((\s+|\))do|\{)(\s*\|[^|]*\|)?\s*\Z/
-      class ParseError < RuntimeError; end
-      class MethodCall
-        attr_accessor :instance, :method, :arguments
-        def initialize(instance, method, arguments)
-          @instance = instance
-          @method = method
-          @arguments = arguments
-        end
-        def self.from_ast_node(node)
-          new(node.children[0], node.children[1], node.children[2..-1])
-        end
-      end
-      def initialize(ast)
-        raise ArgumentError, "expect first argument to be Parser::AST::Node" unless ast.is_a?(::Parser::AST::Node)
-        @ast = ast
-      end
-      def self.parse(code)
-        parser = ::Parser::CurrentRuby.new
-        parser.diagnostics.ignore_warnings = true
-        parser.diagnostics.all_errors_are_fatal = false
-        parser.diagnostics.consumer = nil
-        buf = ::Parser::Source::Buffer.new('(string)')
-        buf.source = code.sub(BLOCK_EXPR, '')
-        parsed = parser.parse(buf)
-        raise ParseError, "error parsing code: #{code.inspect}" unless parsed
-        new(parsed)
-      end
-      def start
-        @ast.loc.expression.begin_pos
-      end
-      def end
-        @ast.loc.expression.end_pos
-      end
-      def traverse(current=@ast, only: nil, &block)
-        yield current if node_match?(current, only)
-        each_child_node(current) do |child|
-          traverse(child, only: only, &block)
-        end
-      end
-      def each_child_node(current=@ast, only: nil, range: (0..-1))
-        current.children[range].each do |child|
-          if child.is_a?(::Parser::AST::Node) && node_match?(child, only)
-            yield child
-          end
-        end
-      end
-      def node_match?(current, type)
-        type.nil? || Array[type].flatten.include?(current.type)
-      end
-      STATIC_TYPES = [:str, :int, :true, :false, :nil]
-      def each_return_value_recursive(current=@ast, only: nil, &block)
-        case current.type
-        when :send, :csend, :ivar, *STATIC_TYPES
-          yield current if node_match?(current, only)
-        when :if, :masgn, :lvasgn
-          # first child is ignored as it does not contain return values
-          # for example, in `foo ? x : y` we only care about x and y, not foo
-          each_child_node(current, range: 1..-1) do |child|
-            each_return_value_recursive(child, only: only, &block)
-          end
-        else
-          each_child_node(current) do |child|
-            each_return_value_recursive(child, only: only, &block)
-          end
-        end
-      end
-      def static_value?
-        returns = []
-        each_return_value_recursive do |node|
-          returns << node
-        end
-        return false if returns.size == 0
-        returns.each do |node|
-          if STATIC_TYPES.include?(node.type)
-            next
-          elsif node.type == :dstr
-            each_child_node(node) do |child|
-              return false if child.type != :str
-            end
-          else
-            return false
-          end
-        end
-        true
-      end
-      def calls
-        calls = []
-        each_return_value_recursive(only: [:send, :csend]) do |node|
-          calls << MethodCall.from_ast_node(node)
-        end
-        calls
-      end
-    end
-  end
-end

data/test/better_html/test_helper/ruby_expr_test.rb DELETED Viewed

@@ -1,283 +0,0 @@
-require 'test_helper'
-require 'better_html/test_helper/ruby_expr'
-module BetterHtml
-  module TestHelper
-    class RubyExprTest < ActiveSupport::TestCase
-      test "simple call" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo")
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :foo, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "instance call" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo.bar")
-        assert_equal 1, expr.calls.size
-        assert_equal 's(:send, nil, :foo)', expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "instance call with arguments" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo(x).bar")
-        assert_equal 1, expr.calls.size
-        assert_equal "s(:send, nil, :foo,\n  s(:send, nil, :x))", expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "instance call with parenthesis" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("(foo).bar")
-        assert_equal 1, expr.calls.size
-        assert_equal "s(:begin,\n  s(:send, nil, :foo))", expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "instance call with parenthesis 2" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("(foo)")
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :foo, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "command call" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo bar")
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :foo, expr.calls.first.method
-        assert_equal '[s(:send, nil, :bar)]', expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "command call with block" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo bar do")
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :foo, expr.calls.first.method
-        assert_equal '[s(:send, nil, :bar)]', expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "call with parameters" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo(bar)")
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :foo, expr.calls.first.method
-        assert_equal '[s(:send, nil, :bar)]', expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "instance call with parameters" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo.bar(baz, x)")
-        assert_equal 1, expr.calls.size
-        assert_equal 's(:send, nil, :foo)', expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal '[s(:send, nil, :baz), s(:send, nil, :x)]', expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "call with parameters with if conditional modifier" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo(bar) if something?")
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :foo, expr.calls.first.method
-        assert_equal '[s(:send, nil, :bar)]', expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "call with parameters with unless conditional modifier" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("foo(bar) unless something?")
