loofah 2.16.0 → 2.18.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of loofah might be problematic. Click here for more details.

Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +14 -0
  3. data/README.md +1 -1
  4. data/lib/loofah/html5/safelist.rb +58 -1
  5. data/lib/loofah/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d40096a6907f19cebf6b6b9a2ef87ce523b2716fba9c8d6fccedb9b482acfcef
4
- data.tar.gz: 30988f4bfef885607cfa24cd727a5512be1133e7ce10e92af386f16b4e290fb1
3
+ metadata.gz: 187d7d426a2923ded1dd7ac225935029e5c140a93d7e73d32108737dfdf8ce9e
4
+ data.tar.gz: 9506581bec512a6c38489019966a2067d01a28b76b1472bb5b865cd04bea3ebf
5
5
  SHA512:
6
- metadata.gz: 2e717a4402933b4a2a47ba39b2cd2da8daf5194ffacb9c803290a1946a251794339529ad847202ff0573753bd702f8b9e646b50cf9672ec163dbebc2dd9bdcaf
7
- data.tar.gz: 0f3546b919f5a808f8e7a8fe32112ccb5759d86aa42becb82fe42fe7afeacaf5fe39af5cd7a49be627dfd17746b6ea16c5798a13b18b369cb75661b51401e30f
6
+ metadata.gz: 67ee54e2fc329df7dc146e2fa2a9c82ea83e126145d9192d0e82e8efdf2fc46495b186aca31265d3f56f0348de54d945f6055958a39ad7666caee0e128226f6d
7
+ data.tar.gz: 786b5da54c4ea19b48123849fc350d0c6b18cdafc076c0875590d2944f9f01ff1825a9714d40abf22400b31ea9deb571ba5bacfb263622abe7301abf3d5eb936
data/CHANGELOG.md CHANGED
@@ -1,5 +1,19 @@
1
1
  # Changelog
2
2
 
3
+ ## 2.18.0 / 2022-05-11
4
+
5
+ ### Features
6
+
7
+ * Allow CSS property `aspect-ratio`. [[#236](https://github.com/flavorjones/loofah/issues/236)] (Thanks, [@louim](https://github.com/louim)!)
8
+
9
+
10
+ ## 2.17.0 / 2022-04-28
11
+
12
+ ### Features
13
+
14
+ * Allow ARIA attributes. [[#232](https://github.com/flavorjones/loofah/issues/232), [#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!)
15
+
16
+
3
17
  ## 2.16.0 / 2022-04-01
4
18
 
5
19
  ### Features
data/README.md CHANGED
@@ -348,7 +348,7 @@ And a big shout-out to Corey Innis for the name, and feedback on the API.
348
348
 
349
349
  ## Thank You
350
350
 
351
- The following people have generously donated via the [Pledgie](http://pledgie.com) badge on the [Loofah github page](https://github.com/flavorjones/loofah):
351
+ The following people have generously funded Loofah:
352
352
 
353
353
  * Bill Harding
354
354
 
data/lib/loofah/html5/safelist.rb CHANGED
@@ -512,6 +512,62 @@ module Loofah
512
512
  "zoomAndPan",
513
513
  ])
514
514
 
515
+ ARIA_ATTRIBUTES = Set.new([
516
+ "aria-activedescendant",
517
+ "aria-atomic",
518
+ "aria-autocomplete",
519
+ "aria-braillelabel",
520
+ "aria-brailleroledescription",
521
+ "aria-busy",
522
+ "aria-checked",
523
+ "aria-colcount",
524
+ "aria-colindex",
525
+ "aria-colindextext",
526
+ "aria-colspan",
527
+ "aria-controls",
528
+ "aria-current",
529
+ "aria-describedby",
530
+ "aria-description",
531
+ "aria-details",
532
+ "aria-disabled",
533
+ "aria-dropeffect",
534
+ "aria-errormessage",
535
+ "aria-expanded",
536
+ "aria-flowto",
537
+ "aria-grabbed",
538
+ "aria-haspopup",
539
+ "aria-hidden",
540
+ "aria-invalid",
541
+ "aria-keyshortcuts",
542
+ "aria-label",
543
+ "aria-labelledby",
544
+ "aria-level",
545
+ "aria-live",
546
+ "aria-multiline",
547
+ "aria-multiselectable",
548
+ "aria-orientation",
549
+ "aria-owns",
550
+ "aria-placeholder",
551
+ "aria-posinset",
552
+ "aria-pressed",
553
+ "aria-readonly",
554
+ "aria-relevant",
555
+ "aria-required",
556
+ "aria-roledescription",
557
+ "aria-rowcount",
558
+ "aria-rowindex",
559
+ "aria-rowindextext",
560
+ "aria-rowspan",
561
+ "aria-selected",
562
+ "aria-setsize",
563
+ "aria-sort",
564
+ "aria-valuemax",
565
+ "aria-valuemin",
566
+ "aria-valuenow",
567
+ "aria-valuetext",
568
+ "role",
569
+ ])
570
+
515
571
  ATTR_VAL_IS_URI = Set.new([
516
572
  "action",
517
573
  "cite",
@@ -561,6 +617,7 @@ module Loofah
561
617
  "align-content",
562
618
  "align-items",
563
619
  "align-self",
620
+ "aspect-ratio",
564
621
  "background-color",
565
622
  "border-bottom-color",
566
623
  "border-collapse",
@@ -795,7 +852,7 @@ module Loofah
795
852
 
796
853
  # subclasses may define their own versions of these constants
797
854
  ALLOWED_ELEMENTS = ACCEPTABLE_ELEMENTS + MATHML_ELEMENTS + SVG_ELEMENTS
798
- ALLOWED_ATTRIBUTES = ACCEPTABLE_ATTRIBUTES + MATHML_ATTRIBUTES + SVG_ATTRIBUTES
855
+ ALLOWED_ATTRIBUTES = ACCEPTABLE_ATTRIBUTES + MATHML_ATTRIBUTES + SVG_ATTRIBUTES + ARIA_ATTRIBUTES
799
856
  ALLOWED_CSS_PROPERTIES = ACCEPTABLE_CSS_PROPERTIES
800
857
  ALLOWED_CSS_KEYWORDS = ACCEPTABLE_CSS_KEYWORDS
801
858
  ALLOWED_CSS_FUNCTIONS = ACCEPTABLE_CSS_FUNCTIONS
data/lib/loofah/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
  module Loofah
3
3
  # The version of Loofah you are using
4
- VERSION = "2.16.0"
4
+ VERSION = "2.18.0"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: loofah
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.16.0
4
+ version: 2.18.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mike Dalessio
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2022-04-01 00:00:00.000000000 Z
12
+ date: 2022-05-11 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: crass