clean_room 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +8 -8
- data/clean_room.gemspec +2 -3
- data/lib/clean_room.rb +2 -0
- data/lib/clean_room/air_lock.rb +5 -0
- data/lib/clean_room/dsl.rb +5 -5
- data/lib/clean_room/version.rb +1 -1
- data/test/clean_room_test.rb +29 -17
- metadata +9 -9
data/README.md
CHANGED
|
@@ -26,14 +26,14 @@ CleanRoom accepts any attributes for which readers and writers are available. Th
|
|
|
26
26
|
* html: allow the tags as by Sanitize::Config::RELAXED
|
|
27
27
|
|
|
28
28
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
29
|
+
class SanitizedAttributes
|
|
30
|
+
attr_accessor :normal, :strict, :very_strict, :simple_html, :html
|
|
31
|
+
|
|
32
|
+
sanitize_attribute :normal
|
|
33
|
+
sanitize_attribute :strict, allow: :strict, character_class: "a-z"
|
|
34
|
+
sanitize_attribute :simple_html, allow: :simple_html
|
|
35
|
+
sanitize_attribute :html, allow: :html
|
|
36
|
+
end
|
|
37
37
|
|
|
38
38
|
|
|
39
39
|
## Contributing
|
data/clean_room.gemspec
CHANGED
|
@@ -13,9 +13,8 @@ Gem::Specification.new do |gem|
|
|
|
13
13
|
gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
|
14
14
|
gem.name = "clean_room"
|
|
15
15
|
gem.require_paths = ["lib"]
|
|
16
|
+
gem.version = CleanRoom::VERSION
|
|
16
17
|
|
|
17
|
-
gem.add_runtime_dependency "activesupport", ">= 3.0.0"
|
|
18
18
|
gem.add_runtime_dependency "sanitize", ">= 2.0.0"
|
|
19
|
-
|
|
20
|
-
gem.version = CleanRoom::VERSION
|
|
19
|
+
gem.add_runtime_dependency "sanitize-url", ">= 0.1.4"
|
|
21
20
|
end
|
data/lib/clean_room.rb
CHANGED
data/lib/clean_room/air_lock.rb
CHANGED
|
@@ -1,7 +1,10 @@
|
|
|
1
1
|
require 'sanitize'
|
|
2
|
+
require 'sanitize-url'
|
|
2
3
|
|
|
3
4
|
module CleanRoom
|
|
4
5
|
class AirLock
|
|
6
|
+
include SanitizeUrl
|
|
7
|
+
|
|
5
8
|
def shower(value, options)
|
|
6
9
|
if value
|
|
7
10
|
allow = options[:allow] || :plain_text
|
|
@@ -14,6 +17,8 @@ module CleanRoom
|
|
|
14
17
|
when :strict
|
|
15
18
|
regex = /[^#{options[:character_class] || "a-zA-Z0-9 "}]/
|
|
16
19
|
Sanitize.clean(value).gsub(regex, "")
|
|
20
|
+
when :url
|
|
21
|
+
sanitize_url(value)
|
|
17
22
|
else
|
|
18
23
|
Sanitize.clean(value)
|
|
19
24
|
end
|
data/lib/clean_room/dsl.rb
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
module CleanRoom
|
|
2
2
|
module DSL
|
|
3
|
-
extend ActiveSupport::Concern
|
|
4
3
|
|
|
5
|
-
included
|
|
6
|
-
|
|
4
|
+
def self.included(base)
|
|
5
|
+
base.extend ClassMethods
|
|
6
|
+
base.sanitizable_attributes = {}
|
|
7
7
|
|
|
8
|
-
if respond_to? :before_save
|
|
9
|
-
before_save :sanitize_attributes
|
|
8
|
+
if base.respond_to? :before_save
|
|
9
|
+
base.before_save :sanitize_attributes
|
|
10
10
|
end
|
|
11
11
|
end
|
|
12
12
|
|
data/lib/clean_room/version.rb
CHANGED
data/test/clean_room_test.rb
CHANGED
|
@@ -30,30 +30,42 @@ class CleanRoomTest < MiniTest::Unit::TestCase
|
|
|
30
30
|
attribute_test(:simple_html, "<b>Test-tesT</b>", "<b>Test-tesT</b>")
|
|
31
31
|
attribute_test(:simple_html, "<b>Test-tesT</b><div>block</div><table><tr><td>table</td></tr></table>", "<b>Test-tesT</b> block table")
|
|