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :foo, expr.calls.first.method
-        assert_equal '[s(:send, nil, :bar)]', expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "expression call in ternary" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("something? ? foo : bar")
-        assert_equal 2, expr.calls.size
-        refute_predicate expr, :static_value?
-        assert_nil expr.calls[0].instance
-        assert_equal :foo, expr.calls[0].method
-        assert_equal [], expr.calls[0].arguments
-        assert_nil expr.calls[1].instance
-        assert_equal :bar, expr.calls[1].method
-        assert_equal [], expr.calls[1].arguments
-      end
-      test "expression call with args in ternary" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("something? ? foo(x) : bar(x)")
-        assert_equal 2, expr.calls.size
-        assert_nil expr.calls[0].instance
-        assert_equal :foo, expr.calls[0].method
-        assert_equal '[s(:send, nil, :x)]', expr.calls[0].arguments.inspect
-        assert_nil expr.calls[1].instance
-        assert_equal :bar, expr.calls[1].method
-        assert_equal '[s(:send, nil, :x)]', expr.calls[1].arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "string without interpolation" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('"foo"')
-        assert_equal 0, expr.calls.size
-        assert_predicate expr, :static_value?
-      end
-      test "string with interpolation" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('"foo #{bar}"')
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "ternary in string with interpolation" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('"foo #{foo? ? bar : baz}"')
-        assert_equal 2, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        assert_nil expr.calls.last.instance
-        assert_equal :baz, expr.calls.last.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "assignment to variable" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('x = foo.bar')
-        assert_equal 1, expr.calls.size
-        assert_equal 's(:send, nil, :foo)', expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "assignment to variable with command call" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('raw x = foo.bar')
-        assert_equal 1, expr.calls.size
-        assert_nil expr.calls.first.instance
-        assert_equal :raw, expr.calls.first.method
-        assert_equal "[s(:lvasgn, :x,\n  s(:send,\n    s(:send, nil, :foo), :bar))]", expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "assignment with instance call" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('(x = foo).bar')
-        assert_equal 1, expr.calls.size
-        assert_equal "s(:begin,\n  s(:lvasgn, :x,\n    s(:send, nil, :foo)))", expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "assignment to multiple variables" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('x, y = foo.bar')
-        assert_equal 1, expr.calls.size
-        assert_equal 's(:send, nil, :foo)', expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "safe navigation operator" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('foo&.bar')
-        assert_equal 1, expr.calls.size
-        assert_equal 's(:send, nil, :foo)', expr.calls[0].instance.inspect
-        assert_equal :bar, expr.calls[0].method
-        assert_equal [], expr.calls[0].arguments
-        refute_predicate expr, :static_value?
-      end
-      test "instance variable" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('@foo')
-        assert_equal 0, expr.calls.size
-        refute_predicate expr, :static_value?
-      end
-      test "instance method on variable" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('@foo.bar')
-        assert_equal 1, expr.calls.size
-        assert_equal 's(:ivar, :@foo)', expr.calls.first.instance.inspect
-        assert_equal :bar, expr.calls.first.method
-        assert_equal [], expr.calls.first.arguments
-        refute_predicate expr, :static_value?
-      end
-      test "index into array" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('local_assigns[:text_class] if local_assigns[:text_class]')
-        assert_equal 1, expr.calls.size
-        assert_equal 's(:send, nil, :local_assigns)', expr.calls.first.instance.inspect
-        assert_equal :[], expr.calls.first.method
-        assert_equal '[s(:sym, :text_class)]', expr.calls.first.arguments.inspect
-        refute_predicate expr, :static_value?
-      end
-      test "static_value? for ivar" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('@foo')
-        refute_predicate expr, :static_value?
-      end
-      test "static_value? for str" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("'str'")
-        assert_predicate expr, :static_value?
-      end
-      test "static_value? for int" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("1")
-        assert_predicate expr, :static_value?
-      end
-      test "static_value? for bool" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("true")
-        assert_predicate expr, :static_value?
-      end
-      test "static_value? for nil" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse("nil")
-        assert_predicate expr, :static_value?
-      end
-      test "static_value? for dstr without interpolate" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('"str"')
-        assert_predicate expr, :static_value?
-      end
-      test "static_value? for dstr with interpolate" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('"str #{foo}"')
-        refute_predicate expr, :static_value?
-      end
-      test "static_value? with safe ternary" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('foo ? \'a\' : \'b\'')
-        assert_predicate expr, :static_value?
-      end
-      test "static_value? with safe conditional" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('\'foo\' if bar?')
-        assert_predicate expr, :static_value?
-      end
-      test "static_value? with safe assignment" do
-        expr = BetterHtml::TestHelper::RubyExpr.parse('x = \'foo\'')
-        assert_predicate expr, :static_value?
-      end
-    end
-  end
-end