loofah 0.2.2 → 0.3.0

data/test/test_helpers.rb

@@ -0,0 +1,28 @@
+require File.expand_path(File.join(File.dirname(__FILE__), 'helper'))
+
+class TestHelpers < Test::Unit::TestCase
+
+  HTML_STRING = "<div>omgwtfbbq</div>"
+
+  context "when calling strip_tags" do
+    should "invoke Loofah.fragment.text" do
+      mock_doc = mock
+      Loofah.expects(:fragment).with(HTML_STRING).returns(mock_doc)
+      mock_doc.expects(:text)
+
+      Loofah::Helpers.strip_tags HTML_STRING
+    end
+  end
+
+  context "when calling sanitize" do
+    should "invoke Loofah.scrub_fragment(:escape).to_s" do
+      mock_doc = mock
+      Loofah.expects(:fragment).with(HTML_STRING).returns(mock_doc)
+      mock_doc.expects(:scrub!).with(:strip).returns(mock_doc)
+      mock_doc.expects(:to_s)
+
+      Loofah::Helpers.sanitize HTML_STRING
+    end
+  end
+
+end

data/test/test_xss_foliate.rb

@@ -0,0 +1,171 @@
+require File.expand_path(File.join(File.dirname(__FILE__), 'helper'))
+
+class TestXssFoliate < Test::Unit::TestCase
+
+  HTML_STRING = "<div>omgwtfbbq</div>"
+  PLAIN_TEXT = "vanilla text"
+  INTEGER_VALUE = "1234"
+  WHITESPACEY = " <br> "
+
+  def new_post(overrides={})
+    Post.new({:html_string => HTML_STRING, :plain_text => PLAIN_TEXT, :not_a_string => INTEGER_VALUE}.merge(overrides))
+  end
+
+  context "with a Post model" do
+    setup do
+      ActsAsFu.build_model(:posts) do
+        string :plain_text
+        string :html_string
+        integer :not_a_string
+      end
+    end
+
+    context "#xss_foliated?" do
+      context "when xss_foliate has not been called" do
+        should "return false" do
+          assert ! Post.xss_foliated?
+        end
+      end
+
+      context "when xss_foliate has been called with no options" do
+        setup do
+          Post.xss_foliate
+        end
+
+        should "return true" do
+          assert Post.xss_foliated?
+        end
+      end
+
+      context "when xss_foliate has been called with options" do
+        setup do
+          Post.xss_foliate :prune => :plain_text
+        end
+
+        should "return true" do
+          assert Post.xss_foliated?
+        end
+      end
+    end
+
+    context "#xss_foliate" do
+      context "when passed invalid option" do
+        should "raise ArgumentError" do
+          assert_raise(ArgumentError) { Post.xss_foliate :quux => [:foo] }
+        end
+      end
+
+      context "when passed a symbol" do
+        should "do the right thing" do
+          assert_nothing_raised(ArgumentError) { Post.xss_foliate :prune => :plain_text }
+          Loofah.expects(:scrub_fragment).with(HTML_STRING, :strip).once
+          Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :prune).once
+          assert new_post.valid?
+        end
+      end
+
+      context "when passed an array of symbols" do
+        should "do the right thing" do
+          assert_nothing_raised(ArgumentError) {
+            Post.xss_foliate :prune => [:plain_text, :html_string]
+          }
+          Loofah.expects(:scrub_fragment).with(HTML_STRING, :prune).once
+          Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :prune).once
+          assert new_post.valid?
+        end
+      end
+
+      context "when passed a string" do
+        should "do the right thing" do
+          assert_nothing_raised(ArgumentError) { Post.xss_foliate :prune => 'plain_text' }
+          Loofah.expects(:scrub_fragment).with(HTML_STRING, :strip).once
+          Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :prune).once
+          assert new_post.valid?
+        end
+      end
+
+      context "when passed an array of strings" do
+        should "do the right thing" do
+          assert_nothing_raised(ArgumentError) {
