html_terminator 2.0.2 → 6.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: bd4d0609098d033eece8510d9bee3dbd0cb09966
-  data.tar.gz: 96b86b54353b1b72afe70eac1fbed82257cc2896
+SHA256:
+  metadata.gz: 1827dcef5defdc9254e5e2bea701325b2bd7de9629a6aabf86b7e1d518145405
+  data.tar.gz: 5a07da734d0fc6443e157d29cd9a297ad4f75abe6704589c6b884580e6af4b88
 SHA512:
-  metadata.gz: 650230f42f73afa03d5bcf6c37dc76e3cd253a5704a6bef83196a49b49d9847b39141b6f47be404681df422272cbd024f379f0b42595e17bee79eedcf4d55115
-  data.tar.gz: 4e0fa09f6dbb339404b9fd2c95d167ede09980151ff8f82c0bd3eb78c1eccc2067a05c256b993efdff4a1bfd513516ea7e323254b5ca31409b9a31931b695ebc
+  metadata.gz: 710b061a16096c74d8b31a3f1d9542c12b12ba8621ffbffa519f17f09f58e5ac5d5a7ec7fb62ff094be5042f17bc2a59b48e61deeb8debbd02b7641ca5ff9fce
+  data.tar.gz: 9318ee326d6dd7246d4ec4105607f02abaec016c75612256a214ac717e9e265510dd1de9304ee403f57d8cb968c0d9c4b966447194ff235f7ef5c5ba679cb6d9

data/.github/workflows/ci.yml

@@ -0,0 +1,22 @@
+name: CI
+on: [push]
+jobs:
+  lint-test:
+    name: Test
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    strategy:
+      matrix:
+        ruby:
+          - 2.5
+          - 2.6
+          - 2.7
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+
+
+      - run: bundle install
+      - run: bundle exec rspec

data/Gemfile

@@ -4,8 +4,7 @@ source 'https://rubygems.org'
 gemspec
 
 group :test do
-  gem "activerecord", "~> 4.2"
-  gem 'sqlite3'
-  gem 'guard-rspec'
-  gem 'rb-fsevent'
+  gem "activerecord", "~> 6.0"
+  gem 'sqlite3', "~> 1.4.2" # tied to activerecord
+  gem 'rspec'
 end

data/README.md

@@ -52,15 +52,13 @@ In your Rails models:
 
     terminate_html :field1, :field2, :field3
 
-or
-
-    terminate_html :except => [:field8, :field9]
-
 ## Options
 
 Out of the box, HTML Terminator will strip out ALL html. You can pass in specific elements you want to preserve like this:
 
     terminate_html :field1, :elements => ["b", "i", "em"]
+    terminate_html :field2, :elements => ["br"]
+    terminate_html :field3, :elements => ["em"]
 
 Learn more about configuration options [Here](https://github.com/rgrove/sanitize#custom-configuration)
 

data/html_terminator.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
   spec.email         = ["steel@polleverywhere.com", "matt@polleverywhere.com"]
   spec.description   = %q{Terminate Active Records fields of html}
   spec.summary       = %q{Terminate Active Records fields of html}
-  spec.homepage      = ""
+  spec.homepage      = "https://github.com/polleverywhere/html_terminator/"
   spec.license       = "MIT"
 
   spec.files         = `git ls-files`.split($/)
@@ -18,8 +18,8 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "bundler", "~> 2.2.0"
   spec.add_development_dependency "rake"
 
-  spec.add_runtime_dependency "sanitize", "~> 4.0"
+  spec.add_runtime_dependency "sanitize", "~> 6.0.0"
 end

data/lib/html_terminator/version.rb

@@ -1,3 +1,3 @@
 module HtmlTerminator
-  VERSION = "2.0.2"
+  VERSION = '6.0.0'
 end

data/lib/html_terminator.rb

@@ -11,44 +11,49 @@ module HtmlTerminator
     if val.is_a?(String)
       # Sanitize produces escaped content.
       # Unescape it to get the raw html
-      CGI.unescapeHTML(Sanitize.fragment(val, config).strip).html_safe
+      CGI.unescapeHTML(Sanitize.fragment(val, config).strip)
     else
       val
     end
   end
 
   module ClassMethods
-    def terminate_html(*args)
-      class_attribute :html_terminator_fields
-      class_attribute :html_terminator_options
+    def fields
+      self.columns.inject([]) do |list, col|
+        if col.type == :string or col.type == :text
+          list << col.name.to_sym
+        end
+
+        list
+      end
+    end
 
