chatroom 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
MDU1OTVhMzJhNGJlYzQzZTk3MDVmMDk4OGEzZjI3ZmVjMWQwZTkyMg==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
YjAyNjIyMmU0OWVmOGZiY2E5MmUyYjlhNzAxODU4YjIzMzg5ODZhNA==
|
7
7
|
!binary "U0hBNTEy":
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
NzQwNjI3ZjkxZGIzZWI1NjAzMzJjODVhOTFjNjFlYjY3NGFhOGZiN2VkNTU5
|
10
|
+
MDU2OTM0MjBjZDMzMmE3YTlmYzY3NmU5NTVlNDkyMmM3ZTI3M2U2ZmRjNjJj
|
11
|
+
NTljMDQxYjgyMWQwYzJlZDI4YjA1MTNmNjMzZTY3MmY1ZGM2ZjU=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
NTMzYzFjMmFlOTE2Yjg0MmUxNjgwZGY0YzNmMWUyMjM4ZGM0OTc2MGE1NjRi
|
14
|
+
MGU0ZjBmZTkzZmQyZWU2ZmE5ODg3MmRhYWFhNjY0OTBjZmViMGI5YzVhYzkw
|
15
|
+
YTNjMTZlYzljMWViYzY5OTdmZWMzZWI2ZDlhZmNlYzYwYzMyNDY=
|
@@ -9,7 +9,6 @@ module Chatroom
|
|
9
9
|
# POST /messages.json
|
10
10
|
def create
|
11
11
|
message = message_params
|
12
|
-
message[:content] = prevent_script(message[:content])
|
13
12
|
@message = Message.create!(message)
|
14
13
|
end
|
15
14
|
|
@@ -18,15 +17,5 @@ module Chatroom
|
|
18
17
|
def message_params
|
19
18
|
params.require(:message).permit(:content)
|
20
19
|
end
|
21
|
-
|
22
|
-
def prevent_script(text)
|
23
|
-
txt = text.gsub(/<(\s*)([^\d\W\s]+)(\s*)([;\-\w="'\s:\/\.]+)>/) do |s|
|
24
|
-
"\\<#{$1}#{$2}#{$3}#{$4}\>"
|
25
|
-
end
|
26
|
-
txt = txt.gsub(/<\/(\s*)([^\d\W\s]+)(\s*)([;\-\w="'\s:\/\.]+)>/) do |s|
|
27
|
-
"\\</#{$1}#{$2}#{$3}#{$4}>"
|
28
|
-
end
|
29
|
-
return txt
|
30
|
-
end
|
31
20
|
end
|
32
21
|
end
|
@@ -5,7 +5,7 @@ module Chatroom
|
|
5
5
|
<div class='info-message'>
|
6
6
|
<span class='sender'>:</span><span class='send-time'>#{msg.try(:send_time)}</span>
|
7
7
|
</div>
|
8
|
-
<span class='say'>#{msg.try(:html_content)}</span>
|
8
|
+
<span class='say'>#{sanitize(msg.try(:html_content), tags: %w(br img span p i b a), attributes: %w(id class style))}</span>
|
9
9
|
</span>"
|
10
10
|
end
|
11
11
|
|
@@ -17,7 +17,7 @@ module Chatroom
|
|
17
17
|
<div class='info-message'>
|
18
18
|
<span class='sender'>:</span><span class='send-time'>#{msg.try(:send_time)}</span>
|
19
19
|
</div>
|
20
|
-
<span class='say'>#{msg.try(:html_content)}</span>
|
20
|
+
<span class='say'>#{sanitize(msg.try(:html_content), tags: %w(br img span p i b a), attributes: %w(id class style))}</span>
|
21
21
|
</span>"
|
22
22
|
end
|
23
23
|
messages.join('')
|
data/lib/chatroom/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chatroom
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- TsaiKoga
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2014-01-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|