downr 0.0.6 → 0.0.7

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5dd1fcfb23290ed74c8e46b7747dcb3d820ac3f5
+  data.tar.gz: 77f9aa37c349fdc99a0a8624e2ca2246efefdda9
+SHA512:
+  metadata.gz: defa69e00ac664b0781467ac50b684edd3329106c3e3de0f67ddf34bc361846b9f58d3e3d6848be3b91c3f3cc53ec3da00546455b212d5967da6acf9339cd7e9
+  data.tar.gz: 3629d2631649c4839227b40f3c433b16989096651fc577de4e2c9f2fc59e3cde6506f730431ff4ef40fd69cc32d55986e9a79a296b4a1d73de04cab74a4e7f26

data/README.md

@@ -1,5 +1,5 @@
 # Downr 
-[![Build Status](https://travis-ci.org/davidrivera/Downr.svg?branch=master)](https://travis-ci.org/davidrivera/Downr) [![Code Climate](https://codeclimate.com/github/davidrivera/Downr.png)](https://codeclimate.com/github/davidrivera/Downr) [![Inline docs](http://inch-pages.github.io/github/davidrivera/Downr.png)](http://inch-pages.github.io/github/davidrivera/Downr) [![Gem Version](https://badge.fury.io/rb/downr.svg)](http://badge.fury.io/rb/downr) [![Dependency Status](https://gemnasium.com/davidrivera/Downr.svg)](https://gemnasium.com/davidrivera/Downr)
+[![Build Status](https://travis-ci.org/davidrivera/Downr.svg?branch=master)](https://travis-ci.org/davidrivera/Downr) [![Code Climate](https://codeclimate.com/github/davidrivera/Downr.png)](https://codeclimate.com/github/davidrivera/Downr) [![Inline docs](http://inch-ci.org/github/davidrivera/Downr.png)](http://inch-ci.org/github/davidrivera/Downr) [![Gem Version](https://badge.fury.io/rb/downr.svg)](http://badge.fury.io/rb/downr) [![Dependency Status](https://gemnasium.com/davidrivera/Downr.svg)](https://gemnasium.com/davidrivera/Downr)
 
 Downr is an easy to use rails wrapper around a couple of different notable gems
 * [Redcarpet](https://github.com/vmg/redcarpet)

data/downr.gemspec

@@ -27,4 +27,6 @@ Gem::Specification.new do |spec|
   spec.add_dependency "rails_emoji", "~> 1.7.1"
   spec.add_dependency "pygmentize", "~>0.0.3" 
   spec.add_dependency "redcarpet", "~>3.1.1"
+  spec.add_dependency "html-pipeline", "~> 1.9.0"
+  spec.add_dependency "sanitize", "~> 3.0.0"
 end

data/lib/downr/markdown.rb

@@ -1,3 +1,5 @@
+require 'html/pipeline'
+
 module Downr
 
   # This class is a wrapper for the
@@ -8,15 +10,18 @@ module Downr
     # static renderer
     @@renderer
 
+    # static options
+    @@options
+
     attr_accessor :renderer
     
     # Creates a new Markdown object
     def initialize
-      options = Downr.configuration.options
+      @@options = Downr.configuration.options
       
-      render  = Render.new(options)
+      render  = Render.new(@@options)
 
-      @@renderer = Redcarpet::Markdown.new(render, options)
+      @@renderer = Redcarpet::Markdown.new(render, @@options)
     end
 
     # Renders markdown
@@ -24,7 +29,23 @@ module Downr
     #
     # @return [String] html
     def self.render text 
-      @@renderer.render(text)
+      html = @@renderer.render(text)
+      
+      if(@@options[:sanitize_html].present? && @@options[:sanitize_html])
+        html = self.sanitize_html(html)
+      end
+      
+      html
+    end
+
+    # Sanitizes html input removing tags
+    # that are considered "unsafe"
+    # 
+    # @param [String] html
+    # 
+    # @return [String] html
+    def self.sanitize_html(html)
+      HTML::Pipeline::SanitizationFilter.new(html).call.to_s
     end
   end
 end

data/lib/downr/render.rb

@@ -43,12 +43,12 @@ module Downr
     # @param [String] full_document the complete doc
     # 
     # @return [String] html
-    def postprocess(full_document)
+    def preprocess(full_document)
       if(@options[:emojify])
         return emojify(full_document)
       end
 
-      full_document
+      super full_document
     end
 
     private

data/lib/downr/version.rb

@@ -1,4 +1,4 @@
 # Gem Version
 module Downr
-  VERSION = "0.0.6"
+  VERSION = "0.0.7"
 end

data/lib/generators/templates/downr.rb

@@ -17,6 +17,9 @@ Downr.configure do |config|
     # use emojify for icons
     emojify:                        true,
 
+    # should we strip out "unsafe" html elements
+    html_sanitization:              true,
+
     ########################################################
     # The following options are for Redcarpet and can be found at
     # https://github.com/vmg/redcarpet

metadata

@@ -1,144 +1,155 @@
 --- !ruby/object:Gem::Specification
 name: downr
 version: !ruby/object:Gem::Version
-  version: 0.0.6
-  prerelease: 
+  version: 0.0.7
 platform: ruby
 authors:
 - David Rivera
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-30 00:00:00.000000000 Z
+date: 2014-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.14'
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.1.0
 - !ruby/object:Gem::Dependency
   name: rails_emoji
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.7.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.7.1
 - !ruby/object:Gem::Dependency
   name: pygmentize
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.0.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.0.3
 - !ruby/object:Gem::Dependency
   name: redcarpet
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.1.1
+- !ruby/object:Gem::Dependency
+  name: html-pipeline
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.0
+- !ruby/object:Gem::Dependency
+  name: sanitize
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.0
 description: Wrapper for RedCarpet, adding syntax highlighting, emojis etc.
 email:
 - david.r.rivera193@gmail.com
@@ -146,10 +157,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
-- .travis.yml
-- .yardopts
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- ".yardopts"
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -175,27 +186,26 @@ files:
 homepage: https://github.com/davidrivera/Downr
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.4.0
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Rails friendly Github Falvored Markdown
 test_files:
 - spec/lib/downr/action_view/helpers_spec.rb