+    def terminate_html(*args)
       # Table may not exist yet when schema is initially getting loaded
       if self.table_exists?
-        # By default all fields are to be seen by the terminator
-        self.html_terminator_fields = self.columns.inject([]) do |list, col|
-          if col.type == :string or col.type == :text
-            list << col.name.to_sym
-          end
-
-          list
+        # object key/value of field => options
+        unless method_defined?(:html_terminator_fields)
+          class_attribute :html_terminator_fields
+          self.html_terminator_fields = {}
         end
 
-        self.html_terminator_options = SANITIZE_OPTIONS.merge(args.extract_options!)
-        self.html_terminator_fields = args if args.length > 0
+        options = args.extract_options!
+        options = SANITIZE_OPTIONS.clone.merge(options)
 
-        # Handle exceptions
-        exceptions = self.html_terminator_options.delete(:except) || []
-        self.html_terminator_fields -= (exceptions)
+        valid_fields = self.fields & args
+
+        valid_fields.each do |field|
+          self.html_terminator_fields[field] = options.deep_dup
+        end
 
         unless self.html_terminator_fields.empty?
-          # sanitize writes
           before_validation :terminate_html
 
           # sanitize reads
-          self.html_terminator_fields.each do |attr|
+          valid_fields.each do |attr|
             define_method(attr) do |*rargs|
               # sanitize it
-              HtmlTerminator.sanitize super(*rargs), self.html_terminator_options
+              HtmlTerminator.sanitize super(*rargs), options
             end
           end
         end
@@ -58,11 +63,11 @@ module HtmlTerminator
 
   module InstanceMethods
     def terminate_html
-      self.html_terminator_fields.each do |field|
+      self.html_terminator_fields.each do |field, options|
         value = self[field]
 
         unless value.nil?
-          self[field] = HtmlTerminator.sanitize(value, self.html_terminator_options)
+          self[field] = HtmlTerminator.sanitize(value, options)
         end
       end
     end

data/spec/html_terminator_spec.rb

@@ -1,80 +1,88 @@
-require 'spec_helper'
+require "spec_helper"
 
 describe HtmlTerminator do
   it "sanitizes only fields specified" do
-    @user = OnlyFirstName.new
+    user = OnlyFirstName.new
 
-    @user.first_name = "Hello <img>"
-    @user.first_name.should == "Hello"
+    user.first_name = "Hello <img>"
+    expect(user.first_name).to eql("Hello")
 
-    @user.last_name = "Hello <img>"
-    @user.last_name.should == "Hello <img>"
+    user.last_name = "Hello <img>"
+    expect(user.last_name).to eql("Hello <img>")
 
-    @user.age = 3
-    @user.age.should == 3
+    user.age = 3
+    expect(user.age).to eql(3)
   end
 
   it "doesn't escape ampersands" do
-    @user = OnlyFirstName.new
+    user = OnlyFirstName.new
 
-    @user.first_name = "A & B & C"
-    @user.first_name.should == "A & B & C"
+    user.first_name = "A & B & C"
+    expect(user.first_name).to eql("A & B & C")
   end
 
   it "skips sanitize when only one bracket" do
-    @user = OnlyFirstName.new
+    user = OnlyFirstName.new
 
-    @user.first_name = "1 < 2"
-    @user.first_name.should == "1 < 2"
+    user.first_name = "1 < 2"
+    expect(user.first_name).to eql("1 < 2")
 
-    @user.first_name = "2 > 1"
-    @user.first_name.should == "2 > 1"
+    user.first_name = "2 > 1"
+    expect(user.first_name).to eql("2 > 1")
   end
 
   it "handles ampersands" do
-    @user = OnlyFirstName.new
+    user = OnlyFirstName.new
 
-    @user.first_name = "Mr. & Mrs. Smith"
-    @user.first_name.should == "Mr. & Mrs. Smith"
-  end
-
-  it "sanitizes all except what is specified" do
-    @user = ExceptFirstName.new
-
-    @user.first_name = "Hello <img>"
-    @user.first_name.should == "Hello <img>"
-
-    @user.last_name = "Hello <img>"
-    @user.last_name.should == "Hello"
-  end
-
-  it "doesn't blow up if value is nil" do
-    @user = ExceptFirstName.new
-    @user.first_name = nil
-    @user.first_name.should == nil
+    user.first_name = "Mr. & Mrs. Smith"
+    expect(user.first_name).to eql("Mr. & Mrs. Smith")
   end
 