+            Post.xss_foliate :prune => ['plain_text', 'html_string']
+          }
+          Loofah.expects(:scrub_fragment).with(HTML_STRING, :prune).once
+          Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :prune).once
+          assert new_post.valid?
+        end
+      end
+    end
+
+    context "declaring scrubbed fields" do
+      context "on all fields" do
+        setup do
+          Post.xss_foliate
+        end
+
+        should "scrub all fields" do
+          mock_doc = mock
+          Loofah.expects(:scrub_fragment).with(HTML_STRING, :strip).once.returns(mock_doc)
+          Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :strip).once.returns(mock_doc)
+          Loofah.expects(:scrub_fragment).with(INTEGER_VALUE, :strip).never
+          mock_doc.expects(:text).twice
+          assert new_post.valid?
+        end
+      end
+
+      context "omitting one field" do
+        setup do
+          Post.xss_foliate :except => [:plain_text]
+        end
+
+        should "not scrub omitted field" do
+          Loofah.expects(:scrub_fragment).with(HTML_STRING, :strip).once
+          Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :strip).never
+          Loofah.expects(:scrub_fragment).with(INTEGER_VALUE, :strip).never
+          assert new_post.valid?
+        end
+      end
+
+      [:strip, :escape, :prune].each do |method|
+        context "declaring one field to be scrubbed with #{method}" do
+          setup do
+            Post.xss_foliate method => [:plain_text]
+          end
+
+          should "not that field appropriately" do
+            Loofah.expects(:scrub_fragment).with(HTML_STRING, :strip).once
+            Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, method).once
+            Loofah.expects(:scrub_fragment).with(INTEGER_VALUE, :strip).never
+            assert new_post.valid?
+          end
+        end
+      end
+
+      context "declaring one field to be scrubbed with html5lib_sanitize" do
+        setup do
+          Post.xss_foliate :html5lib_sanitize => [:plain_text]
+        end
+
+        should "not that field appropriately" do
+          Loofah.expects(:scrub_fragment).with(HTML_STRING, :strip).once
+          Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :escape).once
+          Loofah.expects(:scrub_fragment).with(INTEGER_VALUE, :strip).never
+          assert new_post.valid?
+        end
+      end
+    end
+
+    context "invalid model data" do
+      setup do
+        Post.validates_presence_of :html_string
+        Post.xss_foliate
+      end
+
+      should "not be valid after sanitizing" do
+        Loofah.expects(:scrub_fragment).with(WHITESPACEY, :strip).once
+        Loofah.expects(:scrub_fragment).with(PLAIN_TEXT, :strip).once
+        assert ! new_post(:html_string => WHITESPACEY).valid?
+      end
+    end
+
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: loofah
 version: !ruby/object:Gem::Version 
-  version: 0.2.2
+  version: 0.3.0
 platform: ruby
 authors: 
 - Mike Dalessio
@@ -31,7 +31,7 @@ cert_chain:
   FlqnTjy13J3nD30uxy9a1g==
   -----END CERTIFICATE-----
 
-date: 2009-08-30 00:00:00 -04:00
+date: 2009-10-06 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -55,17 +55,15 @@ dependencies:
         version: 2.3.3
     version: 
 description: |-
-  Loofah is an HTML sanitizer. It will *always* fix broken markup, but
+  Loofah is an HTML sanitizer. It will always fix broken markup, but
   can also sanitize unsafe tags in a few different ways, and transform
   the markup for storage or display.
   
   It's built on top of Nokogiri and libxml2, so it's fast. And it uses
   html5lib's whitelist, so it most likely won't make your codes less
-  secure.
+  secure. \*
   
