gollum-site 0.1.8 → 0.1.9
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/gollum-site/sanitization.rb +115 -0
- data/lib/gollum-site/site.rb +2 -2
- data/lib/gollum-site/version.rb +1 -1
- data/lib/gollum-site.rb +2 -0
- metadata +4 -3
@@ -0,0 +1,115 @@
|
|
1
|
+
module Gollum
|
2
|
+
# Encapsulate sanitization options.
|
3
|
+
#
|
4
|
+
# This class does not yet support all options of Sanitize library.
|
5
|
+
# See http://github.com/rgrove/sanitize/.
|
6
|
+
class SiteSanitization
|
7
|
+
# Default whitelisted elements.
|
8
|
+
ELEMENTS = [
|
9
|
+
'a', 'abbr', 'acronym', 'address', 'area', 'b', 'big',
|
10
|
+
'blockquote', 'br', 'button', 'caption', 'center', 'cite',
|
11
|
+
'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dir',
|
12
|
+
'div', 'dl', 'dt', 'em', 'fieldset', 'font', 'form', 'h1',
|
13
|
+
'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'img', 'input',
|
14
|
+
'ins', 'kbd', 'label', 'legend', 'li', 'map', 'menu',
|
15
|
+
'ol', 'optgroup', 'option', 'p', 'pre', 'q', 's', 'samp',
|
16
|
+
'select', 'small', 'span', 'strike', 'strong', 'sub',
|
17
|
+
'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th',
|
18
|
+
'thead', 'tr', 'tt', 'u', 'ul', 'var', 'iframe'
|
19
|
+
].freeze
|
20
|
+
|
21
|
+
# Default whitelisted attributes.
|
22
|
+
ATTRIBUTES = {
|
23
|
+
'a' => ['href'],
|
24
|
+
'img' => ['src'],
|
25
|
+
:all => ['abbr', 'accept', 'accept-charset',
|
26
|
+
'accesskey', 'action', 'align', 'alt', 'axis',
|
27
|
+
'border', 'cellpadding', 'cellspacing', 'char',
|
28
|
+
'charoff', 'class', 'charset', 'checked', 'cite',
|
29
|
+
'clear', 'cols', 'colspan', 'color',
|
30
|
+
'compact', 'coords', 'datetime', 'dir',
|
31
|
+
'disabled', 'enctype', 'for', 'frame',
|
32
|
+
'headers', 'height', 'hreflang',
|
33
|
+
'hspace', 'ismap', 'label', 'lang',
|
34
|
+
'longdesc', 'maxlength', 'media', 'method',
|
35
|
+
'multiple', 'name', 'nohref', 'noshade',
|
36
|
+
'nowrap', 'prompt', 'readonly', 'rel', 'rev',
|
37
|
+
'rows', 'rowspan', 'rules', 'scope',
|
38
|
+
'selected', 'shape', 'size', 'span',
|
39
|
+
'start', 'summary', 'tabindex', 'target',
|
40
|
+
'title', 'type', 'usemap', 'valign', 'value',
|
41
|
+
'vspace', 'width', 'frameborder', 'id']
