loofah 0.4.2 → 2.25.0

metadata

@@ -1,182 +1,103 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: loofah
-version: !ruby/object:Gem::Version 
-  version: 0.4.2
+version: !ruby/object:Gem::Version
+  version: 2.25.0
 platform: ruby
-authors: 
+authors:
 - Mike Dalessio
 - Bryan Helmkamp
-autorequire: 
 bindir: bin
-cert_chain: 
-- |
-  -----BEGIN CERTIFICATE-----
-  MIIDPDCCAiSgAwIBAgIBADANBgkqhkiG9w0BAQUFADBEMRYwFAYDVQQDDA1taWtl
-  LmRhbGVzc2lvMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZ
-  FgNjb20wHhcNMDkwODExMDU0MjQ5WhcNMTAwODExMDU0MjQ5WjBEMRYwFAYDVQQD
-  DA1taWtlLmRhbGVzc2lvMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJ
-  k/IsZAEZFgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDANjr7
-  lZ1DKtK8YvNp+5kBzIpwrpClHRrosqo01qmWfGBxZckQUtrJUwGPxpzvIHVq1VKp
-  a9FXU/QWYek/1S0vhkOf9XGmFBnVCtbJhwGeyzsQFFSoQIfs2hd5gO0dSRpuKdi3
-  slfJAXzFKg1u/7OCVPgrY/mkdh34MzL5p0gSDzPt7vLPibctHg0GoepYT5Fh1tMQ
-  luzgrN0weTw/QoEWTMQcNk6CyUpzv0pOe7d0qEPQ9Lx7Lz64gIym3f0pKFpWLfME
-  l7PFLeR95zw2zsuZQwCR5ma5zjXD3mo2jk1mVqiI8qplOL1u30FU7hRhTV5n/Qe9
-  elDQoZW9Xz0R5JGDAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0G
-  A1UdDgQWBBRXWlUJZXcR1jkZPE24+mjUTCqNxjANBgkqhkiG9w0BAQUFAAOCAQEA
-  jDh5M41sg1MZKG1DXzQmo/IADeWRmXyb3EZaED9lhFFpoQqaralgpgmvuc0GswvO
-  QIZijh03tPQz8lgp1U1OFZod2ZwbEVTtVZpxs1ssjMraOA6KzlsNROH0XonIiy6j
-  r2Q0UF35ax8pvr3D5Y6AKzIW1F3aeiREylUDJlb/i1dPQ2PVK0yRrSQoK2epwM9E
-  zoczlHTTJc/tRvH5Up3Agcv9y+J0U9a1Af9NRsnHPVBdo2H32MsJ99x5NRDWJmJg
-  ohH37UR7njcc6j4fo22IwTqXaaXJdtVdAWjXP/xs5B3cPYSP6uqFnR46Jf86Iqj1
-  FlqnTjy13J3nD30uxy9a1g==
-  -----END CERTIFICATE-----
-
-date: 2010-01-23 00:00:00 -05:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
-  name: nokogiri
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: crass
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.2
   type: :runtime
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        version: 1.3.3
-    version: 
-- !ruby/object:Gem::Dependency 
-  name: mocha
-  type: :development
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        version: "0.9"
-    version: 
-- !ruby/object:Gem::Dependency 
-  name: thoughtbot-shoulda
-  type: :development
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        version: "2.10"
-    version: 
-- !ruby/object:Gem::Dependency 
-  name: acts_as_fu
-  type: :development
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
-    requirements: 
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.2
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
     - - ">="
-      - !ruby/object:Gem::Version 
-        version: 0.0.5
-    version: 
-- !ruby/object:Gem::Dependency 
-  name: hoe
-  type: :development
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
-    requirements: 
+      - !ruby/object:Gem::Version
+        version: 1.12.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
     - - ">="
-      - !ruby/object:Gem::Version 
-        version: 2.3.3
-    version: 
-description: |-
-  Loofah is a general library for manipulating HTML/XML documents and
-  fragments. It's built on top of Nokogiri and libxml2, so it's fast and
-  has a nice API.
-  
-  Loofah excels at HTML sanitization (XSS prevention). It includes some
-  nice HTML sanitizers, which are based on HTML5lib's whitelist, so it
-  most likely won't make your codes less secure. (These statements have
-  not been evaluated by Netexperts.)