-  (These statements have not been evaluated by Internet Experts.)
-  
-  This library was formerly known as Dryopteris.
+  \* These statements have not been evaluated by Netexperts.
 email: 
 - mike.dalessio@gmail.com
 - bryan@brynary.com
@@ -78,9 +76,11 @@ extra_rdoc_files:
 - Manifest.txt
 - TODO.rdoc
 - CHANGELOG.rdoc
+- DEPRECATED.rdoc
 - README.rdoc
 files: 
 - CHANGELOG.rdoc
+- DEPRECATED.rdoc
 - MIT-LICENSE.txt
 - Manifest.txt
 - README.rdoc
@@ -93,24 +93,24 @@ files:
 - init.rb
 - lib/loofah.rb
 - lib/loofah/active_record.rb
-- lib/loofah/deprecated.rb
+- lib/loofah/helpers.rb
 - lib/loofah/html/document.rb
 - lib/loofah/html/document_fragment.rb
 - lib/loofah/html5/scrub.rb
 - lib/loofah/html5/whitelist.rb
 - lib/loofah/scrubber.rb
+- lib/loofah/xss_foliate.rb
 - test/helper.rb
-- test/html5/test_deprecated_sanitizer.rb
 - test/html5/test_sanitizer.rb
 - test/html5/testdata/tests1.dat
 - test/test_active_record.rb
+- test/test_ad_hoc.rb
 - test/test_api.rb
-- test/test_deprecated_basic.rb
-- test/test_microsofty.rb
+- test/test_helpers.rb
 - test/test_scrubber.rb
-- test/test_strip_tags.rb
+- test/test_xss_foliate.rb
 has_rdoc: true
-homepage: http://loofah.rubyforge.org/
+homepage: http://loofah.rubyforge.org
 licenses: []
 
 post_install_message: 
@@ -139,11 +139,10 @@ signing_key:
 specification_version: 3
 summary: Loofah is an HTML sanitizer
 test_files: 
-- test/test_deprecated_basic.rb
+- test/test_xss_foliate.rb
+- test/test_helpers.rb
 - test/test_scrubber.rb
-- test/test_strip_tags.rb
 - test/test_api.rb
+- test/test_ad_hoc.rb
 - test/html5/test_sanitizer.rb
-- test/html5/test_deprecated_sanitizer.rb
 - test/test_active_record.rb
-- test/test_microsofty.rb

data/lib/loofah/deprecated.rb

@@ -1,38 +0,0 @@
-module Loofah
-  class << self
-    def strip_tags(string_or_io) # :nodoc:
-      warn_once "WARNING: Loofah.strip_tags is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_document(string_or_io, :prune)"
-      Loofah.scrub_document(string_or_io, :prune).text
-    end
-    
-    def whitewash(string_or_io) # :nodoc:
-      warn_once "WARNING: Loofah.whitewash is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_fragment(string_or_io, :whitewash)"
-      Loofah.scrub_fragment(string_or_io, :whitewash).to_s
-    end
-
-    def whitewash_document(string_or_io) # :nodoc:
-      warn_once "WARNING: Loofah.whitewash_document is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_document(string_or_io, :whitewash)"
-      Loofah.scrub_document(string_or_io, :whitewash).to_s
-    end
-
-    def sanitize(string_or_io) # :nodoc:
-      warn_once "WARNING: Loofah.sanitize is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_fragment(string_or_io, :escape)"
-      Loofah.scrub_fragment(string_or_io, :escape).to_xml
-    end
-    
-    def sanitize_document(string_or_io) # :nodoc:
-      warn_once "WARNING: Loofah.sanitize_document is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_document(string_or_io, :escape)"
-      Loofah.scrub_document(string_or_io, :escape).to_xml
-    end
-
-    private
-
-    def warn_once(message) # :nodoc:
-      @aooga ||= {}
-      unless @aooga.key?(message)
-        warn message unless @aooga[message]
-        @aooga[message] = true
-      end
-    end
-  end
-end

