input_sanitizer 0.4.0 → 0.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4830f8e0493abf23ddd9af334427529fd4075fbc4e5cab74f263921e21bd9310
-  data.tar.gz: c416c81bb32662258bc645325cec329736dccd9b250b9860f750ee292ec39888
+  metadata.gz: 4f2a20c5da1c65b87f1e817d27093de8f9353a6c06b542780d27e3462b64a855
+  data.tar.gz: d48d86aac58840dfc42932c1240635552bc3229d297d8f717615088582e6b31c
 SHA512:
-  metadata.gz: 51b81975793f215b595b64585e6f1bcdff0fa60a92756dec511cca368bd2064c6a269aeb205dcbe01f5a36186b499d471867e45e0262e14344300a4210cd0be5
-  data.tar.gz: 383cc4f7ed8c87530796941f6a35dae1ec84739a166499b400e82a923bc78b4ade54fedc9c25052fa49f085a4fed7965027d3187b22f4f4206e4c93d47360162
+  metadata.gz: 3dcfbf917beba6d666b964658b8ef569152d74beca656f14640fec37a9bc413273da22988e4eeebfe4aa399841086673519bb3a1eb8c6533d0ada93ac474021b
+  data.tar.gz: 56cb28724e2cfbd5eb1755615463e26226cca48ba287d3ee94448da1f5918261d4a8aa430a4b14e82b9bbc6d2fa96888799ecc144ccf6ee585fece7709eee5e1

data/.github/workflows/ci.yaml

@@ -0,0 +1,26 @@
+name: CI
+
+on:
+  push:
+    branches: 
+      - master
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: ubuntu-18.04
+    strategy:
+      matrix:
+        rvm: [2.1.9,2.2.10,2.5.8,jruby-head]
+    steps:
+    - uses: zendesk/checkout@v2
+    - name: Set up Ruby
+      uses: zendesk/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.rvm }}
+    - name: Test ${{ matrix.rvm }}
+      run: |
+        bundle install
+        bundle exec rspec spec

data/CHANGELOG

@@ -1,3 +1,6 @@
+0.4.1
+  * Added `strip_4byte_chars` option to String V2 sanitizer
+
 0.4.0
   * Stopped supporting Ruby 1.8 and 1.9
   * Added support for Rails 5.1 and ruby 2.5.8

data/README.md

@@ -1,4 +1,5 @@
-# InputSanitizer [![Build Status](https://secure.travis-ci.org/futuresimple/input_sanitizer.png?branch=master)](http://travis-ci.org/futuresimple/input_sanitizer)
+# InputSanitizer
+![CI](https://github.com/zendesk/input_sanitizer/workflows/CI/badge.svg)
 
 Gem to sanitize hash of incoming data
 

data/lib/input_sanitizer/v2/types.rb

@@ -93,8 +93,22 @@ module InputSanitizer::V2::Types
           raise InputSanitizer::ValueError.new(value, options[:minimum], options[:maximum]) if options[:minimum] && string.length < options[:minimum]
           raise InputSanitizer::ValueError.new(value, options[:minimum], options[:maximum]) if options[:maximum] && string.length > options[:maximum]
         end
+
+        if options[:strip_4byte_chars] && !options[:already_stripped]
+          value_without_4byte_chars = strip_4byte_chars(value)
+          updated_options = options.merge(:already_stripped => true) # to prevent infinite loop
+          call(value_without_4byte_chars, updated_options) # run checks once again to ensure string is still valid after stripping 4-byte chars
+        else
+          value
+        end
       end
     end
+
+    private
+
+    def strip_4byte_chars(string)
+      string.each_char.with_object(String.new) { |char, output| output << char if char.bytesize < 4 }
+    end
   end
 
   class BooleanCheck

data/lib/input_sanitizer/version.rb

@@ -1,3 +1,3 @@
 module InputSanitizer
-  VERSION = "0.4.0"
+  VERSION = "0.4.1"
 end