32
32
|
attribute_test(:html, "<b>Test-tesT</b><div>block</div><table><tr><td>table</td></tr></table>", "<b>Test-tesT</b> block <table><tr><td>table</td></tr></table>")
|
|
33
|
+
attribute_test(:url, "www.google.com/?q=<script>test</script>", "http://www.google.com/?q=%3Cscript%3Etest%3C/script%3E")
|
|
33
34
|
end
|
|
34
35
|
|
|
35
36
|
|
|
36
37
|
def attribute_test(field, value_in, value_out)
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
38
|
+
object = object_generator
|
|
39
|
+
object.send("#{field}=".to_sym, value_in)
|
|
40
|
+
object.sanitize_attributes
|
|
41
|
+
assert_equal value_out, object.send(field)
|
|
40
42
|
end
|
|
41
43
|
|
|
42
|
-
def
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
attr_accessor :normal, :strict, :very_strict, :simple_html, :html
|
|
47
|
-
|
|
48
|
-
sanitize_attribute :normal
|
|
49
|
-
sanitize_attribute :strict, allow: :strict
|
|
50
|
-
sanitize_attribute :very_strict, allow: :strict, character_class: "a-z"
|
|
51
|
-
sanitize_attribute :simple_html, allow: :simple_html
|
|
52
|
-
sanitize_attribute :html, allow: :html
|
|
53
|
-
end
|
|
44
|
+
def object_generator
|
|
45
|
+
test_class = Class.new do
|
|
46
|
+
include CleanRoom::DSL
|
|
47
|
+
attr_accessor :normal, :strict, :very_strict, :simple_html, :html, :url
|
|
54
48
|
|
|
55
|
-
|
|
49
|
+
sanitize_attribute :normal
|
|
50
|
+
sanitize_attribute :strict, allow: :strict
|
|
51
|
+
sanitize_attribute :very_strict, allow: :strict, character_class: "a-z"
|
|
52
|
+
sanitize_attribute :simple_html, allow: :simple_html
|
|
53
|
+
sanitize_attribute :html, allow: :html
|
|
54
|
+
sanitize_attribute :url, allow: :url
|
|
56
55
|
end
|
|
57
|
-
|
|
56
|
+
|
|
57
|
+
test_class.new
|
|
58
58
|
end
|
|
59
|
+
|
|
60
|
+
|
|
61
|
+
def test_with_before_save
|
|
62
|
+
assert_output("sanitize_attributes\n") do
|
|
63
|
+
test_class = Class.new do
|
|
64
|
+
def self.before_save(method_name)
|
|
65
|
+
puts method_name
|
|
66
|
+
end
|
|
67
|
+
include CleanRoom::DSL
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
end
|
|
59
71
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: clean_room
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -12,27 +12,27 @@ cert_chain: []
|
|
|
12
12
|
date: 2012-06-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
|
-
name:
|
|
16
|
-
requirement: &
|
|
15
|
+
name: sanitize
|
|
16
|
+
requirement: &70356218609500 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
20
20
|
- !ruby/object:Gem::Version
|
|
21
|
-
version:
|
|
21
|
+
version: 2.0.0
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70356218609500
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
|
-
name: sanitize
|
|
27
|
-
requirement: &
|
|
26
|
+
name: sanitize-url
|
|
27
|
+
requirement: &70356218609000 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version:
|
|
32
|
+
version: 0.1.4
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70356218609000
|
|
36
36
|
description: Work in progress, this will be a generic attribute sanitizer which can
|
|
37
37
|
be used for sanitizing models and other objects holding data
|
|
38
38
|
email:
|