govspeak 6.4.0 → 6.5.4

data/test/govspeak_structured_headers_test.rb

@@ -1,4 +1,4 @@
-require 'test_helper'
+require "test_helper"
 
 class GovspeakStructuredHeadersTest < Minitest::Test
   def document_body
@@ -90,7 +90,7 @@ class GovspeakStructuredHeadersTest < Minitest::Test
               text: "Sub sub heading 2.2.1",
               level: 4,
               id: "sub-sub-heading-221",
-              headers: []
+              headers: [],
             },
           ],
         },

data/test/govspeak_table_with_headers_test.rb

@@ -1,4 +1,4 @@
-require 'test_helper'
+require "test_helper"
 
 class GovspeakTableWithHeadersTest < Minitest::Test
   def expected_outcome

data/test/govspeak_test.rb

@@ -1,9 +1,9 @@
 # encoding: UTF-8
 
-require 'test_helper'
-require 'govspeak_test_helper'
+require "test_helper"
+require "govspeak_test_helper"
 
-require 'ostruct'
+require "ostruct"
 
 class GovspeakTest < Minitest::Test
   include GovspeakTestHelper
@@ -20,7 +20,7 @@ class GovspeakTest < Minitest::Test
 
   test "strips forbidden unicode characters" do
     rendered = Govspeak::Document.new(
-      "this is text with forbidden characters \ufffc\u2028\ufeff\u202c\u202a"
+      "this is text with forbidden characters \u0008\u000b\ufffe\u{2ffff}\u{5fffe}",
     ).to_html
     assert_equal "<p>this is text with forbidden characters</p>\n", rendered
   end
@@ -44,17 +44,17 @@ class GovspeakTest < Minitest::Test
 ## Medium title
 }
     assert_equal [
-      Govspeak::Header.new('Big title', 1, 'big-title'),
-      Govspeak::Header.new('Small subtitle', 3, 'small-subtitle'),
-      Govspeak::Header.new('Medium title', 2, 'medium-title')
+      Govspeak::Header.new("Big title", 1, "big-title"),
+      Govspeak::Header.new("Small subtitle", 3, "small-subtitle"),
+      Govspeak::Header.new("Medium title", 2, "medium-title"),
     ], document.headers
   end
 
   test "extracts different ids for duplicate headers" do
     document = Govspeak::Document.new("## Duplicate header\n\n## Duplicate header")
     assert_equal [
-      Govspeak::Header.new('Duplicate header', 2, 'duplicate-header'),
-      Govspeak::Header.new('Duplicate header', 2, 'duplicate-header-1')
+      Govspeak::Header.new("Duplicate header", 2, "duplicate-header"),
+      Govspeak::Header.new("Duplicate header", 2, "duplicate-header-1"),
     ], document.headers
   end
 
@@ -76,10 +76,10 @@ class GovspeakTest < Minitest::Test
 </div>
 }
     assert_equal [
-      Govspeak::Header.new('First title', 1, 'first-title'),
-      Govspeak::Header.new('Nested subtitle', 2, 'nested-subtitle'),
-      Govspeak::Header.new('Double nested subtitle', 3, 'double-nested-subtitle'),
-      Govspeak::Header.new('Second double subtitle', 3, 'second-double-subtitle')
+      Govspeak::Header.new("First title", 1, "first-title"),
+      Govspeak::Header.new("Nested subtitle", 2, "nested-subtitle"),
+      Govspeak::Header.new("Double nested subtitle", 3, "double-nested-subtitle"),
+      Govspeak::Header.new("Second double subtitle", 3, "second-double-subtitle"),
     ], document.headers
   end
 
@@ -90,8 +90,8 @@ class GovspeakTest < Minitest::Test
 ## Second title {#special}
 }
     assert_equal [
-      Govspeak::Header.new('First title', 1, 'first-title'),
-      Govspeak::Header.new('Second title', 2, 'special'),
+      Govspeak::Header.new("First title", 1, "first-title"),
+      Govspeak::Header.new("Second title", 2, "special"),
     ], document.headers
   end
 
@@ -360,7 +360,7 @@ Teston
   # TODO: review whether we should require closing symbols for these extensions
   #       need to check all existing content.
   test_given_govspeak "xaa" do
-    assert_html_output '<p>xaa</p>'
+    assert_html_output "<p>xaa</p>"
     assert_text_output "xaa"
   end
 
@@ -639,12 +639,12 @@ Teston
       }
   end
 
-  test 'sanitize source input by default' do
+  test "sanitize source input by default" do
     document = Govspeak::Document.new("<script>doBadThings();</script>")
     assert_equal "", document.to_html.strip
   end
 
