jekyll-attendease 0.6.28 → 0.6.29

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/jekyll/attendease_plugin/site_page_blocks_json.rb +42 -0
  3. data/lib/jekyll/attendease_plugin/site_pages_generator.rb +2 -0
  4. data/lib/jekyll/attendease_plugin/version.rb +1 -1
  5. data/spec/lib/jekyll/attendease_plugin/site_pages_generator_spec.rb +12 -0
  6. data/spec/spec_helper.rb +1 -1
  7. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a06e59fa86ba4ab646f4d67451d08f3027197eda
4
- data.tar.gz: 5a583eb4b3d01c3cbe3553e80c45fa959b5fe6fc
3
+ metadata.gz: dd1caff91315f005bd0bfa4a0072eb1c81b284dd
4
+ data.tar.gz: 44ac7fa54a0a6f3e44efbda3ad2cefc7a593df37
5
5
  SHA512:
6
- metadata.gz: e14bc84aba59e174ec9f7d80b05df98fb9cbd01d9bdf53d08a5d15d19e02494df11eef77d4189f258ca4d949a71831d898715e3b1fd25e7c9374596dbd180954
7
- data.tar.gz: b5c2441d6e75954f77d1290f245051bb189eeff39333c26b1a63538308ab1771e704bbae3d90b209083ad29a70560dba4c570e8854c07b3670174768955effc6
6
+ metadata.gz: 7ba93e72a45301e19dc8b21da720cd5f0bfdc35b9ad14797e6c4226ee263dab15c22b11c63731474e7c4f9117d315fcde92b99e47d36be256ef29edb71dd30f1
7
+ data.tar.gz: 4d3efa46604b8c2b1770ab0ab3a8c3420b91bb88f0bc63de5b25a5fcb93ef0e7d6f839ea762b17012101ad121d2b3c31bbfe936f730e56ade12cac34068af47b
data/lib/jekyll/attendease_plugin/site_page_blocks_json.rb ADDED
@@ -0,0 +1,42 @@
1
+ module Jekyll
2
+ module AttendeasePlugin
3
+ class SitePageBlocksJson < StaticFile
4
+ def initialize(site, base, page)
5
+ @site = site
6
+ @base = base
7
+ @dir = page['slug']
8
+ @name = 'index.json'
9
+
10
+ self.process(@name)
11
+
12
+ #require 'pry'
13
+ #binding.pry
14
+ #self.read_yaml(File.join(base, '_attendease', 'templates', 'pages'), 'default.html')
15
+ self.read_yaml(File.join(base, '_layouts'), "#{page['layout']}.html")
16
+
17
+ self.data['title'] = page['title']
18
+ self.data['layout'] = page['layout']
19
+
20
+ zones = {}
21
+
22
+ # create zone buckets
23
+ page['block_instances'].each do |i|
24
+ zones[i['zone']] = [] if zones[i['zone']].nil?
25
+ zones[i['zone']] << i
26
+ end
27
+
28
+ # sort each bucket by widget weight
29
+ zones.each do |k, zone|
30
+ zone.sort! { |x, y| x['weight'] <=> y['weight'] }
31
+ self.data[k] = ''
32
+ zone.each do |i|
33
+ self.data[k] << i['rendered_html']
34
+ end
35
+ end
36
+
37
+ self.data['site_page'] = page
38
+ end
39
+ end
40
+ end
41
+ end
42
+
data/lib/jekyll/attendease_plugin/site_pages_generator.rb CHANGED
@@ -6,6 +6,8 @@ module Jekyll
6
6
  def generate(site)
7
7
  site.data['pages'].each do |page|
8
8
  if !page['permanent'] && !page['external']
9
+ require 'cgi'
10
+ page['name'] = CGI.escapeHTML(page['name']) if page['name']
9
11
  site.pages << SitePage.new(site, site.source, page)
10
12
 
11
13
  zones = {}
data/lib/jekyll/attendease_plugin/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Jekyll
2
2
  module AttendeasePlugin
3
- VERSION = '0.6.28'
3
+ VERSION = '0.6.29'
4
4
  end
5
5
  end
data/spec/lib/jekyll/attendease_plugin/site_pages_generator_spec.rb CHANGED
@@ -6,6 +6,7 @@ RSpec.describe Jekyll::AttendeasePlugin::SitePagesGenerator do
6
6
  let(:index_file) { 'index.html' }
7
7
  let(:page) { site.data['pages'].detect { |p| p['slug'] == 'test' } }
8
8
  let(:external_page) { site.data['pages'].detect { |p| p['external'] == true } }
9
+ let(:xss_page) { site.data['pages'].detect { |p| p['slug'] == 'agenda' } }
9
10
 
10
11
  context 'regular page' do
11
12
  it 'creates a page using the provided slug' do
@@ -24,6 +25,17 @@ RSpec.describe Jekyll::AttendeasePlugin::SitePagesGenerator do
24
25
  end
25
26
  end
26
27
 
28
+ context 'page with XSS' do
29
+ it 'escapes HTML in the page title' do
30
+ slug = xss_page['slug']
31
+ file = File.join(site.config['destination'], slug, 'index.html')
32
+ expect(File.exists?(file)).to eq(true)
33
+ expect(File.file?(file)).to eq(true)
34
+ expect(File.read(file)).to include '<title>Agenda &lt;script&gt;alert()&lt;/script&gt;</title>'
35
+ end
36
+
37
+ end
38
+
27
39
  context 'external page' do
28
40
  it 'does not create a page using the provided slug' do
29
41
 
data/spec/spec_helper.rb CHANGED
@@ -15,7 +15,7 @@ RSpec.configure do |config|
15
15
 
16
16
  config.before(:all) do
17
17
  if Gem::Version.new('2') <= Gem::Version.new(Jekyll::VERSION)
18
- Jekyll.logger.log_level = :warn
18
+ Jekyll.logger.log_level = ENV['debug'].nil? ? :warn : :debug
19
19
  else
20
20
  Jekyll.logger.log_level = Jekyll::Stevenson::WARN
21
21
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jekyll-attendease
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.28
4
+ version: 0.6.29
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Wood
@@ -183,6 +183,7 @@ files:
183
183
  - lib/jekyll/attendease_plugin/schedule_session_page.rb
184
184
  - lib/jekyll/attendease_plugin/schedule_sessions_page.rb
185
185
  - lib/jekyll/attendease_plugin/site_page.rb
186
+ - lib/jekyll/attendease_plugin/site_page_blocks_json.rb
186
187
  - lib/jekyll/attendease_plugin/site_pages_generator.rb
187
188
  - lib/jekyll/attendease_plugin/sponsor_generator.rb
188
189
  - lib/jekyll/attendease_plugin/sponsors_index_page.rb