govspeak 1.2.5 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/govspeak.rb +4 -0
- data/lib/govspeak/html_sanitizer.rb +6 -0
- data/lib/govspeak/version.rb +1 -1
- data/test/govspeak_test.rb +5 -0
- data/test/html_sanitizer_test.rb +5 -0
- metadata +4 -4
data/lib/govspeak.rb
CHANGED
|
@@ -39,6 +39,10 @@ module Govspeak
|
|
|
39
39
|
HtmlSanitizer.new(to_html).sanitize
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
+
def to_sanitized_html_without_images
|
|
43
|
+
HtmlSanitizer.new(to_html).sanitize_without_images
|
|
44
|
+
end
|
|
45
|
+
|
|
42
46
|
def to_text
|
|
43
47
|
HTMLEntities.new.decode(to_html.gsub(/(?:<[^>]+>|\s)+/, " ").strip)
|
|
44
48
|
end
|
|
@@ -9,6 +9,12 @@ class Govspeak::HtmlSanitizer
|
|
|
9
9
|
Sanitize.clean(@dirty_html, sanitize_config)
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
+
def sanitize_without_images
|
|
13
|
+
config = sanitize_config
|
|
14
|
+
config[:elements].delete('img')
|
|
15
|
+
Sanitize.clean(@dirty_html, config)
|
|
16
|
+
end
|
|
17
|
+
|
|
12
18
|
def sanitize_config
|
|
13
19
|
config = Sanitize::Config::RELAXED.dup
|
|
14
20
|
config[:attributes][:all].push("id", "class")
|
data/lib/govspeak/version.rb
CHANGED
data/test/govspeak_test.rb
CHANGED
|
@@ -453,6 +453,11 @@ $CTA
|
|
|
453
453
|
test "can sanitize a document" do
|
|
454
454
|
document = Govspeak::Document.new("<script>doBadThings();</script>")
|
|
455
455
|
assert_equal "doBadThings();", document.to_sanitized_html
|
|
456
|
+
end
|
|
457
|
+
|
|
458
|
+
test "can sanitize a document without image" do
|
|
459
|
+
document = Govspeak::Document.new("<script>doBadThings();</script><img src='https://example.com/image.jpg'>")
|
|
460
|
+
assert_equal "doBadThings();<p></p>", document.to_sanitized_html_without_images
|
|
456
461
|
end
|
|
457
462
|
|
|
458
463
|
test "identifies a Govspeak document containing malicious HTML as invalid" do
|
data/test/html_sanitizer_test.rb
CHANGED
|
@@ -27,4 +27,9 @@ class HtmlSanitizerTest < Test::Unit::TestCase
|
|
|
27
27
|
html = "Fortnum & Mason"
|
|
28
28
|
assert_equal "Fortnum & Mason", Govspeak::HtmlSanitizer.new(html).sanitize
|
|
29
29
|
end
|
|
30
|
+
|
|
31
|
+
test "can strip images" do
|
|
32
|
+
html = "<img src='http://example.com/image.jgp'>"
|
|
33
|
+
assert_equal "", Govspeak::HtmlSanitizer.new(html).sanitize_without_images
|
|
34
|
+
end
|
|
30
35
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: govspeak
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.3.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2014-02-03 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: kramdown
|
|
@@ -162,7 +162,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
162
162
|
version: '0'
|
|
163
163
|
segments:
|
|
164
164
|
- 0
|
|
165
|
-
hash:
|
|
165
|
+
hash: 3587010685364545485
|
|
166
166
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
167
167
|
none: false
|
|
168
168
|
requirements:
|
|
@@ -171,7 +171,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
171
171
|
version: '0'
|
|
172
172
|
segments:
|
|
173
173
|
- 0
|
|
174
|
-
hash:
|
|
174
|
+
hash: 3587010685364545485
|
|
175
175
|
requirements: []
|
|
176
176
|
rubyforge_project:
|
|
177
177
|
rubygems_version: 1.8.23
|