devcenter-parser 2.1.2 → 2.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +7 -0
  3. data/Rakefile +2 -0
  4. data/lib/devcenter-parser/header_id_generator.rb +1 -1
  5. data/lib/devcenter-parser/version.rb +1 -1
  6. data/lib/devcenter-parser.rb +3 -2
  7. data/test/devcenter-parser_test.rb +7 -3
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b01d9f34400a51f943f040525996d6e674436631
4
- data.tar.gz: 0fe36dd152d0d96092d6874a7e01a43c2291e4ff
3
+ metadata.gz: f2f8e036f620a0e3ac39aa533bebd4df0ba6dd83
4
+ data.tar.gz: 22ab56166bc5b1cff3e544edd51811327b6e77a4
5
5
  SHA512:
6
- metadata.gz: 53cf30e7a354202b4e679f018e807494081d27d2de0ebef1aab0be6f88d3b312203696c76bbbd13546f0b5d4b2849a83ca80014f0c1810fe79e5947262be2d18
7
- data.tar.gz: 5233abeaa204e0b36f1db64bc3cf9f1e229493f0bc942d9d653ad589a44bb5a9f914287bef3e9eac3b3ccdad0315300fbc16f0fc009154e5b78b1d10f1df723d
6
+ metadata.gz: e00495906e58f897e4159bdb1bd417430f7be40ec5e3aea5c3ef049ac514d6b80f9307dcc9169a9c7403c3eaa9bf7b1295a19e7fac127e749ddbaad5da82815d
7
+ data.tar.gz: aff646f4472e5141643fc210cdf31f89e8b3ba2deffa385148be6b0c99af7c861d72066491e5d9da3e702688a09109e78a6e310afbde8ed8b04085981556dc64
data/README.md CHANGED
@@ -23,5 +23,12 @@ $ bundle exec rake
23
23
  ## License
24
24
  See the LICENSE file included in the distribution.
25
25
 
26
+ ## Release a new version
27
+ 1. Update the `lib/version.rb` file and commit
28
+ 2. Ensure you that you are an owner on [the gem's RubyGems
29
+ page](https://rubygems.org/gems/devcenter-parser)
30
+ 3. `rake release`
31
+ 4. Profit
32
+
26
33
  ## Copyright
27
34
  Copyright (C) 2013 Heroku <raul@heroku.com>.
data/Rakefile CHANGED
@@ -1,3 +1,5 @@
1
+ require 'bundler/gem_tasks'
2
+ require 'rubygems'
1
3
  require 'rake/testtask'
2
4
 
3
5
  Rake::TestTask.new do |t|
data/lib/devcenter-parser/header_id_generator.rb CHANGED
@@ -68,7 +68,7 @@ class HeaderIdGenerator
68
68
  end
69
69
 
70
70
  def conflicts(hash)
71
- hash.select{ |node1, id1| hash.select{ |node1, id2| id1 == id2 }.size > 1 }
71
+ hash.select{ |node1, id1| hash.select{ |_node1, id2| id1 == id2 }.size > 1 }
72
72
  end
73
73
 
74
74
  def add_default_ids
data/lib/devcenter-parser/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DevcenterParser
2
- VERSION = '2.1.2'
2
+ VERSION = '2.2.0'.freeze
3
3
  end
data/lib/devcenter-parser.rb CHANGED
@@ -58,7 +58,7 @@ module DevcenterParser
58
58
  end
59
59
 
60
60
  def self.remove_tags_inside_html_comments(markdown)
61
- markdown.gsub /<!--((.|\s)*?)-->/ do
61
+ markdown.gsub(/<!--((.|\s)*?)-->/) do
62
62
  inner = $1
63
63
  inner.gsub!(/\[|\]|\(|\)|\<|\>/,'')
64
64
  "<!--#{inner}-->"
@@ -115,7 +115,8 @@ module DevcenterParser
115
115
  def self.iframe_sanitizer
116
116
  lambda do |env|
117
117
  return unless env[:node].attributes['src']
118
- env[:node].unlink if env[:node].attributes['src'].value =~ /\Ajavascript:/i
118
+ # allow iframes if they have src that is from vimeo
119
+ env[:node].unlink unless env[:node].attributes['src'].value =~ /\Ahttps:\/\/player.vimeo.com\//i
119
120
  end
120
121
  end
121
122
  end
data/test/devcenter-parser_test.rb CHANGED
@@ -30,6 +30,12 @@ describe 'DevcenterParser' do
30
30
  assert_parsing_result 'foo_bar_baz', '<p>foo_bar_baz</p>'
31
31
  end
32
32
 
33
+ it 'removes iframes with script tags in the src' do
34
+ md = '<iframe src="data:text/html,<script>alert(document.domain)</script>"></iframe>'
35
+ html = ''
36
+ assert_parsing_result md, html
37
+ end
38
+
33
39
  it 'removes script tags and their content' do
34
40
  md = '<strong>clean<script>alert("hack!")</script></strong>'
35
41
  html = '<p><strong>clean</strong></p>'
@@ -37,9 +43,7 @@ describe 'DevcenterParser' do
37
43
  end
38
44
 
39
45
  it 'allows embedding vimeo videos' do
40
- src = <<-SRC
41
- <iframe src=\"https://player.vimeo.com/video/61044807?title=0&amp;byline=0&amp;portrait=0&amp;color=a086ee\" width=\"500\" height=\"281\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>
42
- SRC
46
+ src = '<iframe src="https://player.vimeo.com/video/61044807?title=0&amp;byline=0&amp;portrait=0&amp;color=a086ee" width="50" height="281" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>'
43
47
  assert_parsing_result src, src
44
48
  end
45
49
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devcenter-parser
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.2
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Heroku
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-27 00:00:00.000000000 Z
11
+ date: 2017-02-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -117,7 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
117
117
  version: '0'
118
118
  requirements: []
119
119
  rubyforge_project:
120
- rubygems_version: 2.5.1
120
+ rubygems_version: 2.6.8
121
121
  signing_key:
122
122
  specification_version: 4
123
123
  summary: Parser for Heroku Dev Center's content