-  test 'it can have sanitizing disabled' do
+  test "it can have sanitizing disabled" do
     document = Govspeak::Document.new("<script>doGoodThings();</script>", sanitize: false)
     assert_equal "<script>doGoodThings();</script>", document.to_html.strip
   end

data/test/html_sanitizer_test.rb

@@ -31,19 +31,37 @@ class HtmlSanitizerTest < Minitest::Test
     html = "<a href='#' data-module='cross-domain-tracking' data-tracking-code='UA-XXXXXX-Y' data-tracking-name='govspeakButtonTracker'></a>"
     assert_equal(
       "<a href=\"#\" data-module=\"cross-domain-tracking\" data-tracking-code=\"UA-XXXXXX-Y\" data-tracking-name=\"govspeakButtonTracker\"></a>",
-      Govspeak::HtmlSanitizer.new(html).sanitize
+      Govspeak::HtmlSanitizer.new(html).sanitize,
+    )
+  end
+
+  test "allow data attributes on links" do
+    html = "<a href='/' data-module='track-click' data-ecommerce-path='/' data-track-category='linkClicked'>Test Link</a>"
+
+    assert_equal(
+      "<a href=\"/\" data-module=\"track-click\" data-ecommerce-path=\"/\" data-track-category=\"linkClicked\">Test Link</a>",
+      Govspeak::HtmlSanitizer.new(html).sanitize,
+    )
+  end
+
+  test "allow data attributes on divs" do
+    html = "<div data-module='toggle' data-ecommerce-path='/' data-track-category='someDiv'>Test Div</div>"
+
+    assert_equal(
+      "<div data-module=\"toggle\" data-ecommerce-path=\"/\" data-track-category=\"someDiv\">Test Div</div>",
+      Govspeak::HtmlSanitizer.new(html).sanitize,
     )
   end
 
   test "allows images on whitelisted domains" do
     html = "<img src='http://allowed.com/image.jgp'>"
-    sanitized_html = Govspeak::HtmlSanitizer.new(html, allowed_image_hosts: ['allowed.com']).sanitize
+    sanitized_html = Govspeak::HtmlSanitizer.new(html, allowed_image_hosts: ["allowed.com"]).sanitize
     assert_equal "<img src=\"http://allowed.com/image.jgp\">", sanitized_html
   end
 
   test "removes images not on whitelisted domains" do
     html = "<img src='http://evil.com/image.jgp'>"
-    assert_equal "", Govspeak::HtmlSanitizer.new(html, allowed_image_hosts: ['allowed.com']).sanitize
+    assert_equal "", Govspeak::HtmlSanitizer.new(html, allowed_image_hosts: ["allowed.com"]).sanitize
   end
 
   test "allows table cells and table headings without a style attribute" do
@@ -53,12 +71,12 @@ class HtmlSanitizerTest < Minitest::Test
 
   test "strips table cells and headings that appear outside a table" do
     html = "<th>thing</th></tr><tr><td>thing</td>"
-    assert_equal 'thingthing', Govspeak::HtmlSanitizer.new(html).sanitize
+    assert_equal "thingthing", Govspeak::HtmlSanitizer.new(html).sanitize
   end
 
   test "normalizes table tags to inject missing rows and bodies like a browser does" do
     html = "<table><th>thing</th><td>thing</td></table>"
-    assert_equal '<table><tbody><tr><th>thing</th><td>thing</td></tr></tbody></table>', Govspeak::HtmlSanitizer.new(html).sanitize
+    assert_equal "<table><tbody><tr><th>thing</th><td>thing</td></tr></tbody></table>", Govspeak::HtmlSanitizer.new(html).sanitize
   end
 
 
@@ -73,10 +91,10 @@ class HtmlSanitizerTest < Minitest::Test
       "text-align: middle",
       "text-align: left; width: 10px",
       "background-image: url(javascript:alert('XSS'))",
-      "expression(alert('XSS'));"
+      "expression(alert('XSS'));",
     ].each do |style|
       html = "<table><thead><tr><th style=\"#{style}\">thing</th></tr></thead><tbody><tr><td style=\"#{style}\">thing</td></tr></tbody></table>"
-      assert_equal '<table><thead><tr><th>thing</th></tr></thead><tbody><tr><td>thing</td></tr></tbody></table>', Govspeak::HtmlSanitizer.new(html).sanitize
+      assert_equal "<table><thead><tr><th>thing</th></tr></thead><tbody><tr><td>thing</td></tr></tbody></table>", Govspeak::HtmlSanitizer.new(html).sanitize
     end
   end
 end

data/test/html_validator_test.rb

@@ -51,7 +51,7 @@ class HtmlValidatorTest < Minitest::Test
       $P
       ",
       ":england:content goes here:england:",
-      ":scotland:content goes here:scotland:"
+      ":scotland:content goes here:scotland:",
     ]
     values.each do |value|
       assert Govspeak::HtmlValidator.new(value).valid?
@@ -88,7 +88,7 @@ class HtmlValidatorTest < Minitest::Test
 
   test "optionally disallow images not on a whitelisted domain" do
     html = "<img src='http://evil.com/image.jgp'>"
-    assert Govspeak::HtmlValidator.new(html, allowed_image_hosts: ['allowed.com']).invalid?
+    assert Govspeak::HtmlValidator.new(html, allowed_image_hosts: ["allowed.com"]).invalid?
   end
 
   test "allow <div> and <span> HTML elements" do

data/test/presenters/h_card_presenter_test.rb

@@ -1,93 +1,93 @@
 # encoding: utf-8
 
-require 'test_helper'
-require 'ostruct'
+require "test_helper"
+require "ostruct"
 
 class HCardPresenterTest < Minitest::Test
   def unindent(html)
-    html.gsub(/^\s+/, '')
+    html.gsub(/^\s+/, "")
   end
 
   test "renders address in UK format" do
-    assert_equal unindent(gb_addr), HCardPresenter.new(addr_fields, 'GB').render
+    assert_equal unindent(gb_addr), HCardPresenter.new(addr_fields, "GB").render
   end
 
   test "renders address in Spanish format" do
-    assert_equal unindent(es_addr), HCardPresenter.new(addr_fields, 'ES').render
+    assert_equal unindent(es_addr), HCardPresenter.new(addr_fields, "ES").render
   end
 
   test "renders address in Japanese format" do
-    assert_equal unindent(jp_addr), HCardPresenter.new(addr_fields, 'JP').render
+    assert_equal unindent(jp_addr), HCardPresenter.new(addr_fields, "JP").render
   end
 
   test "doesn't clobber address formats" do
-    gb_format_before = HCardPresenter.address_formats['gb'].dup
-    HCardPresenter.new(addr_fields, 'GB').render
+    gb_format_before = HCardPresenter.address_formats["gb"].dup
+    HCardPresenter.new(addr_fields, "GB").render
 
-    assert_equal unindent(gb_format_before), HCardPresenter.address_formats['gb']
+    assert_equal unindent(gb_format_before), HCardPresenter.address_formats["gb"]
   end
 
   test "blank properties do not render extra line breaks" do
     fields_without_region = addr_fields
-    fields_without_region.delete('region')
+    fields_without_region.delete("region")
 
-    assert_equal unindent(addr_without_region), HCardPresenter.new(fields_without_region, 'GB').render
+    assert_equal unindent(addr_without_region), HCardPresenter.new(fields_without_region, "GB").render
   end
 
   test "doesn't render a property when it's a blank string" do
     fields = addr_fields
 
-    fields['region'] = ''
-    assert_equal unindent(addr_without_region), HCardPresenter.new(fields, 'GB').render
+    fields["region"] = ""
+    assert_equal unindent(addr_without_region), HCardPresenter.new(fields, "GB").render
 
-    fields['region'] = '   '
-    assert_equal unindent(addr_without_region), HCardPresenter.new(fields, 'GB').render
+    fields["region"] = "   "
+    assert_equal unindent(addr_without_region), HCardPresenter.new(fields, "GB").render
   end
 
-  test 'uses html escaping on property values' do
+  test "uses html escaping on property values" do
     fields = addr_fields
 
-    fields['region'] = 'UK & Channel Islands'
-    assert_includes HCardPresenter.new(fields, 'GB').render, "UK &amp; Channel Islands"
+    fields["region"] = "UK & Channel Islands"
+    assert_includes HCardPresenter.new(fields, "GB").render, "UK &amp; Channel Islands"
   end
 
   test "it defaults to UK format" do
-    assert_equal unindent(gb_addr), HCardPresenter.new(addr_fields, 'FUBAR').render
+    assert_equal unindent(gb_addr), HCardPresenter.new(addr_fields, "FUBAR").render
   end
 
   test "it builds from a Contact" do
-    contact = OpenStruct.new(recipient: 'Recipient',
-                             street_address: 'Street',
-                             locality: 'Locality',
-                             region: 'Region',
-                             postal_code: 'Postcode',
-                             country_name: 'Country',
-                             country_code: 'ES')
+    contact = OpenStruct.new(recipient: "Recipient",
+                             street_address: "Street",
+                             locality: "Locality",
+                             region: "Region",
+                             postal_code: "Postcode",
+                             country_name: "Country",
+                             country_code: "ES")
     hcard = HCardPresenter.from_contact(contact)
 
