devcenter-parser 2.1.0 → 2.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/devcenter-parser.rb +1 -1
- data/lib/devcenter-parser/version.rb +1 -1
- data/test/devcenter-parser_test.rb +10 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7b7904e3c95fe0196c46de26736acdcd7d287b52
|
4
|
+
data.tar.gz: 606a60a9d43809dcd1e8a5065f0dae064936bef8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 25c925522b066e92afcb13dd94dd193a0769b00951fcfff2ab1474ca127d16ded975447d6b1cd1b7e15102daf730b044c1c9fc396214189e03532369b695ac3a
|
7
|
+
data.tar.gz: 305986ed593c48b4db316bfcf93b0b9e1aa59d1bf4c5b869dc7316a5ecad35bd02513bc105edae3d5d969b3a16a3e28cd22e22e4bef05acaeede7baf8edcaa1c
|
data/lib/devcenter-parser.rb
CHANGED
@@ -115,7 +115,7 @@ module DevcenterParser
|
|
115
115
|
def self.iframe_sanitizer
|
116
116
|
lambda do |env|
|
117
117
|
return unless env[:node].attributes['src']
|
118
|
-
env[:node].unlink if env[:node].attributes['src'].value =~ /\Ajavascript:/
|
118
|
+
env[:node].unlink if env[:node].attributes['src'].value =~ /\Ajavascript:/i
|
119
119
|
end
|
120
120
|
end
|
121
121
|
end
|
@@ -430,6 +430,16 @@ HTML
|
|
430
430
|
|
431
431
|
assert_parsing_result md, "<p></p>"
|
432
432
|
end
|
433
|
+
|
434
|
+
|
435
|
+
it 'removes elements with src="jaVasCript:"' do
|
436
|
+
md = <<-MARKDOWN
|
437
|
+
<iframe src="jaVasCript:">alert("foo");</iframe>
|
438
|
+
<img src="jaVasCript:" />
|
439
|
+
MARKDOWN
|
440
|
+
|
441
|
+
assert_parsing_result md, "<p></p>"
|
442
|
+
end
|
433
443
|
end
|
434
444
|
|
435
445
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devcenter-parser
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.1.
|
4
|
+
version: 2.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Heroku
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-06-
|
11
|
+
date: 2016-06-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nokogiri
|