data/test/html5/test_deprecated_sanitizer.rb

@@ -1,185 +0,0 @@
-#
-#  these tests taken from the HTML5 sanitization project and modified for use with Loofah
-#  see the original here: http://code.google.com/p/html5lib/source/browse/ruby/test/test_sanitizer.rb
-#
-#  license text at the bottom of this file
-#
-require File.expand_path(File.join(File.dirname(__FILE__), '..', 'helper'))
-
-class HTML5TestDeprecatedSanitizer < Test::Unit::TestCase
-  include Loofah
-
-  def sanitize_html stream
-    Loofah.sanitize(stream)
-  end
-
-  def sanitize_doc stream
-    Loofah.sanitize_document(stream)
-  end
-
-  def check_sanitization(input, htmloutput, xhtmloutput, rexmloutput)
-    #  libxml uses double-quotes, so let's swappo-boppo our quotes before comparing.
-    assert_equal htmloutput, sanitize_html(input).gsub(/"/,"'"), input
-
-    doc = sanitize_doc(input).gsub(/"/,"'")
-    assert doc.include?(htmloutput), "#{input}:\n#{doc}\nshould include:\n#{htmloutput}"
-  end
-
-  HTML5::WhiteList::ALLOWED_ELEMENTS.each do |tag_name|
-    define_method "test_should_allow_#{tag_name}_tag" do
-      input       = "<#{tag_name} title='1'>foo <bad>bar</bad> baz</#{tag_name}>"
-      htmloutput  = "<#{tag_name.downcase} title='1'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</#{tag_name.downcase}>"
-      xhtmloutput = "<#{tag_name} title='1'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</#{tag_name}>"
-      rexmloutput = xhtmloutput
-
-##
-##  these special cases are HTML5-tokenizer-dependent.
-##  libxml2 cleans up HTML differently, and I trust that.
-##
-#       if %w[caption colgroup optgroup option tbody td tfoot th thead tr].include?(tag_name)
-#         htmloutput = "foo &lt;bad&gt;bar&lt;/bad&gt; baz"
-#         xhtmloutput = htmloutput
-#       elsif tag_name == 'col'
-#         htmloutput = "foo &lt;bad&gt;bar&lt;/bad&gt; baz"
-#         xhtmloutput = htmloutput
-#         rexmloutput = "<col title='1' />"
-#       elsif tag_name == 'table'
-#         htmloutput = "foo &lt;bad&gt;bar&lt;/bad&gt;baz<table title='1'> </table>"
-#         xhtmloutput = htmloutput
-#       elsif tag_name == 'image'
-#         htmloutput = "<image title='1'/>foo &lt;bad&gt;bar&lt;/bad&gt; baz"
-#         xhtmloutput = htmloutput
-#         rexmloutput = "<image title='1'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</image>"
-      if HTML5::WhiteList::VOID_ELEMENTS.include?(tag_name)
-        if Nokogiri::LIBXML_VERSION <= "2.6.16"
-          htmloutput = "<#{tag_name} title='1'/><p>foo &lt;bad&gt;bar&lt;/bad&gt; baz</p>"
-        else
-          htmloutput = "<#{tag_name} title='1'/>foo &lt;bad&gt;bar&lt;/bad&gt; baz"
-        end
-        xhtmloutput = htmloutput
-#        htmloutput += '<br/>' if tag_name == 'br'
-        rexmloutput =  "<#{tag_name} title='1' />"
-      end
-      check_sanitization(input, htmloutput, xhtmloutput, rexmloutput)
-    end
-  end
-
-##
-##  libxml2 downcases tag names as it parses, so this is unnecessary.
-##
-#   HTML5::WhiteList::ALLOWED_ELEMENTS.each do |tag_name|
-#     define_method "test_should_forbid_#{tag_name.upcase}_tag" do
-#       input = "<#{tag_name.upcase} title='1'>foo <bad>bar</bad> baz</#{tag_name.upcase}>"
-#       output = "&lt;#{tag_name.upcase} title=\"1\"&gt;foo &lt;bad&gt;bar&lt;/bad&gt; baz&lt;/#{tag_name.upcase}&gt;"
-#       check_sanitization(input, output, output, output)
-#     end
-#   end
-
-  HTML5::WhiteList::ALLOWED_ATTRIBUTES.each do |attribute_name|
-    next if attribute_name == 'style'
-    next if attribute_name =~ /:/ && Nokogiri::LIBXML_VERSION <= '2.6.16'
