html_terminator 1.0.0 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/lib/html_terminator/extract_options.rb +29 -0
- data/lib/html_terminator/version.rb +1 -1
- data/lib/html_terminator.rb +16 -21
- data/spec/html_terminator_spec.rb +6 -0
- data/spec/support/active_record.rb +13 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ed1a46465f0b8d627c1b92e47e232373f2dd71ec
|
|
4
|
+
data.tar.gz: 717809ee3bd7bd73895f2b2a558c6335e720679c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 66c00ffa3ac6b4a8f5667bbd0ebef76d84d92bfad7bb922c1f71173dfc321df40364836db52e2d0af360f9ca83d05a4761f30265719fdd02c7cc353d8d788a4c
|
|
7
|
+
data.tar.gz: 5e86b8127abfc48f721a25828f2684b61e3197b06a44383cf81d8f65c85fdc28e5e72b69698fe98d41fd8d6ade625eff1ba6e096b47d1c89b134f79be9580cc9
|
data/README.md
CHANGED
|
@@ -56,6 +56,14 @@ or
|
|
|
56
56
|
|
|
57
57
|
terminate_html :except => [:field8, :field9]
|
|
58
58
|
|
|
59
|
+
## Options
|
|
60
|
+
|
|
61
|
+
Out of the box, HTML Terminator will strip out ALL html. You can pass in specific elements you want to preserve like this:
|
|
62
|
+
|
|
63
|
+
terminate_html :field1, :elements => ["b", "i", "em"]
|
|
64
|
+
|
|
65
|
+
Learn more about configuration options [Here](https://github.com/rgrove/sanitize#custom-configuration)
|
|
66
|
+
|
|
59
67
|
## Contributing
|
|
60
68
|
|
|
61
69
|
1. Fork it
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
class Hash
|
|
2
|
+
# By default, only instances of Hash itself are extractable.
|
|
3
|
+
# Subclasses of Hash may implement this method and return
|
|
4
|
+
# true to declare themselves as extractable. If a Hash
|
|
5
|
+
# is extractable, Array#extract_options! pops it from
|
|
6
|
+
# the Array when it is the last element of the Array.
|
|
7
|
+
def extractable_options?
|
|
8
|
+
instance_of?(Hash)
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
class Array
|
|
13
|
+
# Extracts options from a set of arguments. Removes and returns the last
|
|
14
|
+
# element in the array if it's a hash, otherwise returns a blank hash.
|
|
15
|
+
#
|
|
16
|
+
# def options(*args)
|
|
17
|
+
# args.extract_options!
|
|
18
|
+
# end
|
|
19
|
+
#
|
|
20
|
+
# options(1, 2) # => {}
|
|
21
|
+
# options(1, 2, a: :b) # => {:a=>:b}
|
|
22
|
+
def extract_options!
|
|
23
|
+
if last.is_a?(Hash) && last.extractable_options?
|
|
24
|
+
pop
|
|
25
|
+
else
|
|
26
|
+
{}
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
data/lib/html_terminator.rb
CHANGED
|
@@ -1,28 +1,26 @@
|
|
|
1
1
|
require "html_terminator/version"
|
|
2
|
+
require "html_terminator/extract_options"
|
|
2
3
|
require 'sanitize'
|
|
3
4
|
|
|
4
5
|
module HtmlTerminator
|
|
5
6
|
SANITIZE_OPTIONS = {
|
|
6
|
-
:elements => [
|
|
7
|
+
:elements => []
|
|
7
8
|
}
|
|
8
9
|
|
|
9
|
-
def self.sanitize(val)
|
|
10
|
-
if val.is_a?(String)
|
|
11
|
-
Sanitize
|
|
10
|
+
def self.sanitize(val, config)
|
|
11
|
+
if val.is_a?(String)
|
|
12
|
+
# Sanitize produces escaped content.
|
|
13
|
+
# Unescape it to get the raw html
|
|
14
|
+
CGI.unescapeHTML Sanitize.fragment(val, config).strip
|
|
12
15
|
else
|
|
13
16
|
val
|
|
14
17
|
end
|
|
15
18
|
end
|
|
16
19
|
|
|
17
|
-
# Don't sanitize if only one bracket is present.
|
|
18
|
-
# Without this, "1 < 2" gets incorrectly sanitized as "1".
|
|
19
|
-
def self.skip_sanitize?(val)
|
|
20
|
-
val.count("<") + val.count(">") == 1
|
|
21
|
-
end
|
|
22
|
-
|
|
23
20
|
module ClassMethods
|
|
24
21
|
def terminate_html(*args)
|
|
25
22
|
class_attribute :html_terminator_fields
|
|
23
|
+
class_attribute :html_terminator_options
|
|
26
24
|
|
|
27
25
|
# Table may not exist yet when schema is initially getting loaded
|
|
28
26
|
if self.table_exists?