   it "doesn't blow up if value is not a string" do
-    @user = OnlyFirstName.new
-    @user.first_name = 1
-    @user.first_name.should == "1"
+    user = OnlyFirstName.new
+    user.first_name = 1
+    expect(user.first_name).to eql("1")
   end
 
   it "honors options that are passed in" do
-    @user = FirstNameWithOptions.new
-    @user.first_name = "Hello <flexbox></flexbox><hr><br><img>"
-    @user.first_name.should == "Hello <flexbox></flexbox>"
+    user = FirstNameWithOptions.new
+    user.first_name = "Hello <flexbox></flexbox><hr><br><img>"
+    expect(user.first_name).to eql("Hello <flexbox></flexbox>")
   end
 
   describe "#sanitize" do
     it "strips out all html by default" do
       val = HtmlTerminator.sanitize "<flexbox></flexbox><hr><br><img>"
-      val.should == ""
+      expect(val).to eql("")
     end
 
-    it "marks the output as html_safe" do
+    it "does not mark the output as html_safe" do
       val = HtmlTerminator.sanitize "<flexbox></flexbox><hr><br><img>"
-      val.html_safe?.should == true
+      expect(val.html_safe?).to eql(false)
+    end
+
+    it "does not escape output that isn't stripped" do
+      val = HtmlTerminator.sanitize "<div>I said, \"Hello, John O'hare.\"</div>"
+      expect(val).to eql("I said, \"Hello, John O'hare.\"")
     end
   end
+
+  it "sanitizes different fields with different options" do
+    user = TwoFieldsWithOptions.new
+    user.first_name = "Hello <br><strong>strong</strong><em>em</em>"
+    user.last_name = "Hello <br><strong>strong</strong><em>em</em>"
+
+    expect(user.first_name).to eql("Hello  <strong>strong</strong>em")
+    expect(user.last_name).to eql("Hello  strong<em>em</em>")
+  end
+
+  it "sanitizes on validation" do
+    user = TwoFieldsWithOptions.new
+    user.first_name = "Hello <br><strong>strong</strong><em>em</em>"
+    user.last_name = "Hello <br><strong>strong</strong><em>em</em>"
+    user.valid?
+
+    expect(user.read_attribute(:first_name)).to eql("Hello  <strong>strong</strong>em")
+    expect(user.read_attribute(:last_name)).to eql("Hello  strong<em>em</em>")
+  end
 end

data/spec/support/active_record.rb

@@ -13,7 +13,7 @@ ActiveRecord::Schema.define do
     t.column "age", :integer
   end
 
-  create_table "except_first_names", :force => true do |t|
+  create_table "two_fields_with_options", :force => true do |t|
     t.column "first_name",  :text
     t.column "last_name",  :text
     t.column "age", :integer
@@ -32,10 +32,11 @@ class OnlyFirstName < ActiveRecord::Base
   terminate_html :first_name
 end
 
-class ExceptFirstName < ActiveRecord::Base
+class TwoFieldsWithOptions < ActiveRecord::Base
   include HtmlTerminator
 
-  terminate_html :except => [:first_name]
+  terminate_html :first_name, elements: ["strong"]
+  terminate_html :last_name, elements: ["em"]
 end
 
 class FirstNameWithOptions < ActiveRecord::Base

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: html_terminator
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 6.0.0
 platform: ruby
 authors:
 - Steel Fu
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-03 00:00:00.000000000 Z
+date: 2021-09-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -17,14 +17,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 2.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -45,14 +45,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: 6.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: 6.0.0
 description: Terminate Active Records fields of html
 email:
 - steel@polleverywhere.com
@@ -61,10 +61,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
 - ".gitignore"
-- ".travis.yml"
 - Gemfile
-- Guardfile
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -75,7 +74,7 @@ files:
 - spec/html_terminator_spec.rb
 - spec/spec_helper.rb
 - spec/support/active_record.rb
-homepage: ''
+homepage: https://github.com/polleverywhere/html_terminator/
 licenses:
 - MIT
 metadata: {}
@@ -94,8 +93,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.2.3
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Terminate Active Records fields of html

data/.travis.yml

@@ -1,4 +0,0 @@
-script: bundle exec rspec
-language: ruby
-rvm:
-  - 2.0.0

data/Guardfile

@@ -1,5 +0,0 @@
-guard 'rspec', :version => 2, :cli => '--colour --format nested' do
-  watch(%r{^spec/.+_spec\.rb$})
-  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/lib/#{m[1]}_spec.rb" }
-  watch('spec/spec_helper.rb')  { "spec" }
-end