html-pipeline 2.8.3 → 2.8.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/html/pipeline/sanitization_filter.rb +19 -19
- data/lib/html/pipeline/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fb5b0fea67fef5138ef398315d5dc7450b6c50d0
|
4
|
+
data.tar.gz: 8f34c17227a9707a3990c91d715e624ef7cbf85f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e3158db053fab1a824c299aa67cab9404b0fd120059e80301729cf87913d205f48f933723c669abe4b8aec91b487acfdbc546a9e216404f449a85a29345a1158
|
7
|
+
data.tar.gz: c5a4207fdd287645940c721648ffee4469976891090bb886eb56cfcc0445cde85244d8741638df563b92f2ac730a7afd50fb4e9f56c0a124bc7e28ac836977e0
|
@@ -43,16 +43,16 @@ module HTML
|
|
43
43
|
div ins del sup sub p ol ul table thead tbody tfoot blockquote
|
44
44
|
dl dt dd kbd q samp var hr ruby rt rp li tr td th s strike summary
|
45
45
|
details caption figure figcaption
|
46
|
-
],
|
47
|
-
remove_contents: ['script'],
|
46
|
+
].freeze,
|
47
|
+
remove_contents: ['script'].freeze,
|
48
48
|
attributes: {
|
49
|
-
'a' => ['href'],
|
50
|
-
'img' => %w[src longdesc],
|
51
|
-
'div' => %w[itemscope itemtype],
|
52
|
-
'blockquote' => ['cite'],
|
53
|
-
'del' => ['cite'],
|
54
|
-
'ins' => ['cite'],
|
55
|
-
'q' => ['cite'],
|
49
|
+
'a' => ['href'].freeze,
|
50
|
+
'img' => %w[src longdesc].freeze,
|
51
|
+
'div' => %w[itemscope itemtype].freeze,
|
52
|
+
'blockquote' => ['cite'].freeze,
|
53
|
+
'del' => ['cite'].freeze,
|
54
|
+
'ins' => ['cite'].freeze,
|
55
|
+
'q' => ['cite'].freeze,
|
56
56
|
all: %w[abbr accept accept-charset
|
57
57
|
accesskey action align alt
|
58
58
|
aria-describedby aria-hidden aria-label aria-labelledby
|
@@ -70,18 +70,18 @@ module HTML
|
|
70
70
|
selected shape size span
|
71
71
|
start summary tabindex target
|
72
72
|
title type usemap valign value
|
73
|
-
vspace width itemprop]
|
74
|
-
},
|
73
|
+
vspace width itemprop].freeze
|
74
|
+
}.freeze,
|
75
75
|
protocols: {
|
76
76
|
'a' => { 'href' => ANCHOR_SCHEMES },
|
77
|
-
'blockquote' => { 'cite' => ['http', 'https', :relative] },
|
78
|
-
'del' => { 'cite' => ['http', 'https', :relative] },
|
79
|
-
'ins' => { 'cite' => ['http', 'https', :relative] },
|
80
|
-
'q' => { 'cite' => ['http', 'https', :relative] },
|
77
|
+
'blockquote' => { 'cite' => ['http', 'https', :relative].freeze },
|
78
|
+
'del' => { 'cite' => ['http', 'https', :relative].freeze },
|
79
|
+
'ins' => { 'cite' => ['http', 'https', :relative].freeze },
|
80
|
+
'q' => { 'cite' => ['http', 'https', :relative].freeze },
|
81
81
|
'img' => {
|
82
|
-
'src' => ['http', 'https', :relative],
|
83
|
-
'longdesc' => ['http', 'https', :relative]
|
84
|
-
}
|
82
|
+
'src' => ['http', 'https', :relative].freeze,
|
83
|
+
'longdesc' => ['http', 'https', :relative].freeze
|
84
|
+
}.freeze
|
85
85
|
},
|
86
86
|
transformers: [
|
87
87
|
# Top-level <li> elements are removed because they can break out of
|
@@ -102,7 +102,7 @@ module HTML
|
|
102
102
|
node.replace(node.children)
|
103
103
|
end
|
104
104
|
}
|
105
|
-
]
|
105
|
+
].freeze
|
106
106
|
}.freeze
|
107
107
|
|
108
108
|
# A more limited sanitization whitelist. This includes all attributes,
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: html-pipeline
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.8.
|
4
|
+
version: 2.8.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ryan Tomayko
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2018-
|
12
|
+
date: 2018-07-24 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|