RubyGems - govspeak - Versions diffs - 6.5.7 → 6.6.0 - Mend

govspeak 6.5.7 → 6.6.0

Files changed (11) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +20 -0
data/README.md +2 -2
data/lib/govspeak.rb +6 -2
data/lib/govspeak/html_sanitizer.rb +5 -4
data/lib/govspeak/post_processor.rb +11 -0
data/lib/govspeak/version.rb +1 -1
data/test/govspeak_footnote_test.rb +46 -0
data/test/govspeak_test.rb +24 -0
data/test/html_sanitizer_test.rb +6 -0
metadata +12 -10

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f6cd5f76c1c1a80f74d86785f10b591bdfc1f75f2e6b2dcf874e8b39ab0e213c
-  data.tar.gz: 4be63d972c6fd0acd9a09120930760230e45ffd59522689177602d977b9443ba
+  metadata.gz: 6369a640dd1ca0303f548954b3cd69f176707200d83d460408eadbb7c7b35158
+  data.tar.gz: fb487bd7275c39da3b3ff34fb4bbb016c77e4666a778c42dd8098c0ef50b3ea5
 SHA512:
-  metadata.gz: 6ef225809fc1434259a89d44f5d5c48f9afed99dabe5b81306347a19fe50df08ecbc1c906fa2ee704a9f63b3d9448d88ddeaa1ef110a49c99ba6441da299a0c5
-  data.tar.gz: ce7ec875cb1b33b353469846ba9c5226fbffc13551ef74cb92508e5ca7f76f1519b1c6a9b288d9978b52c16cc9fa9cb7c7500c5f3fedbc35c9c846e0faa029e2
+  metadata.gz: 85fe44ebb3c921918bb22148c4d53394d3e5921b1c5b778815bb09120832e7820805555aa68756799a257a05c4fb5efdeb5df53a453009b2333db528fafa5f29
+  data.tar.gz: 82dc434b862384862420ea07e45d00e2020b5ea20fd7a52ee5196bb5a6786d4c3facd15e64917c0bfd700ac0a1c3aaaa7e761c6970640c60b118f40ca5a1f0e8

data/CHANGELOG.md CHANGED

@@ -1,3 +1,23 @@
+## 6.6.0
+* Allow passed elements to be relaxed from sanitization [#203](https://github.com/alphagov/govspeak/pull/203)
+## 6.5.11
+* Fix issue rendering $CTA blocks before $C (PR#202)
+## 6.5.10
+* Be optimistic in versions of govuk_publishing_components and i18n allowed (PR#200)
+## 6.5.9
+* Adjust footnote markup to accommodate multiple references (PR#198)
+## 6.5.8
+* Customise footnote markup for accessibility (PR#192)
 ## 6.5.7
 * Update GOV.UK Publishing components to version to 23.0.0 or greater