-    define_method "test_should_allow_#{attribute_name}_attribute" do
-      input = "<p #{attribute_name}='foo'>foo <bad>bar</bad> baz</p>"
-      output = "<p #{attribute_name}='foo'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</p>"
-      htmloutput = "<p #{attribute_name.downcase}='foo'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</p>"
-      check_sanitization(input, htmloutput, output, output)
-    end
-  end
-
-##
-##  libxml2 downcases attributes as it parses, so this is unnecessary.
-##
-#   HTML5::WhiteList::ALLOWED_ATTRIBUTES.each do |attribute_name|
-#     define_method "test_should_forbid_#{attribute_name.upcase}_attribute" do
-#       input = "<p #{attribute_name.upcase}='display: none;'>foo <bad>bar</bad> baz</p>"
-#       output =  "<p>foo &lt;bad&gt;bar&lt;/bad&gt; baz</p>"
-#       check_sanitization(input, output, output, output)
-#     end
-#   end
-
-  HTML5::WhiteList::ALLOWED_PROTOCOLS.each do |protocol|
-    define_method "test_should_allow_#{protocol}_uris" do
-      input = %(<a href="#{protocol}">foo</a>)
-      output = "<a href='#{protocol}'>foo</a>"
-      check_sanitization(input, output, output, output)
-    end
-  end
-
-  HTML5::WhiteList::ALLOWED_PROTOCOLS.each do |protocol|
-    define_method "test_should_allow_uppercase_#{protocol}_uris" do
-      input = %(<a href="#{protocol.upcase}">foo</a>)
-      output = "<a href='#{protocol.upcase}'>foo</a>"
-      check_sanitization(input, output, output, output)
-    end
-  end
-
-  if false # TODO. should we even care about this? libxml2 punt.
-    def test_should_handle_astral_plane_characters
-      input = "<p>&#x1d4b5; &#x1d538;</p>"
-      output = "<p>\360\235\222\265 \360\235\224\270</p>"
-      check_sanitization(input, output, output, output)
-      
-      input = "<p><tspan>\360\235\224\270</tspan> a</p>"
-      output = "<p><tspan>\360\235\224\270</tspan> a</p>"
-      check_sanitization(input, output, output, output)
-    end
-  end
-
-# This affects only NS4. Is it worth fixing?
-#  def test_javascript_includes
-#    input = %(<div size="&{alert('XSS')}">foo</div>)
-#    output = "<div>foo</div>"
-#    check_sanitization(input, output, output, output)
-#  end
-
-  #html5_test_files('sanitizer').each do |filename|
-  #  JSON::parse(open(filename).read).each do |test|
-  #    define_method "test_#{test['name']}" do
-  #      check_sanitization(
-  #        test['input'],
-  #        test['output'],
-  #        test['xhtml'] || test['output'],
-  #        test['rexml'] || test['output']
-  #      )
-  #    end
-  #  end
-  #end
-end
-
-# <html5_license>
-#
-# Copyright (c) 2006-2008 The Authors
-#
-# Contributors:
-# James Graham - jg307@cam.ac.uk
-# Anne van Kesteren - annevankesteren@gmail.com
-# Lachlan Hunt - lachlan.hunt@lachy.id.au
-# Matt McDonald - kanashii@kanashii.ca
-# Sam Ruby - rubys@intertwingly.net
-# Ian Hickson (Google) - ian@hixie.ch
-# Thomas Broyer - t.broyer@ltgt.net
-# Jacques Distler - distler@golem.ph.utexas.edu
-# Henri Sivonen - hsivonen@iki.fi
-# The Mozilla Foundation (contributions from Henri Sivonen since 2008)
-#
-# Permission is hereby granted, free of charge, to any person
-# obtaining a copy of this software and associated documentation files
-# (the "Software"), to deal in the Software without restriction,
-# including without limitation the rights to use, copy, modify, merge,
-# publish, distribute, sublicense, and/or sell copies of the Software,
-# and to permit persons to whom the Software is furnished to do so,
-# subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
-# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-#
-# </html5_license>