data/spec/v2/payload_sanitizer_spec.rb

@@ -17,6 +17,10 @@ class TestedPayloadSanitizer < InputSanitizer::V2::PayloadSanitizer
   string :status, :allow => ['current', 'past']
   string :status_with_empty, :allow => ['', 'current', 'past']
   string :regexp_string, :regexp => /^#?([a-f0-9]{6}|[a-f0-9]{3})$/
+  string :utf8mb4_string, :strip_4byte_chars => true
+  string :value_restricted_utf8mb4_string, :strip_4byte_chars => true, :allow => ['test']
+  string :non_blank_utf8mb4_string, :strip_4byte_chars => true, :allow_blank => false
+  string :size_restricted_utf8mb4_string, :strip_4byte_chars => true, :minimum => 2, :maximum => 4
   nested :address, :sanitizer => AddressSanitizer
   nested :nullable_address, :sanitizer => AddressSanitizer, :allow_nil => true
   nested :tags, :sanitizer => TagSanitizer, :collection => true
@@ -155,6 +159,76 @@ describe InputSanitizer::V2::PayloadSanitizer do
     end
   end
 
+  describe "strip_4byte_chars option" do
+    it "is valid when given a string with 4-byte chars" do
+      @params = { :utf8mb4_string => "test \u{1F435} value" }
+      sanitizer.should be_valid
+    end
+
+    it "returns sanitized string without 4-byte chars" do
+      @params = { :utf8mb4_string => "test\u{1F435}" }
+      sanitizer[:utf8mb4_string].should eq "test"
+    end
+
+    it "properly handles string with 4-byte char at the beginning" do
+      @params = { :utf8mb4_string => "\u{1F435} 4-byte char at the beginning" }
+      sanitizer[:utf8mb4_string].should eq ' 4-byte char at the beginning'
+    end
+
+    it "properly handles string with 4-byte char in the middle" do
+      @params = { :utf8mb4_string => "4-byte char\u{1F435} in the middle" }
+      sanitizer[:utf8mb4_string].should eq '4-byte char in the middle'
+    end
+
+    it "properly handles string with 4-byte char at the end" do
+      @params = { :utf8mb4_string => "4-byte char at the end \u{1F435}" }
+      sanitizer[:utf8mb4_string].should eq '4-byte char at the end '
+    end
+
+    it "does not strip 3-byte chars" do
+      @params = { :utf8mb4_string => "Test \u{270A}" }
+      sanitizer[:utf8mb4_string].should eq "Test \u{270A}"
+    end
+
+    describe "when used with other options" do
+      describe "allow" do
+        it "is valid when string matches any value in allowlist before stripping 4-byte chars" do
+          @params = { :value_restricted_utf8mb4_string => "test" }
+          sanitizer.should be_valid
+        end
+
+        it "is invalid when string doesn't match any value in allowlist before stripping 4-byte chars" do
+          @params = { :value_restricted_utf8mb4_string => "test\u{1F435}" }
+          sanitizer.should_not be_valid
+        end
+      end
+
+      describe "allow_blank=false" do
+        it "is invalid when string is already blank before stripping 4-byte chars" do
+          @params = { :non_blank_utf8mb4_string => " " }
+          sanitizer.should_not be_valid
+        end
+
+        it "is invalid when string becomes blank as a result of stripping 4-byte chars" do
+          @params = { :non_blank_utf8mb4_string => " \u{1F435} " }
+          sanitizer.should_not be_valid
+        end
+      end
+
+      describe "minimum and maximum" do
+        it "is invalid when string is already too long before stripping 4-byte chars" do
+          @params = { :size_restricted_utf8mb4_string => "1234\u{1F435}" }
+          sanitizer.should_not be_valid
+        end
+
+        it "is invalid when string becomes too short as a result of stripping 4-byte chars" do
+          @params = { :size_restricted_utf8mb4_string => "1\u{1F435}" }
+          sanitizer.should_not be_valid
+        end
+      end
+    end
+  end
+
   describe "strict param checking" do
     it "is invalid when given extra params" do
       @params = { :extra => 'test', :extra2 => 1 }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: input_sanitizer
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.1
 platform: ruby
 authors:
 - Zendesk
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-20 00:00:00.000000000 Z
+date: 2021-05-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: method_struct
@@ -87,10 +87,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yaml"
 - ".github/workflows/gempush.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
 - CHANGELOG
 - Gemfile
 - LICENSE
@@ -152,7 +152,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Gem to sanitize hash of incoming data

data/.travis.yml

@@ -1,8 +0,0 @@
-language: ruby
-script: bundle exec rspec spec
-rvm:
-  - 2.0.0
-  - 2.1.0
-  - 2.2.0
-  - 2.5.8
-  - jruby-19mode