data/README.md CHANGED

@@ -65,7 +65,7 @@ creates an example box
 ## Highlights
-### Advisory
+### Advisory (DEPRECATED: marked for removal. Use 'Information callouts' instead.)
     @This is a very important message or warning@
@@ -77,7 +77,7 @@ highlights the enclosed text in yellow
 </h3>
 ```
-### Answer
+### Answer (DEPRECATED: marked for removal)
     {::highlight-answer}
     The VAT rate is *20%*

data/lib/govspeak.rb CHANGED

@@ -53,6 +53,7 @@ module Govspeak
       @source = source ? source.dup : ""
       @images = options.delete(:images) || []
+      @allowed_elements = options.delete(:allowed_elements) || []
       @attachments = Array.wrap(options.delete(:attachments))
       @links = Array.wrap(options.delete(:links))
       @contacts = Array.wrap(options.delete(:contacts))
@@ -66,7 +67,7 @@ module Govspeak
     def to_html
       @to_html ||= begin
                      html = if @options[:sanitize]
-                              HtmlSanitizer.new(kramdown_doc.to_html).sanitize
+                              HtmlSanitizer.new(kramdown_doc.to_html).sanitize(allowed_elements: @allowed_elements)
                             else
                               kramdown_doc.to_html
                             end
@@ -272,6 +273,10 @@ module Govspeak
       lines.join
     end
+    # More specific tags must be defined first. Those defined earlier have a
+    # higher precedence for being matched. For example $CTA must be defined
+    # before $C otherwise the first ($C)TA fill be matched to a contact tag.
+    wrap_with_div("call-to-action", "$CTA", Govspeak::Document)
     wrap_with_div("summary", "$!")
     wrap_with_div("form-download", "$D")
     wrap_with_div("contact", "$C")
@@ -279,7 +284,6 @@ module Govspeak
     wrap_with_div("information", "$I", Govspeak::Document)
     wrap_with_div("additional-information", "$AI")
     wrap_with_div("example", "$E", Govspeak::Document)
-    wrap_with_div("call-to-action", "$CTA", Govspeak::Document)
     extension("address", surrounded_by("$A")) do |body|
       %(\n<div class="address"><div class="adr org fn"><p>\n#{body.sub("\n", '').gsub("\n", '<br />')}\n</p></div></div>\n)

data/lib/govspeak/html_sanitizer.rb CHANGED

@@ -40,18 +40,19 @@ class Govspeak::HtmlSanitizer
     @allowed_image_hosts = options[:allowed_image_hosts]
   end
-  def sanitize
+  def sanitize(allowed_elements: [])
     transformers = [TableCellTextAlignWhitelister.new]
     if @allowed_image_hosts && @allowed_image_hosts.any?
       transformers << ImageSourceWhitelister.new(@allowed_image_hosts)
     end
-    Sanitize.clean(@dirty_html, Sanitize::Config.merge(sanitize_config, transformers: transformers))
+    Sanitize.clean(@dirty_html, Sanitize::Config.merge(sanitize_config(allowed_elements: allowed_elements), transformers: transformers))
   end
-  def sanitize_config
+  def sanitize_config(allowed_elements: [])
     Sanitize::Config.merge(
       Sanitize::Config::RELAXED,
-      elements: Sanitize::Config::RELAXED[:elements] + %w[govspeak-embed-attachment govspeak-embed-attachment-link svg path],
+      elements: Sanitize::Config::RELAXED[:elements] + %w[govspeak-embed-attachment govspeak-embed-attachment-link svg path].concat(allowed_elements),
       attributes: {
         :all => Sanitize::Config::RELAXED[:attributes][:all] + %w[role aria-label],
         "a" => Sanitize::Config::RELAXED[:attributes]["a"] + [:data],

data/lib/govspeak/post_processor.rb CHANGED

@@ -120,6 +120,17 @@ module Govspeak
       end
     end
+    extension("use custom footnotes") do |document|
+      document.css("a.footnote").map do |el|
+        footnote_number = el[:href].gsub(/\D/, "")
+        el.content = "[footnote #{footnote_number}]"
+      end
+      document.css("[role='doc-backlink']").map do |el|
+        backlink_number = " " + el.css("sup")[0].content if el.css("sup")[0].present?
+        el["aria-label"] = "go to where this is referenced#{backlink_number}"
+      end
+    end
     attr_reader :input, :govspeak_document
     def initialize(html, govspeak_document)

data/lib/govspeak/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Govspeak
-  VERSION = "6.5.7".freeze
+  VERSION = "6.6.0".freeze
 end

data/test/govspeak_footnote_test.rb ADDED

@@ -0,0 +1,46 @@
+require "test_helper"
+require "govspeak_test_helper"
+class GovspeakFootnoteTest < Minitest::Test
+  include GovspeakTestHelper
+  test_given_govspeak "
+    Footnotes can be added[^1].
+    [^1]: And then later defined.
+    Footnotes can be added too[^2].
+    [^2]: And then later defined too.
+    This footnote has a reference number[^3].
+    And this footnote has the same reference number[^3].
+    [^3]: And then they both point here." do
+    assert_html_output(
+      %(