|
42
|
+
}.freeze
|
43
|
+
|
44
|
+
# Default whitelisted protocols for URLs.
|
45
|
+
PROTOCOLS = {
|
46
|
+
'a' => {'href' => ['http', 'https', 'mailto', :relative]},
|
47
|
+
'img' => {'src' => ['http', 'https', :relative]}
|
48
|
+
}.freeze
|
49
|
+
|
50
|
+
# Gets an Array of whitelisted HTML elements. Default: ELEMENTS.
|
51
|
+
attr_reader :elements
|
52
|
+
|
53
|
+
# Gets a Hash describing which attributes are allowed in which HTML
|
54
|
+
# elements. Default: ATTRIBUTES.
|
55
|
+
attr_reader :attributes
|
56
|
+
|
57
|
+
# Gets a Hash describing which URI protocols are allowed in HTML
|
58
|
+
# attributes. Default: PROTOCOLS
|
59
|
+
attr_reader :protocols
|
60
|
+
|
61
|
+
# Gets a Hash describing HTML attributes that Sanitize should add.
|
62
|
+
# Default: {}
|
63
|
+
attr_reader :add_attributes
|
64
|
+
|
65
|
+
# Sets a boolean determining whether Sanitize allows HTML comments in the
|
66
|
+
# output. Default: false.
|
67
|
+
attr_writer :allow_comments
|
68
|
+
|
69
|
+
def initialize
|
70
|
+
@elements = ELEMENTS
|
71
|
+
@attributes = ATTRIBUTES
|
72
|
+
@protocols = PROTOCOLS
|
73
|
+
@add_attributes = {}
|
74
|
+
@allow_comments = false
|
75
|
+
yield self if block_given?
|
76
|
+
end
|
77
|
+
|
78
|
+
# Determines if Sanitize should allow HTML comments.
|
79
|
+
#
|
80
|
+
# Returns True if comments are allowed, or False.
|
81
|
+
def allow_comments?
|
82
|
+
!!@allow_comments
|
83
|
+
end
|
84
|
+
|
85
|
+
# Modifies the current Sanitization instance to sanitize older revisions
|
86
|
+
# of pages.
|
87
|
+
#
|
88
|
+
# Returns a Sanitization instance.
|
89
|
+
def history_sanitization
|
90
|
+
self.class.new do |sanitize|
|
91
|
+
sanitize.add_attributes['a'] = {'rel' => 'nofollow'}
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
# Builds a Hash of options suitable for Sanitize.clean.
|
96
|
+
#
|
97
|
+
# Returns a Hash.
|
98
|
+
def to_hash
|
99
|
+
{ :elements => elements,
|
100
|
+
:attributes => attributes,
|
101
|
+
:protocols => protocols,
|
102
|
+
:add_attributes => add_attributes,
|
103
|
+
:allow_comments => allow_comments?
|
104
|
+
}
|
105
|
+
end
|
106
|
+
|
107
|
+
# Builds a Sanitize instance from the current options.
|
108
|
+
#
|
109
|
+
# Returns a Sanitize instance.
|
110
|
+
def to_sanitize
|
111
|
+
Sanitize.new(to_hash)
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
data/lib/gollum-site/site.rb
CHANGED
@@ -13,8 +13,8 @@ module Gollum
|
|
13
13
|
:markup_class => Gollum::SiteMarkup,
|
14
14
|
:page_class => Gollum::SitePage,
|
15
15
|
:base_path => options[:base_path],
|
16
|
-
:sanitization =>
|
17
|
-
:history_sanitization =>
|
16
|
+
:sanitization => Gollum::SiteSanitization.new,
|
17
|
+
:history_sanitization => Gollum::SiteSanitization.new
|
18
18
|
})
|
19
19
|
@wiki.site = self
|
20
20
|
@output_path = options[:output_path] || "_site"
|
data/lib/gollum-site/version.rb
CHANGED
data/lib/gollum-site.rb
CHANGED
metadata
CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
5
5
|
segments:
|
6
6
|
- 0
|
7
7
|
- 1
|
8
|
-
-
|
9
|
-
version: 0.1.
|
8
|
+
- 9
|
9
|
+
version: 0.1.9
|
10
10
|
platform: ruby
|
11
11
|
authors:
|
12
12
|
- Daniel Reverri
|
@@ -14,7 +14,7 @@ autorequire:
|
|
14
14
|
bindir: bin
|
15
15
|
cert_chain: []
|
16
16
|
|
17
|
-
date: 2011-
|
17
|
+
date: 2011-04-05 00:00:00 -07:00
|
18
18
|
default_executable:
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
@@ -468,6 +468,7 @@ files:
|
|
468
468
|
- lib/gollum-site/log.rb
|
469
469
|
- lib/gollum-site/markup.rb
|
470
470
|
- lib/gollum-site/page.rb
|
471
|
+
- lib/gollum-site/sanitization.rb
|
471
472
|
- lib/gollum-site/site.rb
|
472
473
|
- lib/gollum-site/version.rb
|
473
474
|
- lib/gollum-site/wiki.rb
|