devcenter-parser 2.0.2 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/devcenter-parser.rb +9 -0
- data/lib/devcenter-parser/version.rb +1 -1
- data/test/devcenter-parser_test.rb +9 -0
- metadata +11 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4d95a94b7c9105e23060c78ab4615837110ed790
|
|
4
|
+
data.tar.gz: 388710bb2e60085a1585deec9aaf2d0b91ab3a90
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: afa310e5adb4c2f160a0196144a8588d6a8c284e8e6115bdba8e9844e761fcdfa7aae4e9438f3a4a518872573b715a80f394dc21576bc1e5483a73678d16f35d
|
|
7
|
+
data.tar.gz: 2918139f9658bff3f9ec1746405f70eef5e3681a9e07c7243fafac67126961446a45cc60efc04efe05a2d8807944805c0150fadca772bd5bc9bca796d67c1f7f
|
data/lib/devcenter-parser.rb
CHANGED
|
@@ -86,6 +86,8 @@ module DevcenterParser
|
|
|
86
86
|
# custom
|
|
87
87
|
config[:elements] += %w{ toolbelt }
|
|
88
88
|
|
|
89
|
+
config[:transformers] = Array(config[:transformers]).push(iframe_sanitizer)
|
|
90
|
+
|
|
89
91
|
@@sanitize_config = config.merge({remove_contents: true, allow_comments: true})
|
|
90
92
|
end
|
|
91
93
|
|
|
@@ -109,4 +111,11 @@ module DevcenterParser
|
|
|
109
111
|
broken_html = html.match(/REXML could not parse this XML\/HTML\:(.+)<\/pre>/m)[1].strip rescue nil
|
|
110
112
|
broken_html.nil? ? "Contains broken raw HTML." : "This raw HTML is invalid: #{CGI.unescapeHTML(broken_html)}"
|
|
111
113
|
end
|
|
114
|
+
|
|
115
|
+
def self.iframe_sanitizer
|
|
116
|
+
lambda do |env|
|
|
117
|
+
return unless env[:node].attributes['src']
|
|
118
|
+
env[:node].unlink if env[:node].attributes['src'].value =~ /\Ajavascript:/
|
|
119
|
+
end
|
|
120
|
+
end
|
|
112
121
|
end
|
|
@@ -421,6 +421,15 @@ HTML
|
|
|
421
421
|
|
|
422
422
|
assert_parsing_result md, html
|
|
423
423
|
end
|
|
424
|
+
|
|
425
|
+
it 'removes elements with src="javascript:"' do
|
|
426
|
+
md = <<-MARKDOWN
|
|
427
|
+
<iframe src="javascript:">alert("foo");</iframe>
|
|
428
|
+
<img src="javascript:" />
|
|
429
|
+
MARKDOWN
|
|
430
|
+
|
|
431
|
+
assert_parsing_result md, "<p></p>"
|
|
432
|
+
end
|
|
424
433
|
end
|
|
425
434
|
|
|
426
435
|
|
metadata
CHANGED
|
@@ -1,27 +1,27 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devcenter-parser
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Heroku
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-06-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: nokogiri
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- -
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: 1.4.4
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
|
-
- -
|
|
24
|
+
- - ">="
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: 1.4.4
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
@@ -56,28 +56,28 @@ dependencies:
|
|
|
56
56
|
name: minitest
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
|
-
- -
|
|
59
|
+
- - ">"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
61
|
version: '2.0'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
|
-
- -
|
|
66
|
+
- - ">"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: '2.0'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: rake
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
72
72
|
requirements:
|
|
73
|
-
- -
|
|
73
|
+
- - ">="
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
75
|
version: '0'
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
|
-
- -
|
|
80
|
+
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '0'
|
|
83
83
|
description: Parser for Heroku Dev Center's content
|
|
@@ -107,17 +107,17 @@ require_paths:
|
|
|
107
107
|
- lib
|
|
108
108
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
109
109
|
requirements:
|
|
110
|
-
- -
|
|
110
|
+
- - ">="
|
|
111
111
|
- !ruby/object:Gem::Version
|
|
112
112
|
version: '0'
|
|
113
113
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
114
114
|
requirements:
|
|
115
|
-
- -
|
|
115
|
+
- - ">="
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
117
|
version: '0'
|
|
118
118
|
requirements: []
|
|
119
119
|
rubyforge_project:
|
|
120
|
-
rubygems_version: 2.
|
|
120
|
+
rubygems_version: 2.4.5.1
|
|
121
121
|
signing_key:
|
|
122
122
|
specification_version: 4
|
|
123
123
|
summary: Parser for Heroku Dev Center's content
|