javascript_eraser 1.0.1 → 1.0.2

data/VERSION

@@ -1 +1 @@
-1.0.1
+1.0.2

data/lib/javascript_eraser.rb

@@ -10,6 +10,8 @@ class JavascriptEraser
       response = ""
     elsif response.respond_to?(:body) and response.body.is_a?(String)
       response.body = response.body.gsub(/<script(.|\n)*?type(.|\n)*?javascript(.|\n)*?\/script>/,"")
+      response.body = response.body.gsub(/\s*on\w+=".*?[^\\]"\s*(.*?)\s*>/, "\\1>")
+      response.body = response.body.gsub(/\s*on\w+='.*?[^\\]'\s*(.*?)\s*>/, "\\1>")
     elsif response.class.to_s != "Rack::File"
       puts "JavascriptEraser: unknown response type: #{response.class}. check order of appearance in middleware stack."
     end

data/spec/javascript_eraser_spec.rb

@@ -17,6 +17,12 @@ describe "JavascriptEraser" do
       je.call(nil)[2].body.should == "blah "
     end
 
+    it "should erase the event attributes if it's html" do
+      class Response; attr_accessor :body; def initialize; @body="blah <div onclick='javascript:doStuff();'></div>"; end; end
+      je = JavascriptEraser.new( lambda { |env| [200, {}, Response.new] } )
+      je.call(nil)[2].body.should == "blah <div></div>"
+    end
+
     it "should log a message if the response type is unknown" do
       je = JavascriptEraser.new( lambda { |env| [200, {}, {}] } )
       $stdout.should_receive(:write).at_least(1).times

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: javascript_eraser
 version: !ruby/object:Gem::Version 
-  hash: 21
+  hash: 19
   prerelease: false
   segments: 
   - 1
   - 0
-  - 1
-  version: 1.0.1
+  - 2
+  version: 1.0.2
 platform: ruby
 authors: 
 - Tyler Boyd
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-11-03 00:00:00 -04:00
+date: 2010-11-22 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency