gravatarify 2.0.3 → 2.0.4

data/README.md

@@ -9,7 +9,6 @@ displaying lots of avatars).
 
 - **Source**: <http://github.com/lwe/gravatarify>
 - **Docs**:   <http://rdoc.info/projects/lwe/gravatarify>
-- **List**:   <http://groups.google.com/group/gravatarify-plugin>
 - **Gem**:    <http://gemcutter.org/gems/gravatarify>
 
 **UPGRADE NOTES:** Version 2.x is a clean-up release which breaks backwards compatibility

data/VERSION.yml

@@ -1,4 +1,5 @@
 --- 
 :major: 2
 :minor: 0
-:patch: 3
+:build: 
+:patch: 4

data/lib/gravatarify/base.rb

@@ -1,15 +1,19 @@
 require 'digest/md5'
+require 'cgi'
 
 module Gravatarify
-  # Hash of 'ultra_long_option_name' => 'abbrevated option'
-  # :nodoc:
-  GRAVATAR_ABBREV_OPTIONS = { 'default' => 'd', 'rating' => 'r', 'size' => 's' }
+  # Hash of :ultra_long_option_name => :abbr_opt
+  GRAVATAR_ABBREV_OPTIONS = { 'default' => :d, :default => :d, 'rating' => :r, :rating => :r, 'size' => :s, :size => :s }
   
   class << self
-    # Globally define options which are then merged on every call to
-    # +gravatar_url+, this is useful to e.g. define the default image.
+    
+    # Global options which are merged on every call to
+    # +gravatar_url+, this is useful to e.g. define a default image.
+    #
+    # When using Rails defining default options is best done in an
+    # initializer +config/initializers/gravatarify.rb+ (or similar).
     #
-    # Setting global options should be done (for Rails apps) in an initializer:
+    # Usage examples:
     #
     #     # set the default image using a Proc
     #     Gravatarify.options[:default] = Proc.new { |*args| "http://example.com/avatar-#{args.first[:size] || 80}.jpg" }
@@ -115,11 +119,10 @@ module Gravatarify
       # Builds a query string from all passed in options.
       def build_gravatar_options(source, url_options = {})
         params = url_options.inject([]) do |params, (key, value)|
-          key = key.to_s
-          if key != 'html'
-            key = GRAVATAR_ABBREV_OPTIONS[key] if GRAVATAR_ABBREV_OPTIONS.include?(key) # shorten key!
-            value = value.call(url_options, source) if key == 'd' and value.respond_to?(:call)
-            params << "#{Utils.escape(key)}=#{Utils.escape(value)}" if value
+          key = (GRAVATAR_ABBREV_OPTIONS[key] || key).to_sym # shorten key
+          unless key == :html
+            value = value.call(url_options, source) if key == :d and value.respond_to?(:call)
+            params << "#{key}=#{CGI.escape(value.to_s)}" if value
           end
           params
         end

data/lib/gravatarify/helper.rb

@@ -1,6 +1,6 @@
 module Gravatarify::Helper
   include Gravatarify::Base
-    
+      
   # Helper method for HAML to return a neat hash to be used as attributes in an image tag.
   #
   # Now it's as simple as doing something like:
@@ -31,7 +31,8 @@ module Gravatarify::Helper
   #        image tag.
   # @return [String] a complete and hopefully valid +img+ tag.
   def gravatar_tag(email, *params)
-    html_attrs = gravatar_attrs(email, *params).map { |key,value| "#{key}=\"#{Gravatarify::Utils.escape_html(value)}\"" }.sort.join(" ")
-    "<img #{html_attrs} />"
+    html_attrs = gravatar_attrs(email, *params).map { |key,value| "#{key}=\"#{CGI.escapeHTML(value.to_s)}\"" }.sort.join(" ")
+    html = "<img #{html_attrs} />"
+    Gravatarify::Utils.with_xss? ? html.html_safe! : html
   end
 end

