gollum-site 0.1.8 → 0.1.9

data/lib/gollum-site/sanitization.rb

@@ -0,0 +1,115 @@
+module Gollum
+  # Encapsulate sanitization options.
+  #
+  # This class does not yet support all options of Sanitize library.
+  # See http://github.com/rgrove/sanitize/.
+  class SiteSanitization
+    # Default whitelisted elements.
+    ELEMENTS = [
+      'a', 'abbr', 'acronym', 'address', 'area', 'b', 'big',
+      'blockquote', 'br', 'button', 'caption', 'center', 'cite',
+      'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dir',
+      'div', 'dl', 'dt', 'em', 'fieldset', 'font', 'form', 'h1',
+      'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'img', 'input',
+      'ins', 'kbd', 'label', 'legend', 'li', 'map', 'menu',
+      'ol', 'optgroup', 'option', 'p', 'pre', 'q', 's', 'samp',
+      'select', 'small', 'span', 'strike', 'strong', 'sub',
+      'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th',
+      'thead', 'tr', 'tt', 'u', 'ul', 'var', 'iframe'
+    ].freeze
+
+    # Default whitelisted attributes.
+    ATTRIBUTES = {
+      'a'   => ['href'],
+      'img' => ['src'],
+      :all  => ['abbr', 'accept', 'accept-charset',
+                'accesskey', 'action', 'align', 'alt', 'axis',
+                'border', 'cellpadding', 'cellspacing', 'char',
+                'charoff', 'class', 'charset', 'checked', 'cite',
+                'clear', 'cols', 'colspan', 'color',
+                'compact', 'coords', 'datetime', 'dir',
+                'disabled', 'enctype', 'for', 'frame',
+                'headers', 'height', 'hreflang',
+                'hspace', 'ismap', 'label', 'lang',
+                'longdesc', 'maxlength', 'media', 'method',
+                'multiple', 'name', 'nohref', 'noshade',
+                'nowrap', 'prompt', 'readonly', 'rel', 'rev',
+                'rows', 'rowspan', 'rules', 'scope',
+                'selected', 'shape', 'size', 'span',
+                'start', 'summary', 'tabindex', 'target',
+                'title', 'type', 'usemap', 'valign', 'value',
+                'vspace', 'width', 'frameborder', 'id']
+    }.freeze
+
+    # Default whitelisted protocols for URLs.
+    PROTOCOLS = {
+      'a'   => {'href' => ['http', 'https', 'mailto', :relative]},
+      'img' => {'src'  => ['http', 'https', :relative]}
+    }.freeze
+
+    # Gets an Array of whitelisted HTML elements.  Default: ELEMENTS.
+    attr_reader :elements
+
+    # Gets a Hash describing which attributes are allowed in which HTML
+    # elements.  Default: ATTRIBUTES.
+    attr_reader :attributes
+
+    # Gets a Hash describing which URI protocols are allowed in HTML
+    # attributes.  Default: PROTOCOLS
+    attr_reader :protocols
+
+    # Gets a Hash describing HTML attributes that Sanitize should add.
+    # Default: {}
+    attr_reader :add_attributes
+
+    # Sets a boolean determining whether Sanitize allows HTML comments in the
+    # output.  Default: false.
+    attr_writer :allow_comments
+
+    def initialize
+      @elements       = ELEMENTS
+      @attributes     = ATTRIBUTES
+      @protocols      = PROTOCOLS
+      @add_attributes = {}
+      @allow_comments = false
+      yield self if block_given?
+    end
+
+    # Determines if Sanitize should allow HTML comments.
+    #
+    # Returns True if comments are allowed, or False.
+    def allow_comments?
+      !!@allow_comments
+    end
+
+    # Modifies the current Sanitization instance to sanitize older revisions
+    # of pages.
+    #
+    # Returns a Sanitization instance.
+    def history_sanitization
+      self.class.new do |sanitize|
+        sanitize.add_attributes['a'] = {'rel' => 'nofollow'}
+      end
+    end
+
+    # Builds a Hash of options suitable for Sanitize.clean.
+    #
+    # Returns a Hash.
+    def to_hash
+      { :elements       => elements,
+        :attributes     => attributes,
+        :protocols      => protocols,
+        :add_attributes => add_attributes,
+        :allow_comments => allow_comments?
+      }
+    end
+
+    # Builds a Sanitize instance from the current options.
+    #
+    # Returns a Sanitize instance.
+    def to_sanitize
+      Sanitize.new(to_hash)
+    end
+  end
+end
+

data/lib/gollum-site/site.rb

@@ -13,8 +13,8 @@ module Gollum
                                  :markup_class => Gollum::SiteMarkup,
                                  :page_class => Gollum::SitePage,
                                  :base_path => options[:base_path],
-                                 :sanitization => false,
-                                 :history_sanitization => false
+                                 :sanitization => Gollum::SiteSanitization.new,
+                                 :history_sanitization => Gollum::SiteSanitization.new
                                })
       @wiki.site = self
       @output_path = options[:output_path] || "_site"

data/lib/gollum-site/version.rb

@@ -1,5 +1,5 @@
 module Gollum
   class Site
-    VERSION = "0.1.8"
+    VERSION = "0.1.9"
   end
 end

data/lib/gollum-site.rb

@@ -15,3 +15,5 @@ require 'gollum-site/wiki'
 # Logging
 require 'mixlib/log'
 require 'gollum-site/log'
+
+require 'gollum-site/sanitization'

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 1
-  - 8
-  version: 0.1.8
+  - 9
+  version: 0.1.9
 platform: ruby
 authors: 
 - Daniel Reverri
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-03-31 00:00:00 -07:00
+date: 2011-04-05 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -468,6 +468,7 @@ files:
 - lib/gollum-site/log.rb
 - lib/gollum-site/markup.rb
 - lib/gollum-site/page.rb
+- lib/gollum-site/sanitization.rb
 - lib/gollum-site/site.rb
 - lib/gollum-site/version.rb
 - lib/gollum-site/wiki.rb