+      <p>Footnotes can be added<sup id="fnref:1" role="doc-noteref"><a href="#fn:1" class="footnote">[footnote 1]</a></sup>.</p>
+      <p>Footnotes can be added too<sup id="fnref:2" role="doc-noteref"><a href="#fn:2" class="footnote">[footnote 2]</a></sup>.</p>
+      <p>This footnote has a reference number<sup id="fnref:3" role="doc-noteref"><a href="#fn:3" class="footnote">[footnote 3]</a></sup>.</p>
+      <p>And this footnote has the same reference number<sup id="fnref:3:1" role="doc-noteref"><a href="#fn:3" class="footnote">[footnote 3]</a></sup>.</p>
+      <div class="footnotes" role="doc-endnotes">
+        <ol>
+          <li id="fn:1" role="doc-endnote">
+            <p>And then later defined. <a href="#fnref:1" class="reversefootnote" role="doc-backlink" aria-label="go to where this is referenced">↩</a></p>
+          </li>
+          <li id="fn:2" role="doc-endnote">
+            <p>And then later defined too. <a href="#fnref:2" class="reversefootnote" role="doc-backlink" aria-label="go to where this is referenced">↩</a></p>
+          </li>
+          <li id="fn:3" role="doc-endnote">
+            <p>And then they both point here. <a href="#fnref:3" class="reversefootnote" role="doc-backlink" aria-label="go to where this is referenced">↩</a> <a href="#fnref:3:1" class="reversefootnote" role="doc-backlink" aria-label="go to where this is referenced 2">↩<sup>2</sup></a></p>
+          </li>
+        </ol>
+      </div>),
+    )
+  end
+end

data/test/govspeak_test.rb CHANGED

@@ -440,6 +440,25 @@ Teston
       </div>)
   end
+  test_given_govspeak "
+    $CTA
+    Click here to start the tool
+    $CTA
+    $C
+    Here is some text
+    $C
+    " do
+    assert_html_output %(
+      <div class="call-to-action">
+      <p>Click here to start the tool</p>
+      </div>
+      <div class="contact">
+      <p>Here is some text</p>
+      </div>)
+  end
   test_given_govspeak "
     [internal link](http://www.not-external.com)
@@ -647,6 +666,11 @@ Teston
     assert_equal "<script>doGoodThings();</script>", document.to_html.strip
   end
+  test "it can exclude stipulated elements from sanitization" do
+    document = Govspeak::Document.new("<uncommon-element>some content</uncommon-element>", allowed_elements: %w[uncommon-element])
+    assert_equal "<uncommon-element>some content</uncommon-element>", document.to_html.strip
+  end
   test "identifies a Govspeak document containing malicious HTML as invalid" do
     document = Govspeak::Document.new("<script>doBadThings();</script>")
     refute document.valid?

data/test/html_sanitizer_test.rb CHANGED

@@ -96,4 +96,10 @@ class HtmlSanitizerTest < Minitest::Test
       assert_equal "<table><thead><tr><th>thing</th></tr></thead><tbody><tr><td>thing</td></tr></tbody></table>", Govspeak::HtmlSanitizer.new(html).sanitize
     end
   end
+  test "excludes specified elements from sanitization" do
+    html = "<custom-allowed-element><p>text</p></custom-allowed-element>"
+    assert_equal "<p>text</p>", Govspeak::HtmlSanitizer.new(html).sanitize
+    assert_equal html, Govspeak::HtmlSanitizer.new(html).sanitize(allowed_elements: %w[custom-allowed-element])
+  end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: govspeak
 version: !ruby/object:Gem::Version
-  version: 6.5.7
+  version: 6.6.0
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-11-03 00:00:00.000000000 Z
+date: 2021-01-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionview
@@ -54,16 +54,16 @@ dependencies:
   name: govuk_publishing_components
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 23.0.0
+        version: '23'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 23.0.0
+        version: '23'
 - !ruby/object:Gem::Dependency
   name: htmlentities
   requirement: !ruby/object:Gem::Requirement
@@ -82,14 +82,14 @@ dependencies:
   name: i18n
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.7'
 - !ruby/object:Gem::Dependency
@@ -174,14 +174,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.1
+        version: '5.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.1
+        version: '5.14'
 - !ruby/object:Gem::Dependency
   name: pry-byebug
   requirement: !ruby/object:Gem::Requirement
@@ -336,6 +336,7 @@ files:
 - test/govspeak_button_test.rb
 - test/govspeak_contacts_test.rb
 - test/govspeak_extract_contact_content_ids_test.rb
+- test/govspeak_footnote_test.rb
 - test/govspeak_images_bang_test.rb
 - test/govspeak_images_test.rb
 - test/govspeak_link_extractor_test.rb
@@ -382,6 +383,7 @@ test_files:
 - test/govspeak_button_test.rb
 - test/govspeak_extract_contact_content_ids_test.rb
 - test/govspeak_test_helper.rb
+- test/govspeak_footnote_test.rb
 - test/govspeak_link_test.rb
 - test/govspeak_structured_headers_test.rb
 - test/html_sanitizer_test.rb