|
|
@@ -35,15 +33,12 @@ module HtmlTerminator
|
|
|
35
33
|
list
|
|
36
34
|
end
|
|
37
35
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
elsif args.length > 1
|
|
45
|
-
self.html_terminator_fields = args
|
|
46
|
-
end
|
|
36
|
+
self.html_terminator_options = SANITIZE_OPTIONS.merge(args.extract_options!)
|
|
37
|
+
self.html_terminator_fields = args if args.length > 0
|
|
38
|
+
|
|
39
|
+
# Handle exceptions
|
|
40
|
+
exceptions = self.html_terminator_options.delete(:except) || []
|
|
41
|
+
self.html_terminator_fields -= (exceptions)
|
|
47
42
|
|
|
48
43
|
unless self.html_terminator_fields.empty?
|
|
49
44
|
# sanitize writes
|
|
@@ -53,7 +48,7 @@ module HtmlTerminator
|
|
|
53
48
|
self.html_terminator_fields.each do |attr|
|
|
54
49
|
define_method(attr) do |*rargs|
|
|
55
50
|
# sanitize it
|
|
56
|
-
HtmlTerminator.sanitize super(*rargs)
|
|
51
|
+
HtmlTerminator.sanitize super(*rargs), self.html_terminator_options
|
|
57
52
|
end
|
|
58
53
|
end
|
|
59
54
|
end
|
|
@@ -67,7 +62,7 @@ module HtmlTerminator
|
|
|
67
62
|
value = self[field]
|
|
68
63
|
|
|
69
64
|
unless value.nil?
|
|
70
|
-
self[field] = HtmlTerminator.sanitize(value)
|
|
65
|
+
self[field] = HtmlTerminator.sanitize(value, self.html_terminator_options)
|
|
71
66
|
end
|
|
72
67
|
end
|
|
73
68
|
end
|
|
@@ -59,4 +59,10 @@ describe HtmlTerminator do
|
|
|
59
59
|
@user.first_name = 1
|
|
60
60
|
@user.first_name.should == "1"
|
|
61
61
|
end
|
|
62
|
+
|
|
63
|
+
it "honors options that are passed in" do
|
|
64
|
+
@user = FirstNameWithOptions.new
|
|
65
|
+
@user.first_name = "Hello <flexbox></flexbox><hr><br><img>"
|
|
66
|
+
@user.first_name.should == "Hello <flexbox></flexbox>"
|
|
67
|
+
end
|
|
62
68
|
end
|
|
@@ -18,6 +18,12 @@ ActiveRecord::Schema.define do
|
|
|
18
18
|
t.column "last_name", :text
|
|
19
19
|
t.column "age", :integer
|
|
20
20
|
end
|
|
21
|
+
|
|
22
|
+
create_table "first_name_with_options", :force => true do |t|
|
|
23
|
+
t.column "first_name", :text
|
|
24
|
+
t.column "last_name", :text
|
|
25
|
+
t.column "age", :integer
|
|
26
|
+
end
|
|
21
27
|
end
|
|
22
28
|
|
|
23
29
|
class OnlyFirstName < ActiveRecord::Base
|
|
@@ -30,4 +36,10 @@ class ExceptFirstName < ActiveRecord::Base
|
|
|
30
36
|
include HtmlTerminator
|
|
31
37
|
|
|
32
38
|
terminate_html :except => [:first_name]
|
|
33
|
-
end
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
class FirstNameWithOptions < ActiveRecord::Base
|
|
42
|
+
include HtmlTerminator
|
|
43
|
+
|
|
44
|
+
terminate_html :first_name, :elements => ["flexbox"]
|
|
45
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: html_terminator
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Steel Fu
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2016-01-29 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
@@ -70,6 +70,7 @@ files:
|
|
|
70
70
|
- Rakefile
|
|
71
71
|
- html_terminator.gemspec
|
|
72
72
|
- lib/html_terminator.rb
|
|
73
|
+
- lib/html_terminator/extract_options.rb
|
|
73
74
|
- lib/html_terminator/version.rb
|
|
74
75
|
- spec/html_terminator_spec.rb
|
|
75
76
|
- spec/spec_helper.rb
|
|
@@ -102,4 +103,3 @@ test_files:
|
|
|
102
103
|
- spec/html_terminator_spec.rb
|
|
103
104
|
- spec/spec_helper.rb
|
|
104
105
|
- spec/support/active_record.rb
|
|
105
|
-
has_rdoc:
|