     assert_equal unindent(es_addr), hcard.render
   end
 
   test "it leaves out the country name when building a GB contact" do
-    contact = OpenStruct.new(recipient: 'Recipient',
-                             street_address: 'Street',
-                             locality: 'Locality',
-                             region: 'Region',
-                             postal_code: 'Postcode',
-                             country_name: 'Country',
-                             country_code: 'GB')
+    contact = OpenStruct.new(recipient: "Recipient",
+                             street_address: "Street",
+                             locality: "Locality",
+                             region: "Region",
+                             postal_code: "Postcode",
+                             country_name: "Country",
+                             country_code: "GB")
     hcard = HCardPresenter.from_contact(contact)
 
     assert_equal unindent(addr_without_country), hcard.render
   end
 
   def addr_fields
-    { 'fn' => 'Recipient',
-      'street-address' => 'Street',
-      'postal-code' => 'Postcode',
-      'locality' => 'Locality',
-      'region' => 'Region',
-      'country-name' => 'Country' }
+    { "fn" => "Recipient",
+      "street-address" => "Street",
+      "postal-code" => "Postcode",
+      "locality" => "Locality",
+      "region" => "Region",
+      "country-name" => "Country" }
   end
 
   def gb_addr

data/test/test_helper.rb

@@ -1,20 +1,20 @@
-require 'simplecov'
-require 'simplecov-rcov'
+require "simplecov"
+require "simplecov-rcov"
 
 SimpleCov.start
 SimpleCov.formatter = SimpleCov::Formatter::RcovFormatter
 
 $:.unshift(File.expand_path("../lib")) unless $:.include?(File.expand_path("../lib"))
 
-require 'bundler'
+require "bundler"
 Bundler.setup :default, :development, :test
 
-require 'minitest/autorun'
+require "minitest/autorun"
 
 class Minitest::Test
   class << self
     def test(name, &block)
-      clean_name = name.gsub(/\s+/, '_')
+      clean_name = name.gsub(/\s+/, "_")
       method = "test_#{clean_name.gsub(/\s+/, '_')}".to_sym
       already_defined = instance_method(method) rescue false
       raise "#{method} exists" if already_defined
@@ -24,4 +24,4 @@ class Minitest::Test
   end
 end
 
-require 'govspeak'
+require "govspeak"

metadata

@@ -1,29 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: govspeak
 version: !ruby/object:Gem::Version
-  version: 6.4.0
+  version: 6.5.4
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-22 00:00:00.000000000 Z
+date: 2020-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionview
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7'
 - !ruby/object:Gem::Dependency
   name: addressable
   requirement: !ruby/object:Gem::Requirement
@@ -48,16 +54,16 @@ dependencies:
   name: govuk_publishing_components
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '16.16'
+        version: '21.4'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '16.16'
+        version: '21.4'
 - !ruby/object:Gem::Dependency
   name: htmlentities
   requirement: !ruby/object:Gem::Requirement
@@ -146,30 +152,22 @@ dependencies:
   name: sanitize
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 5.2.1
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5'
-- !ruby/object:Gem::Dependency
-  name: govuk-lint
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 3.11.5
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+        version: 5.2.1
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 3.11.5
+        version: '6'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -212,6 +210,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.0
+- !ruby/object:Gem::Dependency
+  name: rubocop-govuk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.3.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.3.2
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -359,23 +371,23 @@ signing_key:
 specification_version: 4
 summary: Markup language for single domain
 test_files:
-- test/govspeak_attachments_inline_test.rb
-- test/govspeak_attachment_test.rb
 - test/govspeak_attachment_link_test.rb
-- test/govspeak_images_test.rb
-- test/govspeak_table_with_headers_test.rb
-- test/govspeak_link_test.rb
-- test/govspeak_images_bang_test.rb
-- test/govspeak_link_extractor_test.rb
-- test/govspeak_contacts_test.rb
 - test/test_helper.rb
+- test/govspeak_button_test.rb
 - test/govspeak_test.rb
-- test/govspeak_attachments_image_test.rb
 - test/html_validator_test.rb
-- test/govspeak_structured_headers_test.rb
-- test/govspeak_extract_contact_content_ids_test.rb
-- test/blockquote_extra_quote_remover_test.rb
-- test/presenters/h_card_presenter_test.rb
-- test/govspeak_button_test.rb
+- test/govspeak_attachment_test.rb
+- test/govspeak_contacts_test.rb
 - test/govspeak_test_helper.rb
+- test/blockquote_extra_quote_remover_test.rb
+- test/govspeak_table_with_headers_test.rb
+- test/govspeak_attachments_image_test.rb
 - test/html_sanitizer_test.rb
+- test/govspeak_link_test.rb
+- test/govspeak_extract_contact_content_ids_test.rb
+- test/govspeak_structured_headers_test.rb
+- test/govspeak_images_test.rb
+- test/presenters/h_card_presenter_test.rb
+- test/govspeak_images_bang_test.rb
+- test/govspeak_link_extractor_test.rb
+- test/govspeak_attachments_inline_test.rb