-email: 
+      - !ruby/object:Gem::Version
+        version: 1.12.0
+description: |
+  Loofah is a general library for manipulating and transforming HTML/XML documents and fragments,
+  built on top of Nokogiri.
+
+  Loofah also includes some HTML sanitizers based on `html5lib`'s safelist, which are a specific
+  application of the general transformation functionality.
+email:
 - mike.dalessio@gmail.com
 - bryan@brynary.com
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
 - MIT-LICENSE.txt
-- Manifest.txt
-- TODO.rdoc
-- CHANGELOG.rdoc
-- DEPRECATED.rdoc
-- README.rdoc
-files: 
-- CHANGELOG.rdoc
-- DEPRECATED.rdoc
-- MIT-LICENSE.txt
-- Manifest.txt
-- README.rdoc
-- Rakefile
-- TODO.rdoc
-- benchmark/benchmark.rb
-- benchmark/fragment.html
-- benchmark/helper.rb
-- benchmark/www.slashdot.com.html
-- init.rb
+- README.md
+- SECURITY.md
 - lib/loofah.rb
-- lib/loofah/active_record.rb
+- lib/loofah/concerns.rb
+- lib/loofah/elements.rb
 - lib/loofah/helpers.rb
-- lib/loofah/html/document.rb
-- lib/loofah/html/document_fragment.rb
+- lib/loofah/html4/document.rb
+- lib/loofah/html4/document_fragment.rb
+- lib/loofah/html5/document.rb
+- lib/loofah/html5/document_fragment.rb
+- lib/loofah/html5/libxml2_workarounds.rb
+- lib/loofah/html5/safelist.rb
 - lib/loofah/html5/scrub.rb
-- lib/loofah/html5/whitelist.rb
-- lib/loofah/instance_methods.rb
+- lib/loofah/metahelpers.rb
 - lib/loofah/scrubber.rb
 - lib/loofah/scrubbers.rb
+- lib/loofah/version.rb
 - lib/loofah/xml/document.rb
 - lib/loofah/xml/document_fragment.rb
-- lib/loofah/xss_foliate.rb
-- test/helper.rb
-- test/html5/test_sanitizer.rb
-- test/test_active_record.rb
-- test/test_ad_hoc.rb
-- test/test_api.rb
-- test/test_helpers.rb
-- test/test_scrubber.rb
-- test/test_scrubbers.rb
-- test/test_xss_foliate.rb
-has_rdoc: true
-homepage: http://loofah.rubyforge.org
-licenses: []
-
-post_install_message: 
-rdoc_options: 
-- --main
-- README.rdoc
-require_paths: 
+homepage: https://github.com/flavorjones/loofah
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/flavorjones/loofah
+  source_code_uri: https://github.com/flavorjones/loofah
+  bug_tracker_uri: https://github.com/flavorjones/loofah/issues
+  changelog_uri: https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md
+  documentation_uri: https://www.rubydoc.info/gems/loofah/
+  funding_uri: https://github.com/sponsors/flavorjones
+rdoc_options: []
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  requirements: 
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      version: "0"
-  version: 
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  requirements: 
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      version: "0"
-  version: 
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
-rubyforge_project: loofah
-rubygems_version: 1.3.5
-signing_key: 
-specification_version: 3
-summary: Loofah is a general library for manipulating HTML/XML documents and fragments
-test_files: 
-- test/test_xss_foliate.rb
-- test/test_helpers.rb
-- test/test_scrubber.rb
-- test/test_scrubbers.rb
-- test/test_api.rb
-- test/test_ad_hoc.rb
-- test/html5/test_sanitizer.rb
-- test/test_active_record.rb
+rubygems_version: 3.6.9
+specification_version: 4
+summary: Loofah is a general library for manipulating and transforming HTML/XML documents
+  and fragments, built on top of Nokogiri.
+test_files: []

data/CHANGELOG.rdoc

@@ -1,92 +0,0 @@
-= Changelog
-
-== 0.4.2 (2010-01-22)
-
-Enhancements:
-
-  * Implemented Node#scrub! for scrubbing subtrees.
-  * Implemented NodeSet#scrub! for scrubbing a set of subtrees.
-  * Document.text now only serializes <body> contents (ignores <head>)
-  * <head>, <html> and <body> added to the HTML5lib whitelist.
-
-Bug fixes:
-
-  * Supporting Rails apps that aren't loading ActiveRecord. GH #10
-
-Miscellaneous:
-
-  * Mailing list is now loofah@librelist.com / http://librelist.com
-  * IRC channel is now \#loofah on freenode.
-
-== 0.4.1 (2009-11-23)
-
-Bugfix:
-
-  * Manifest fixed. Whoops.
-
-== 0.4.0 (2009-11-21)
-
-Enhancements:
-
-  * Scrubber class introduced, allowing development of custom scrubbers.
-  * Added support for XML documents and fragments.
-  * Added :nofollow HTML scrubber (thanks Luke Melia!)
-  * Built-in scrubbing methods refactored to use Scrubber.
-
-== 0.3.1 (2009-10-12)
-
-Bug fixes:
-
-* Scrubbed Documents properly render html, head and body tags when serialized.
-
-== 0.3.0 (2009-10-06)
-
-Enhancements:
-
-* New ActiveRecord extension `xss_foliate`, a drop-in replacement for xss_terminate[http://github.com/look/xss_terminate/tree/master].
-* Replacement methods for Rails's helpers, Loofah::Rails.sanitize and Loofah::Rails.strip_tags.
-* Official support (and test coverage) for Rails versions 2.3, 2.2, 2.1, 2.0 and 1.2.
-
-Deprecations:
-
-* The methods strip_tags, whitewash, whitewash_document, sanitize, and
-  sanitize_document have been deprecated. See DEPRECATED.rdoc for
-  details on the equivalent calls with the post-0.2 API.
-
-== 0.2.2 (2009-09-30)
-
-Enhancements:
-
-* ActiveRecord extension scrubs fields in a before_validation callback
-  (was previously in a before_save)
-
-== 0.2.1 (2009-09-19)
-
-Enhancements:
-
-* when loaded in a Rails app, automatically extend ActiveRecord::Base
-  with html_fragment and html_document. GH #6 (Thanks Josh Nichols!)
-
-Bugfixes:
-
-* ActiveRecord scrubbing should generate strings instead of Document or
-  DocumentFragment objects. GH #5
-* init.rb fixed to support installation as a Rails plugin. GH #6
-  (Thanks Josh Nichols!)
-
-== 0.2.0 (2009-09-11)
-
-* Swank new API.
-* ActiveRecord extension.
-* Uses Nokogiri's Document and DocumentFragment for parsing.
-* Updated html5lib codes and tests to revision 1384:b9d3153d7be7.
-* Deprecated the Dryopteris sanitization methods. Will be removed in 0.3.0.
-* Documentation! Hey!
-
-== 0.1.2 (2009-04-30)
-
-* Added whitewashing -- removal of all attributes and namespaced nodes. You know, for microsofty HTML.
-
-== 0.1.0 (2009-02-10)
-
-* Birthday!

data/DEPRECATED.rdoc

@@ -1,12 +0,0 @@
-= Deprecations
-
-In Loofah 0.3.0, some methods have been deprecated. The following
-lists the equivalent calls with the post-0.2 API:
-
-* <tt>strip_tags(string_or_io)</tt> is now <tt>scrub_document(string_or_io, :prune).text</tt>
-* <tt>whitewash(string_or_io)</tt> is now <tt>scrub_fragment(string_or_io, :whitewash).to_s</tt>
-* <tt>whitewash_document(string_or_io)</tt> is now <tt>scrub_document(string_or_io, :whitewash).to_s</tt>
-* <tt>sanitize(string_or_io)</tt> is now <tt>scrub_fragment(string_or_io, :escape).to_xml</tt>
-* <tt>sanitize_document(string_or_io)</tt> is now <tt>scrub_document(string_or_io, :escape).to_xml</tt>
-
-Have a nice day.

data/Manifest.txt

@@ -1,34 +0,0 @@
-CHANGELOG.rdoc
-DEPRECATED.rdoc
-MIT-LICENSE.txt
-Manifest.txt
-README.rdoc
-Rakefile
-TODO.rdoc
-benchmark/benchmark.rb
-benchmark/fragment.html
-benchmark/helper.rb
-benchmark/www.slashdot.com.html
-init.rb
-lib/loofah.rb
-lib/loofah/active_record.rb
-lib/loofah/helpers.rb
-lib/loofah/html/document.rb
-lib/loofah/html/document_fragment.rb
-lib/loofah/html5/scrub.rb
-lib/loofah/html5/whitelist.rb
-lib/loofah/instance_methods.rb
-lib/loofah/scrubber.rb
-lib/loofah/scrubbers.rb
-lib/loofah/xml/document.rb
-lib/loofah/xml/document_fragment.rb
-lib/loofah/xss_foliate.rb
-test/helper.rb
-test/html5/test_sanitizer.rb
-test/test_active_record.rb
-test/test_ad_hoc.rb
-test/test_api.rb
-test/test_helpers.rb
-test/test_scrubber.rb
-test/test_scrubbers.rb
-test/test_xss_foliate.rb