data/lib/gravatarify/utils.rb

@@ -1,24 +1,8 @@
-begin; require 'rack/utils'; rescue LoadError; require 'cgi' end
-
-module Gravatarify
-  module Utils #:nodoc:          
-    # Helper method to URI escape a string using either <tt>Rack::Utils#escape</tt> if available or else
-    # fallback to <tt>CGI#escape</tt>.
-    def self.escape(str)
-      str = str.to_s
-      defined?(Rack::Utils) ? Rack::Utils.escape(str) : CGI.escape(str)
-    end
-    
-    # Escape HTML entities in string, basically falls back to either <tt>RackUtils#escape_html</tt>
-    # or <tt>CGI#escapeHTML</tt>.
-    def self.escape_html(str)
-      str = str.to_s
-      defined?(Rack::Utils) ? Rack::Utils.escape_html(str) : CGI.escapeHTML(str)
-    end
-    
+module Gravatarify  
+  # Set of common utility methods to e.g. deep merge options etc.
+  module Utils #:nodoc:
     # Merge supplied list of +params+ with the globally defined default options and
     # any params. Then merge remaining params as hash.
-    # 
     def self.merge_gravatar_options(*params)
       return (params[1] || {}) if params.first == false
       options = Gravatarify.options.dup
@@ -27,6 +11,7 @@ module Gravatarify
       options
     end
     
+    # Deeply merge the <tt>:html</tt> attribute.
     def self.deep_merge_html!(hash, to_merge)
       html = (hash[:html] || {}).merge(to_merge[:html] || {})
       hash.merge!(to_merge)
@@ -34,11 +19,13 @@ module Gravatarify
     end
   
     # Tries first to call +email+, then +mail+ then +to_s+ on supplied
-    # object.
+    # object, also strips leading/trailing whitespace and downcases string
+    # (as specified by gravatar.com).
     def self.smart_email(obj)
-      str = (obj.respond_to?(:email) ? obj.send(:email) : (obj.respond_to?(:mail) ? obj.send(:mail) : obj)).to_s
-      str = str.sub(/\A.*?<(.+?)>.*\z/, '\1') if str =~ /<.+>/
-      str.strip.downcase
+      (obj.respond_to?(:email) ? obj.send(:email) : (obj.respond_to?(:mail) ? obj.send(:mail) : obj)).to_s.strip.downcase
     end
+    
+    # Returns +true+ when those XSS methods are available, else +false+ is returned.
+    def self.with_xss?; "".respond_to?(:html_safe!) end
   end
 end

data/test/benchmark/benchmark.rb

@@ -0,0 +1,15 @@
+require 'gravatarify'
+require 'benchmark'
+
+include Gravatarify::Helper
+  
+emails = ['foo@bar.com', 'foobar_didum_asdf@asdasd.com',
+          'ASDASDSA@aasd_ASDSAd.com', ' sad@asdASdssasd  .ch', 'Master <asdASD@asdasd.com >']
+n = 10000
+Benchmark.bm(23) do |bm|
+  bm.report("gravatar_url w/o args: ") { for i in 1..n do gravatar_url(emails[i % 5]) end }
+  bm.report("gravatar_url w/ args:  ") { for i in 1..n do gravatar_url(emails[i % 5], :size => 30, :x => 'foo', 'other' => 'abcdef') end }
+  bm.report("gravatar_tag w/o args: ") { for i in 1..n do gravatar_tag(emails[i % 5]) end }
+  bm.report("gravatar_tag w/ args:  ") { for i in 1..n do gravatar_tag(emails[i % 5], :size => 30, :x => 'foo', :html => { :class => 'abcdef'}) end }  
+end
+puts "                         -> each measured #{n} times using for-loop"

data/test/unit/gravatarify_base_test.rb

@@ -37,8 +37,8 @@ class GravatarifyBaseTest < Test::Unit::TestCase
       assert_equal "#{BELLA_AT_GMAIL_JPG}?other=escaped%26yes%3F&r=x&s=30", gravatar_url('bella@gmail.com', :size => 30, :rating => :x, :other => "escaped&yes?")
     end
     
-    should "ensure that all options as well as keys are escaped correctly" do
-      assert_equal "#{BELLA_AT_GMAIL_JPG}?escaped%2Fme=escaped%2Fme", gravatar_url('bella@gmail.com', 'escaped/me' => 'escaped/me')
+    should "ensure that all options are escaped correctly" do
+      assert_equal "#{BELLA_AT_GMAIL_JPG}?unescaped=escaped%2Fme", gravatar_url('bella@gmail.com', 'unescaped' => 'escaped/me')
     end
     
     should "ignore false or nil options" do
@@ -99,11 +99,7 @@ class GravatarifyBaseTest < Test::Unit::TestCase
       mock(boy).email { "hans@gmail.com" }
       mock(boy).female? { false }
       assert_equal "http://www.gravatar.com/avatar/b6987c8f1d734e684cf9721970b906e5.jpg?d=http%3A%2F%2Fexample.com%2Fgravatar.jpg", gravatar_url(boy, :default => default)      
-    end
-    
-    should "work easily work with RFC emails encapsulated in < and >" do
-      assert_equal BELLA_AT_GMAIL_JPG, gravatar_url('Bella <bella@gmail.com>')
-    end
+    end    
   end
   
   context "Gravatar hosts support" do

data/test/unit/gravatarify_helper_test.rb

@@ -46,6 +46,11 @@ class GravatarifyHelpersTest < Test::Unit::TestCase
       assert_equal '<img alt="" height="80" src="http://0.gravatar.com/avatar/1cacf1bc403efca2e7a58bcfa9574e4d.jpg" title="&lt;&gt;" width="80" />',
               gravatar_tag('bella@gmail.com', :html => { :title => '<>' })
     end
+    
+    should "be html_safe if rails 2.3.5" do
+      require 'active_support'
+      assert gravatar_tag('bella@gmail.com').html_safe?, "#html_safe? expected to return <true>"
+    end
   end
   
   context "#gravatar_tag when passed in an object" do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: gravatarify
 version: !ruby/object:Gem::Version 
-  version: 2.0.3
+  version: 2.0.4
 platform: ruby
 authors: 
 - Lukas Westermann
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-11-03 00:00:00 +01:00
+date: 2010-01-08 00:00:00 +01:00
 default_executable: 
 dependencies: []
 
@@ -36,10 +36,10 @@ files:
 - lib/gravatarify/helper.rb
 - lib/gravatarify/utils.rb
 - rails/init.rb
+- test/benchmark/benchmark.rb
 - test/test_helper.rb
 - test/unit/gravatarify_base_test.rb
 - test/unit/gravatarify_helper_test.rb
-- test/unit/gravatarify_rack_vs_cgi_test.rb
 - test/unit/gravatarify_styles_test.rb
 - test/unit/gravatarify_subdomain_test.rb
 has_rdoc: true
@@ -71,9 +71,9 @@ signing_key:
 specification_version: 3
 summary: Awesome gravatar support for Ruby (and Rails).
 test_files: 
+- test/benchmark/benchmark.rb
 - test/test_helper.rb
 - test/unit/gravatarify_base_test.rb
 - test/unit/gravatarify_helper_test.rb
-- test/unit/gravatarify_rack_vs_cgi_test.rb
 - test/unit/gravatarify_styles_test.rb
 - test/unit/gravatarify_subdomain_test.rb

data/test/unit/gravatarify_rack_vs_cgi_test.rb

@@ -1,24 +0,0 @@
-require 'test_helper'
-require 'cgi'
-
-class GravatarifyRackVsCgiTest < Test::Unit::TestCase
-  include Gravatarify::Base
-
-  # Remove Rack if defined
-  def setup
-    Object.send(:remove_const, :Rack) if defined?(Rack)    
-  end
-
-  # Reload Rack::Utils
-  def teardown
-    begin; require('rack/utils'); rescue LoadError; end
-  end
-
-  context "if Rack::Utils is not available, #gravatar_url" do
-    should "fallback to CGI#escape" do
-      assert !defined?(Rack::Utils), 'Rack::Utils should no longer be defined'
-      assert defined?(CGI), "CGI should be defined"
-      assert_equal "#{BELLA_AT_GMAIL_JPG}?escaped%2Fme=escaped%2Fme", gravatar_url('bella@gmail.com', 'escaped/me' => 'escaped/me')
-    end
-  end
-end