dm_core 4.2.3.5 → 4.2.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/app/helpers/dm_core/liquid_helper.rb +3 -2
  3. data/app/models/comment.rb +1 -0
  4. data/app/models/custom_field.rb +1 -0
  5. data/lib/dm_core/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 0490f46401026caee491bca39285f601fd19beca
4
- data.tar.gz: 02bcbb988dbb7981aa90514fcb96f68aa5422561
3
+ metadata.gz: ac89f31f284e74d5e6aac7acb6ea93b07215272a
4
+ data.tar.gz: fda380a2a51a1799b585bcb350bc56f946d2ea7e
5
5
  SHA512:
6
- metadata.gz: 54ad5aed91b6bfa8b7bb4286eb6758ff8b7da0b5c92e81ec3232252a4f29845433c86a43baa032173f82cdac605d4fe1705b7daeaf7214aad35e8a90b54d500b
7
- data.tar.gz: dcc180704d792810d0c430aca89b0e05fde8b34b1f3cc1546afc5ed489ec773f2aa060d70bef2754035c489c0b8d7d20756f4ec39679b52a9bbf97136e3061f4
6
+ metadata.gz: 754a71d30e5620791e1d59eb9e0c84fd745fd64fff018f7eff3e07a72749aaf5d635491cca9f62cbb92675844fa1d0ed43af47785e8d3baedbe7a4a32e263b13
7
+ data.tar.gz: 0c4121ebf9a9aaa375b58033d2ba0dd9fcc4252b31d295e4d5018629bcf4fa7877177bc306545d296c4d56279ae2bba8d366ef8954ae4953f3d03d9fe198f096
data/app/helpers/dm_core/liquid_helper.rb CHANGED
@@ -47,7 +47,8 @@ module DmCore::LiquidHelper
47
47
  else
48
48
  html = ::Kramdown::Document.new(content).to_html.html_safe
49
49
  end
50
- return options[:safe] ? sanitize_text(html, level: :relaxed).html_safe : html
50
+ # for safety, use :basic or lower
51
+ return options[:safe] ? sanitize_text(html, level: :basic).html_safe : html
51
52
  end
52
53
 
53
54
  # Uses Sanitize gem to fully sanitize any text.
@@ -63,7 +64,7 @@ module DmCore::LiquidHelper
63
64
  # Allows only very simple inline formatting markup. No links, images, or block elements.
64
65
  Sanitize.clean(content, Sanitize::Config::RESTRICTED)
65
66
  when :basic
66
- #Allows a variety of markup including formatting tags, links, and lists.
67
+ # Allows a variety of markup including formatting tags, links, and lists.
67
68
  # Images and tables are not allowed, links are limited to FTP, HTTP, HTTPS, and
68
69
  # mailto protocols, and a rel="nofollow" attribute is added to all links to
69
70
  # mitigate SEO spam.
data/app/models/comment.rb CHANGED
@@ -19,6 +19,7 @@ class Comment < ActiveRecord::Base
19
19
  belongs_to :account
20
20
 
21
21
  validates_presence_of :body
22
+ validates_length_of :body, maximum: 60000
22
23
  self.per_page = 10
23
24
 
24
25
  end
data/app/models/custom_field.rb CHANGED
@@ -38,6 +38,7 @@ class CustomField < ActiveRecord::Base
38
38
 
39
39
  validates_presence_of :field_data, if: Proc.new {|field| field.required?}
40
40
  validates_numericality_of :field_data, if: Proc.new {|field| field.field_type == 'number_field' && !field.field_data.blank?}
41
+ validates_length_of :field_data, maximum: 4096, if: Proc.new {|field| !field.field_data.blank?}
41
42
  validate :checkbox_required, if: Proc.new {|field| field.field_type == 'check_box_collection' && field.required?}
42
43
 
43
44
  #------------------------------------------------------------------------------
data/lib/dm_core/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DmCore
2
- VERSION = "4.2.3.5"
2
+ VERSION = "4.2.3.6"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dm_core
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.2.3.5
4
+ version: 4.2.3.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brett Walker
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-01-16 00:00:00.000000000 Z
11
+ date: 2017-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails