loofah-activerecord 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.rdoc +7 -0
- data/Gemfile +7 -6
- data/Manifest.txt +1 -0
- data/README.rdoc +7 -5
- data/Rakefile +3 -1
- data/lib/loofah-activerecord.rb +2 -2
- data/lib/loofah/activerecord/railtie.rb +6 -1
- data/lib/loofah/activerecord/xss_foliate.rb +45 -7
- data/rails_test/Rakefile +37 -27
- data/rails_test/common/active_record/test/unit/posts_test.rb +12 -2
- data/rails_test/common/xss_foliate/test/unit/posts_test.rb +12 -1
- data/test/helper.rb +0 -2
- data/test/unit/test_xss_foliate.rb +40 -11
- metadata +57 -62
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 52ec5c3aec119d59c88a3a7ad5ec0827f96fcb14
|
4
|
+
data.tar.gz: f28f8d37c7d11254db4847a85036ad275b5db101
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: ff07b7dba65c364a356c25af635f6dcd3de28811f01fd00fc2eba9c394f22d50b0602352db6702d4c50207b435877ac9568612eab85493b3386895a990896e77
|
7
|
+
data.tar.gz: 880a75ab10e8bdb38598f406c3b3b4d0c6a447230475c27b365df5e459a05777666e5043c42a4b874549b2aa67b06b56ea1dff362dbbfb546ede7947ddc79a92
|
data/CHANGELOG.rdoc
CHANGED
data/Gemfile
CHANGED
@@ -6,14 +6,15 @@ source "https://rubygems.org/"
|
|
6
6
|
|
7
7
|
gem "loofah", ">=1.0.0"
|
8
8
|
|
9
|
-
gem "
|
10
|
-
gem "
|
9
|
+
gem "rdoc", "~>4.0", :group => [:development, :test]
|
10
|
+
gem "minitest", "~>2.2", :group => [:development, :test]
|
11
11
|
gem "rr", "~>1.0", :group => [:development, :test]
|
12
|
-
gem "
|
13
|
-
gem "
|
12
|
+
gem "acts_as_fu", ">=0.0.5", :group => [:development, :test]
|
13
|
+
gem "bundler", ">=1.2.0", :group => [:development, :test]
|
14
14
|
gem "hoe-git", ">=0", :group => [:development, :test]
|
15
15
|
gem "hoe-bundler", ">=0", :group => [:development, :test]
|
16
|
-
gem "
|
17
|
-
gem "
|
16
|
+
gem "hoe-gemspec", ">=0", :group => [:development, :test]
|
17
|
+
gem "unindent", ">=0", :group => [:development, :test]
|
18
|
+
gem "hoe", "~>3.12", :group => [:development, :test]
|
18
19
|
|
19
20
|
# vim: syntax=ruby
|
data/Manifest.txt
CHANGED
data/README.rdoc
CHANGED
@@ -6,15 +6,17 @@
|
|
6
6
|
|
7
7
|
== Description
|
8
8
|
|
9
|
-
loofah-activerecord extends loofah's HTML sanitization into Rails
|
9
|
+
+loofah-activerecord+ extends +loofah+'s HTML sanitization into Rails
|
10
10
|
ActiveRecord models.
|
11
11
|
|
12
|
+
See more about +loofah+ at: http://github.com/flavorjones/loofah
|
13
|
+
|
12
14
|
== Features
|
13
15
|
|
14
16
|
There are two ActiveRecord extensions included with loofah-activerecord:
|
15
17
|
|
16
|
-
|
17
|
-
|
18
|
+
* Loofah::ActiveRecordExtension is an *opt-in* sanitizer. You must explicitly declare attributes to be sanitized.
|
19
|
+
* Loofah::XssFoliate, a drop-in replacement for XssTerminate[http://github.com/look/xss_terminate/tree/master], is an *opt-out* sanitizer. By default all models and attributes are sanitized.
|
18
20
|
|
19
21
|
=== ActiveRecord Extension \#1: Opt-In
|
20
22
|
|
@@ -50,7 +52,7 @@ another scrubber is specified or the attribute is present in an
|
|
50
52
|
== Requirements
|
51
53
|
|
52
54
|
* Loofah >= 1.0.0
|
53
|
-
* Rails 3.0, 2.3, 2.2, 2.1, 2.0 or 1.2 (pow!)
|
55
|
+
* Rails 3.2, 3.1, 3.0, 2.3, 2.2, 2.1, 2.0 or 1.2 (pow!)
|
54
56
|
|
55
57
|
== Installation
|
56
58
|
|
@@ -92,7 +94,7 @@ This library was split out of the Loofah project for version 1.0.0.
|
|
92
94
|
|
93
95
|
The MIT License
|
94
96
|
|
95
|
-
Copyright (c) 2009, 2010, 2011 by Mike Dalessio
|
97
|
+
Copyright (c) 2009, 2010, 2011, 2012 by Mike Dalessio
|
96
98
|
|
97
99
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
98
100
|
of this software and associated documentation files (the "Software"), to deal
|
data/Rakefile
CHANGED
@@ -12,16 +12,18 @@ Hoe.spec "loofah-activerecord" do
|
|
12
12
|
self.extra_rdoc_files = FileList["*.rdoc"]
|
13
13
|
self.history_file = "CHANGELOG.rdoc"
|
14
14
|
self.readme_file = "README.rdoc"
|
15
|
+
self.license "MIT"
|
15
16
|
|
16
17
|
extra_deps << ["loofah", ">= 1.0.0"]
|
17
18
|
|
18
19
|
extra_dev_deps << ["minitest", "~>2.2"]
|
19
20
|
extra_dev_deps << ["rr", "~>1.0"]
|
20
21
|
extra_dev_deps << ["acts_as_fu", ">=0.0.5"]
|
21
|
-
extra_dev_deps << ["bundler", "
|
22
|
+
extra_dev_deps << ["bundler", ">=1.2.0"]
|
22
23
|
extra_dev_deps << ["hoe-git", ">=0"]
|
23
24
|
extra_dev_deps << ["hoe-bundler", ">=0"]
|
24
25
|
extra_dev_deps << ["hoe-gemspec", ">=0"]
|
26
|
+
extra_dev_deps << ["unindent", ">=0"]
|
25
27
|
end
|
26
28
|
|
27
29
|
load "rails_test/Rakefile"
|
data/lib/loofah-activerecord.rb
CHANGED
@@ -3,10 +3,10 @@ $LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__))) unless $LOAD_PATH.i
|
|
3
3
|
require 'loofah'
|
4
4
|
|
5
5
|
module Loofah::ActiveRecord
|
6
|
-
VERSION = "1.
|
6
|
+
VERSION = "1.2.0"
|
7
7
|
end
|
8
8
|
|
9
|
-
if defined?(Rails) && Rails::VERSION::MAJOR
|
9
|
+
if defined?(Rails) && [3,4].include?(Rails::VERSION::MAJOR)
|
10
10
|
require 'loofah/activerecord/railtie'
|
11
11
|
elsif defined? Rails.configuration and Rails.configuration.frameworks.include?([:active_record]) # >= 2.1
|
12
12
|
Rails.configuration.after_initialize do
|
@@ -2,7 +2,12 @@ require 'rails'
|
|
2
2
|
module Loofah::ActiveRecord
|
3
3
|
class Railtie < Rails::Railtie
|
4
4
|
initializer "loofah-activerecord.initialize" do |app|
|
5
|
-
|
5
|
+
railtie_collection = if app.railties.respond_to?(:all) # Rails::VERSION::MAJOR == 3
|
6
|
+
app.railties.all
|
7
|
+
else # Rails::VERSION::MAJOR == 4
|
8
|
+
app.railties
|
9
|
+
end
|
10
|
+
activerecord_railtie = railtie_collection.select {|railtie| railtie.class.to_s == "ActiveRecord::Railtie" }
|
6
11
|
if activerecord_railtie
|
7
12
|
require 'loofah/activerecord/active_record'
|
8
13
|
require 'loofah/activerecord/xss_foliate'
|
@@ -54,6 +54,19 @@ module Loofah
|
|
54
54
|
# # was: xss_terminate :except => [:title], :sanitize => [:body]
|
55
55
|
# xss_foliate :except => [:title], :sanitize => [:body]
|
56
56
|
#
|
57
|
+
# OR
|
58
|
+
#
|
59
|
+
# # when the final content is intended for non-html contexts,
|
60
|
+
# # such as plaintext email, you can turn off entity encoding
|
61
|
+
# # for all fields
|
62
|
+
# xss_foliate :encode_special_chars => false # do *not* escape HTML entities in any field. NOTE THAT THE RESULT IS UNSAFE FOR RENDERING IN HTML CONTEXTS.
|
63
|
+
#
|
64
|
+
# OR
|
65
|
+
#
|
66
|
+
# # or you can turn off entity encoding only for specific fields.
|
67
|
+
# xss_foliate :unencode_special_chars => [:title] # will escape HTML entities in all fields except title. NOTE THAT `TITLE` IS UNSAFE FOR RENDERING IN HTML CONTEXTS.
|
68
|
+
#
|
69
|
+
#
|
57
70
|
# Alternatively, if you would like to *opt-in* to the models and attributes that are sanitized:
|
58
71
|
#
|
59
72
|
# # config/initializers/loofah.rb
|
@@ -83,9 +96,11 @@ module Loofah
|
|
83
96
|
#
|
84
97
|
module ClassMethods
|
85
98
|
# :stopdoc:
|
86
|
-
|
87
|
-
|
88
|
-
|
99
|
+
SYMBOL_OPTIONS = [:except, :html5lib_sanitize, :sanitize, :unencode_special_chars] + Loofah::Scrubbers.scrubber_symbols
|
100
|
+
BOOLEAN_OPTIONS = {:encode_special_chars => true}
|
101
|
+
ALIASED_SYMBOL_OPTIONS = {:html5lib_sanitize => :escape, :sanitize => :strip}
|
102
|
+
REAL_SYMBOL_OPTIONS = SYMBOL_OPTIONS - ALIASED_SYMBOL_OPTIONS.keys
|
103
|
+
VALID_OPTIONS = SYMBOL_OPTIONS + BOOLEAN_OPTIONS.keys + ALIASED_SYMBOL_OPTIONS.keys
|
89
104
|
# :startdoc:
|
90
105
|
|
91
106
|
def self.extended(base)
|
@@ -152,14 +167,25 @@ module Loofah
|
|
152
167
|
raise ArgumentError, "unknown xss_foliate option #{option}" unless VALID_OPTIONS.include?(option)
|
153
168
|
end
|
154
169
|
|
155
|
-
|
170
|
+
REAL_SYMBOL_OPTIONS.each do |option|
|
156
171
|
options[option] = Array(options[option]).collect { |val| val.to_sym }
|
157
172
|
end
|
158
173
|
|
159
|
-
|
174
|
+
ALIASED_SYMBOL_OPTIONS.each do |option, real|
|
160
175
|
options[real] += Array(options.delete(option)).collect { |val| val.to_sym } if options[option]
|
161
176
|
end
|
162
177
|
|
178
|
+
BOOLEAN_OPTIONS.each do |option, default|
|
179
|
+
case options[option]
|
180
|
+
when FalseClass
|
181
|
+
when TrueClass
|
182
|
+
when NilClass
|
183
|
+
options[option] = default
|
184
|
+
else
|
185
|
+
raise "option #{option} only accepts `true` or `false` values"
|
186
|
+
end
|
187
|
+
end
|
188
|
+
|
163
189
|
if respond_to?(:class_attribute)
|
164
190
|
# Rails 3.0 and later
|
165
191
|
self.xss_foliate_options = options
|
@@ -196,7 +222,7 @@ module Loofah
|
|
196
222
|
field = column.name.to_sym
|
197
223
|
value = self[field]
|
198
224
|
|
199
|
-
next if
|
225
|
+
next if !value.is_a?(String)
|
200
226
|
|
201
227
|
next if xss_foliate_options[:except].include?(field)
|
202
228
|
|
@@ -204,7 +230,14 @@ module Loofah
|
|
204
230
|
|
205
231
|
# :text if we're here
|
206
232
|
fragment = Loofah.scrub_fragment(value, :strip)
|
207
|
-
|
233
|
+
|
234
|
+
text_options = if xss_foliate_is_unencoded(field)
|
235
|
+
{:encode_special_chars => false}
|
236
|
+
else
|
237
|
+
{}
|
238
|
+
end
|
239
|
+
|
240
|
+
self[field] = fragment.nil? ? "" : fragment.text(text_options)
|
208
241
|
end
|
209
242
|
end
|
210
243
|
|
@@ -220,6 +253,11 @@ module Loofah
|
|
220
253
|
end
|
221
254
|
false
|
222
255
|
end
|
256
|
+
|
257
|
+
def xss_foliate_is_unencoded(field)
|
258
|
+
(! xss_foliate_options[:encode_special_chars]) \
|
259
|
+
|| xss_foliate_options[:unencode_special_chars].include?(field)
|
260
|
+
end
|
223
261
|
end
|
224
262
|
|
225
263
|
def self.xss_foliate_all_models
|
data/rails_test/Rakefile
CHANGED
@@ -1,6 +1,15 @@
|
|
1
1
|
namespace "test" do
|
2
2
|
require "bundler"
|
3
3
|
require "yaml"
|
4
|
+
require "unindent"
|
5
|
+
|
6
|
+
def have_rvm?
|
7
|
+
@have_rvm ||= `which rvm 2>&1 > /dev/null` && $?.success?
|
8
|
+
end
|
9
|
+
|
10
|
+
def have_rbenv?
|
11
|
+
@have_rbenv ||= `which rbenv 2>&1 > /dev/null` && $?.success?
|
12
|
+
end
|
4
13
|
|
5
14
|
def gem_versions_for rails_version
|
6
15
|
mm = rails_version.split(".")[0,2].join(".")
|
@@ -8,23 +17,16 @@ namespace "test" do
|
|
8
17
|
end
|
9
18
|
|
10
19
|
def ruby_version_for rails_version
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
20
|
+
case rails_version
|
21
|
+
when /^([12]\.|3\.0)/
|
22
|
+
"1.8.7"
|
23
|
+
when /^3\./
|
24
|
+
"1.9.3"
|
25
|
+
when /^4\.0/
|
26
|
+
"2.0.0"
|
27
|
+
when /^4\./
|
28
|
+
"2.1.2"
|
19
29
|
end
|
20
|
-
|
21
|
-
desired_version = rbenv_versions.reverse.select do |rbenv_version|
|
22
|
-
rbenv_version =~ /^#{mmp}/
|
23
|
-
end.first
|
24
|
-
|
25
|
-
raise "ERROR: No Ruby version matching #{mmp} installed with rbenv" if desired_version.nil?
|
26
|
-
|
27
|
-
desired_version
|
28
30
|
end
|
29
31
|
|
30
32
|
def dir_to_version_and_flavor dir
|
@@ -32,17 +34,25 @@ namespace "test" do
|
|
32
34
|
return [$1, $2]
|
33
35
|
end
|
34
36
|
|
35
|
-
def run(cmd,
|
36
|
-
|
37
|
-
|
38
|
-
if
|
39
|
-
|
40
|
-
ENV['RBENV_VERSION'] = rbenv_version
|
41
|
-
cmd = "rbenv exec #{cmd}"
|
37
|
+
def run(cmd, ruby_version=nil)
|
38
|
+
if have_rvm?
|
39
|
+
puts "*running rvm: #{cmd}"
|
40
|
+
if ruby_version
|
41
|
+
cmd = "rvm \"#{ruby_version}\" do #{cmd}"
|
42
42
|
end
|
43
43
|
system cmd
|
44
|
-
|
45
|
-
|
44
|
+
elsif have_rbenv?
|
45
|
+
puts "* running rbenv: #{cmd}"
|
46
|
+
begin
|
47
|
+
if ruby_version
|
48
|
+
puts " (with ruby version #{ruby_version})"
|
49
|
+
ENV['RBENV_VERSION'] = ruby_version
|
50
|
+
cmd = "rbenv exec #{cmd}"
|
51
|
+
end
|
52
|
+
system cmd
|
53
|
+
ensure
|
54
|
+
ENV.delete('RBENV_VERSION')
|
55
|
+
end
|
46
56
|
end
|
47
57
|
raise "ERROR running command" unless $? == 0
|
48
58
|
end
|
@@ -56,8 +66,8 @@ namespace "test" do
|
|
56
66
|
snowflakes = Array gem_versions_for(version)
|
57
67
|
Dir.chdir dir do
|
58
68
|
File.open("Gemfile", "w") do |gemfile|
|
59
|
-
gemfile.write <<-GEM
|
60
|
-
source
|
69
|
+
gemfile.write <<-GEM.unindent
|
70
|
+
source "https://rubygems.org"
|
61
71
|
gem "rails", "=#{version}"
|
62
72
|
gem "loofah", :path => File.join(File.dirname(__FILE__),"../../../loofah")
|
63
73
|
gem "loofah-activerecord", :path => File.join(File.dirname(__FILE__),"../..")
|
@@ -1,7 +1,17 @@
|
|
1
|
-
|
2
1
|
require File.join(File.dirname(__FILE__), "../test_helper")
|
2
|
+
begin
|
3
|
+
require "test/unit"
|
4
|
+
rescue NameError
|
5
|
+
require "minitest"
|
6
|
+
end
|
7
|
+
|
8
|
+
if defined?(Minitest::Test)
|
9
|
+
LoofahTestBaseClass = Minitest::Test
|
10
|
+
else
|
11
|
+
LoofahTestBaseClass = Test::Unit::TestCase
|
12
|
+
end
|
3
13
|
|
4
|
-
class PostsTest <
|
14
|
+
class PostsTest < LoofahTestBaseClass
|
5
15
|
def test_loofah_scrubbing
|
6
16
|
post = Post.new :title => "<script>yo dawg</script>", :body => "<script>omgwtfbbq</script>"
|
7
17
|
post.valid?
|
@@ -1,6 +1,17 @@
|
|
1
1
|
require File.join(File.dirname(__FILE__), "../test_helper")
|
2
|
+
begin
|
3
|
+
require "test/unit"
|
4
|
+
rescue NameError
|
5
|
+
require "minitest"
|
6
|
+
end
|
7
|
+
|
8
|
+
if defined?(Minitest::Test)
|
9
|
+
LoofahTestBaseClass = Minitest::Test
|
10
|
+
else
|
11
|
+
LoofahTestBaseClass = Test::Unit::TestCase
|
12
|
+
end
|
2
13
|
|
3
|
-
class PostsTest <
|
14
|
+
class PostsTest < LoofahTestBaseClass
|
4
15
|
def test_loofah_scrubbing
|
5
16
|
post = Post.new :title => "<script>yo dawg</script>", :body => "<script>omgwtfbbq</script>"
|
6
17
|
post.valid?
|
data/test/helper.rb
CHANGED
@@ -11,8 +11,6 @@ puts "=> testing with Nokogiri #{Nokogiri::VERSION_INFO.inspect}"
|
|
11
11
|
puts "=> testing with Loofah #{Loofah::VERSION}"
|
12
12
|
|
13
13
|
class Loofah::ActiveRecord::TestCase < MiniTest::Spec
|
14
|
-
include RR::Adapters::TestUnit
|
15
|
-
|
16
14
|
class << self
|
17
15
|
alias_method :context, :describe
|
18
16
|
end
|
@@ -103,7 +103,7 @@ class TestXssFoliate < Loofah::ActiveRecord::TestCase
|
|
103
103
|
mock(Loofah).scrub_fragment(HTML_STRING, :strip).once.returns(mock_doc)
|
104
104
|
mock(Loofah).scrub_fragment(PLAIN_TEXT, :strip).once.returns(mock_doc)
|
105
105
|
mock(Loofah).scrub_fragment(INTEGER_VALUE, :strip).never
|
106
|
-
mock(mock_doc).text.times(2)
|
106
|
+
mock(mock_doc).text({}).times(2)
|
107
107
|
assert new_post.valid?
|
108
108
|
end
|
109
109
|
end
|
@@ -118,7 +118,7 @@ class TestXssFoliate < Loofah::ActiveRecord::TestCase
|
|
118
118
|
mock(Loofah).scrub_fragment(HTML_STRING, :strip).once.returns(mock_doc)
|
119
119
|
mock(Loofah).scrub_fragment(PLAIN_TEXT, :strip).never
|
120
120
|
mock(Loofah).scrub_fragment(INTEGER_VALUE, :strip).never
|
121
|
-
mock(mock_doc).text.once
|
121
|
+
mock(mock_doc).text({}).once
|
122
122
|
new_post.valid?
|
123
123
|
end
|
124
124
|
end
|
@@ -181,35 +181,64 @@ class TestXssFoliate < Loofah::ActiveRecord::TestCase
|
|
181
181
|
end
|
182
182
|
end
|
183
183
|
|
184
|
-
context "
|
184
|
+
context "with bad argument to encode_special_chars" do
|
185
|
+
it "raises an exception" do
|
186
|
+
assert_raises(RuntimeError) { Post.xss_foliate :encode_special_chars => [:title] }
|
187
|
+
end
|
188
|
+
end
|
189
|
+
|
190
|
+
context "with encode_special_chars turned off for all fields" do
|
185
191
|
before do
|
186
|
-
Post.xss_foliate
|
192
|
+
Post.xss_foliate :encode_special_chars => false
|
187
193
|
end
|
188
194
|
|
189
195
|
it "not scrub double quotes into html entities" do
|
190
|
-
answer = new_post(:plain_text => "\"something\"")
|
196
|
+
answer = new_post(:plain_text => "\"something\"", :html_string => "\"something\"")
|
191
197
|
answer.valid?
|
192
198
|
assert_equal "\"something\"", answer.plain_text
|
199
|
+
assert_equal "\"something\"", answer.html_string
|
193
200
|
end
|
194
201
|
|
195
202
|
it "not scrub ampersands into html entities" do
|
196
|
-
answer = new_post(:plain_text => "& Something")
|
203
|
+
answer = new_post(:plain_text => "& Something", :html_string => "& Something")
|
197
204
|
answer.valid?
|
198
205
|
assert_equal "& Something", answer.plain_text
|
206
|
+
assert_equal "& Something", answer.html_string
|
199
207
|
end
|
200
208
|
|
201
209
|
it "not scrub \\r html entities" do
|
202
|
-
answer = new_post(:plain_text => "Another \r Something")
|
210
|
+
answer = new_post(:plain_text => "Another \r Something", :html_string => "Another \r Something")
|
203
211
|
answer.valid?
|
204
212
|
assert_equal "Another \r Something", answer.plain_text
|
213
|
+
assert_equal "Another \r Something", answer.html_string
|
205
214
|
end
|
215
|
+
end
|
206
216
|
|
207
|
-
|
208
|
-
|
217
|
+
context "with encode_special_chars turned off for one field" do
|
218
|
+
before do
|
219
|
+
Post.xss_foliate :unencode_special_chars => [:plain_text]
|
220
|
+
end
|
221
|
+
|
222
|
+
it "not scrub double quotes into html entities" do
|
223
|
+
answer = new_post(:plain_text => "\"something\"", :html_string => "\"something\"")
|
209
224
|
answer.valid?
|
210
|
-
assert_equal "
|
225
|
+
assert_equal "\"something\"", answer.plain_text
|
226
|
+
assert_equal ""something"", answer.html_string
|
227
|
+
end
|
228
|
+
|
229
|
+
it "not scrub ampersands into html entities" do
|
230
|
+
answer = new_post(:plain_text => "& Something", :html_string => "& Something")
|
231
|
+
answer.valid?
|
232
|
+
assert_equal "& Something", answer.plain_text
|
233
|
+
assert_equal "& Something", answer.html_string
|
234
|
+
end
|
235
|
+
|
236
|
+
it "not scrub \\r html entities" do
|
237
|
+
answer = new_post(:plain_text => "Another \r Something", :html_string => "Another \r Something")
|
238
|
+
answer.valid?
|
239
|
+
assert_equal "Another \r Something", answer.plain_text
|
240
|
+
assert_equal "Another Something", answer.html_string
|
211
241
|
end
|
212
242
|
end
|
213
243
|
end
|
214
244
|
end
|
215
|
-
|
metadata
CHANGED
@@ -1,179 +1,174 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: loofah-activerecord
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
5
|
-
prerelease:
|
4
|
+
version: 1.2.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Mike Dalessio
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2014-08-22 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: loofah
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
16
|
requirements:
|
19
|
-
- -
|
17
|
+
- - ">="
|
20
18
|
- !ruby/object:Gem::Version
|
21
19
|
version: 1.0.0
|
22
20
|
type: :runtime
|
23
21
|
prerelease: false
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
23
|
requirements:
|
27
|
-
- -
|
24
|
+
- - ">="
|
28
25
|
- !ruby/object:Gem::Version
|
29
26
|
version: 1.0.0
|
30
27
|
- !ruby/object:Gem::Dependency
|
31
28
|
name: rdoc
|
32
29
|
requirement: !ruby/object:Gem::Requirement
|
33
|
-
none: false
|
34
30
|
requirements:
|
35
|
-
- - ~>
|
31
|
+
- - "~>"
|
36
32
|
- !ruby/object:Gem::Version
|
37
|
-
version: '
|
33
|
+
version: '4.0'
|
38
34
|
type: :development
|
39
35
|
prerelease: false
|
40
36
|
version_requirements: !ruby/object:Gem::Requirement
|
41
|
-
none: false
|
42
37
|
requirements:
|
43
|
-
- - ~>
|
38
|
+
- - "~>"
|
44
39
|
- !ruby/object:Gem::Version
|
45
|
-
version: '
|
40
|
+
version: '4.0'
|
46
41
|
- !ruby/object:Gem::Dependency
|
47
42
|
name: minitest
|
48
43
|
requirement: !ruby/object:Gem::Requirement
|
49
|
-
none: false
|
50
44
|
requirements:
|
51
|
-
- - ~>
|
45
|
+
- - "~>"
|
52
46
|
- !ruby/object:Gem::Version
|
53
47
|
version: '2.2'
|
54
48
|
type: :development
|
55
49
|
prerelease: false
|
56
50
|
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
none: false
|
58
51
|
requirements:
|
59
|
-
- - ~>
|
52
|
+
- - "~>"
|
60
53
|
- !ruby/object:Gem::Version
|
61
54
|
version: '2.2'
|
62
55
|
- !ruby/object:Gem::Dependency
|
63
56
|
name: rr
|
64
57
|
requirement: !ruby/object:Gem::Requirement
|
65
|
-
none: false
|
66
58
|
requirements:
|
67
|
-
- - ~>
|
59
|
+
- - "~>"
|
68
60
|
- !ruby/object:Gem::Version
|
69
61
|
version: '1.0'
|
70
62
|
type: :development
|
71
63
|
prerelease: false
|
72
64
|
version_requirements: !ruby/object:Gem::Requirement
|
73
|
-
none: false
|
74
65
|
requirements:
|
75
|
-
- - ~>
|
66
|
+
- - "~>"
|
76
67
|
- !ruby/object:Gem::Version
|
77
68
|
version: '1.0'
|
78
69
|
- !ruby/object:Gem::Dependency
|
79
70
|
name: acts_as_fu
|
80
71
|
requirement: !ruby/object:Gem::Requirement
|
81
|
-
none: false
|
82
72
|
requirements:
|
83
|
-
- -
|
73
|
+
- - ">="
|
84
74
|
- !ruby/object:Gem::Version
|
85
75
|
version: 0.0.5
|
86
76
|
type: :development
|
87
77
|
prerelease: false
|
88
78
|
version_requirements: !ruby/object:Gem::Requirement
|
89
|
-
none: false
|
90
79
|
requirements:
|
91
|
-
- -
|
80
|
+
- - ">="
|
92
81
|
- !ruby/object:Gem::Version
|
93
82
|
version: 0.0.5
|
94
83
|
- !ruby/object:Gem::Dependency
|
95
84
|
name: bundler
|
96
85
|
requirement: !ruby/object:Gem::Requirement
|
97
|
-
none: false
|
98
86
|
requirements:
|
99
|
-
- -
|
87
|
+
- - ">="
|
100
88
|
- !ruby/object:Gem::Version
|
101
89
|
version: 1.2.0
|
102
90
|
type: :development
|
103
91
|
prerelease: false
|
104
92
|
version_requirements: !ruby/object:Gem::Requirement
|
105
|
-
none: false
|
106
93
|
requirements:
|
107
|
-
- -
|
94
|
+
- - ">="
|
108
95
|
- !ruby/object:Gem::Version
|
109
96
|
version: 1.2.0
|
110
97
|
- !ruby/object:Gem::Dependency
|
111
98
|
name: hoe-git
|
112
99
|
requirement: !ruby/object:Gem::Requirement
|
113
|
-
none: false
|
114
100
|
requirements:
|
115
|
-
- -
|
101
|
+
- - ">="
|
116
102
|
- !ruby/object:Gem::Version
|
117
103
|
version: '0'
|
118
104
|
type: :development
|
119
105
|
prerelease: false
|
120
106
|
version_requirements: !ruby/object:Gem::Requirement
|
121
|
-
none: false
|
122
107
|
requirements:
|
123
|
-
- -
|
108
|
+
- - ">="
|
124
109
|
- !ruby/object:Gem::Version
|
125
110
|
version: '0'
|
126
111
|
- !ruby/object:Gem::Dependency
|
127
112
|
name: hoe-bundler
|
128
113
|
requirement: !ruby/object:Gem::Requirement
|
129
|
-
none: false
|
130
114
|
requirements:
|
131
|
-
- -
|
115
|
+
- - ">="
|
132
116
|
- !ruby/object:Gem::Version
|
133
117
|
version: '0'
|
134
118
|
type: :development
|
135
119
|
prerelease: false
|
136
120
|
version_requirements: !ruby/object:Gem::Requirement
|
137
|
-
none: false
|
138
121
|
requirements:
|
139
|
-
- -
|
122
|
+
- - ">="
|
140
123
|
- !ruby/object:Gem::Version
|
141
124
|
version: '0'
|
142
125
|
- !ruby/object:Gem::Dependency
|
143
126
|
name: hoe-gemspec
|
144
127
|
requirement: !ruby/object:Gem::Requirement
|
145
|
-
none: false
|
146
128
|
requirements:
|
147
|
-
- -
|
129
|
+
- - ">="
|
148
130
|
- !ruby/object:Gem::Version
|
149
131
|
version: '0'
|
150
132
|
type: :development
|
151
133
|
prerelease: false
|
152
134
|
version_requirements: !ruby/object:Gem::Requirement
|
153
|
-
none: false
|
154
135
|
requirements:
|
155
|
-
- -
|
136
|
+
- - ">="
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: '0'
|
139
|
+
- !ruby/object:Gem::Dependency
|
140
|
+
name: unindent
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
142
|
+
requirements:
|
143
|
+
- - ">="
|
144
|
+
- !ruby/object:Gem::Version
|
145
|
+
version: '0'
|
146
|
+
type: :development
|
147
|
+
prerelease: false
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
149
|
+
requirements:
|
150
|
+
- - ">="
|
156
151
|
- !ruby/object:Gem::Version
|
157
152
|
version: '0'
|
158
153
|
- !ruby/object:Gem::Dependency
|
159
154
|
name: hoe
|
160
155
|
requirement: !ruby/object:Gem::Requirement
|
161
|
-
none: false
|
162
156
|
requirements:
|
163
|
-
- - ~>
|
157
|
+
- - "~>"
|
164
158
|
- !ruby/object:Gem::Version
|
165
|
-
version: '3.
|
159
|
+
version: '3.12'
|
166
160
|
type: :development
|
167
161
|
prerelease: false
|
168
162
|
version_requirements: !ruby/object:Gem::Requirement
|
169
|
-
none: false
|
170
163
|
requirements:
|
171
|
-
- - ~>
|
164
|
+
- - "~>"
|
172
165
|
- !ruby/object:Gem::Version
|
173
|
-
version: '3.
|
174
|
-
description:
|
166
|
+
version: '3.12'
|
167
|
+
description: |-
|
168
|
+
+loofah-activerecord+ extends +loofah+'s HTML sanitization into Rails
|
169
|
+
ActiveRecord models.
|
175
170
|
|
176
|
-
|
171
|
+
See more about +loofah+ at: http://github.com/flavorjones/loofah
|
177
172
|
email:
|
178
173
|
- mike.dalessio@gmail.com
|
179
174
|
executables: []
|
@@ -184,6 +179,7 @@ extra_rdoc_files:
|
|
184
179
|
- Manifest.txt
|
185
180
|
- README.rdoc
|
186
181
|
files:
|
182
|
+
- ".gemtest"
|
187
183
|
- CHANGELOG.rdoc
|
188
184
|
- Gemfile
|
189
185
|
- MIT-LICENSE.txt
|
@@ -205,34 +201,33 @@ files:
|
|
205
201
|
- test/helper.rb
|
206
202
|
- test/unit/test_active_record.rb
|
207
203
|
- test/unit/test_xss_foliate.rb
|
208
|
-
- .gemtest
|
209
204
|
homepage: http://github.com/flavorjones/loofah-activerecord
|
210
|
-
licenses:
|
205
|
+
licenses:
|
206
|
+
- MIT
|
207
|
+
metadata: {}
|
211
208
|
post_install_message:
|
212
209
|
rdoc_options:
|
213
|
-
- --main
|
210
|
+
- "--main"
|
214
211
|
- README.rdoc
|
215
212
|
require_paths:
|
216
213
|
- lib
|
217
214
|
required_ruby_version: !ruby/object:Gem::Requirement
|
218
|
-
none: false
|
219
215
|
requirements:
|
220
|
-
- -
|
216
|
+
- - ">="
|
221
217
|
- !ruby/object:Gem::Version
|
222
218
|
version: '0'
|
223
219
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
224
|
-
none: false
|
225
220
|
requirements:
|
226
|
-
- -
|
221
|
+
- - ">="
|
227
222
|
- !ruby/object:Gem::Version
|
228
223
|
version: '0'
|
229
224
|
requirements: []
|
230
|
-
rubyforge_project:
|
231
|
-
rubygems_version:
|
225
|
+
rubyforge_project:
|
226
|
+
rubygems_version: 2.2.2
|
232
227
|
signing_key:
|
233
|
-
specification_version:
|
234
|
-
summary: loofah-activerecord extends loofah's HTML sanitization into Rails ActiveRecord
|
235
|
-
models
|
228
|
+
specification_version: 4
|
229
|
+
summary: "+loofah-activerecord+ extends +loofah+'s HTML sanitization into Rails ActiveRecord
|
230
|
+
models"
|
236
231
|
test_files:
|
237
|
-
- test/unit/test_active_record.rb
|
238
232
|
- test/unit/test_xss_foliate.rb
|
233
|
+
- test/unit/test_active_record.rb
|