html2odt 0.3.1 → 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b7e81713f41dce40fa45764753a39d223a553fd9
4
- data.tar.gz: e87f898ad29e339a024ea0820d794ac0ee5b98b0
3
+ metadata.gz: 4faafbc073e768bc0f1752ffe28e9227bb2a0ff7
4
+ data.tar.gz: fba8f90511c1205ec52d7cd466f3573ab2627f9e
5
5
  SHA512:
6
- metadata.gz: 5fd546c9b347ec908fe1412ca3239065a0c1e988b8f07ce4ef1f1985e38e1e08f230f90b7c67afb08af303e426c81babd94d5800c5ca5b3865814e9144c83651
7
- data.tar.gz: b1f8f277a58aae0b132fac04a43a6189db977440b5200f6e49a4ba63f87a1c400ef6e26c46a7d9e34733c45a469f0c5427683b252e710f8eac1a0d24ce2abdd7
6
+ metadata.gz: 70d0313da825e9fc5e426716d570891f675e1c3ab772149d64c8668011eefd60de1915e2e736f2650726567f11c8eebbe97b48c6e698bfd314df6076611b166a
7
+ data.tar.gz: d2830075e1fe36f1be2e78056d3f582396c77b40e7282c503e7cfd899e8571967fef6f75fededef12f6744200ae050a8277e9a7d794c3c6be2c6f0ddbf4d8bd5
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ # v0.3.2 - 2016-06-07
2
+
3
+ Properly handle errors on remote image handling, bump nokogiri dependency to
4
+ address security related bugs
5
+
1
6
  # v0.3.1 - 2016-06-06
2
7
 
3
8
  Improved support for Ruby 2.0.0, improved handling of invalid URIs
data/html2odt.gemspec CHANGED
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
20
20
  spec.executables << "html2odt.rb"
21
21
 
22
22
  spec.add_dependency "dimensions", "~> 1.3.0"
23
- spec.add_dependency "nokogiri", "~> 1.6.7.2"
23
+ spec.add_dependency "nokogiri", "~> 1.6.8"
24
24
  spec.add_dependency "rubyzip", "~> 1.0"
25
25
 
26
26
  spec.add_development_dependency "bundler", "~> 1.12"
@@ -307,18 +307,7 @@ class Html2Odt::Document
307
307
  uri = URI.parse(src)
308
308
  end
309
309
 
310
- file = Tempfile.new("html2odt")
311
- file.binmode
312
-
313
- Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == "https") do |http|
314
- resp = http.get(uri.path)
315
-
316
- file.write(resp.body)
317
- file.flush
318
- file
319
- end
320
-
321
- return file
310
+ return uri_to_file(uri)
322
311
  end
323
312
 
324
313
  # cannot handle image properly, return nil
@@ -373,4 +362,28 @@ class Html2Odt::Document
373
362
  entry.content = content unless content.nil?
374
363
  entry
375
364
  end
365
+
366
+ def uri_to_file(uri)
367
+ file = Tempfile.new("html2odt")
368
+ file.binmode
369
+
370
+ Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == "https") do |http|
371
+ resp = http.get(uri.path)
372
+
373
+ file.write(resp.body)
374
+ file.flush
375
+ file
376
+ end
377
+
378
+ file
379
+ rescue
380
+ # Could not fetch remote image
381
+ #
382
+ # I feel bad for capturing all exceptions here, but there are so many
383
+ # libraries involved when fetching a resource over HTTP, that I am not sure
384
+ # how to create a proper white list. Some of the errors involved may be
385
+ #
386
+ # SocketError, OpenSSL::SSL::SSLError
387
+ nil
388
+ end
376
389
  end
@@ -1,3 +1,3 @@
1
1
  module Html2Odt
2
- VERSION = "0.3.1"
2
+ VERSION = "0.3.2"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: html2odt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1
4
+ version: 0.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gregor Schmidt (Planio)
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-06-06 00:00:00.000000000 Z
11
+ date: 2016-06-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dimensions
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - ~>
32
32
  - !ruby/object:Gem::Version
33
- version: 1.6.7.2
33
+ version: 1.6.8
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - ~>
39
39
  - !ruby/object:Gem::Version
40
- version: 1.6.7.2
40
+ version: 1.6.8
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rubyzip
43
43
  requirement: !ruby/object:Gem::Requirement