loofah 2.2.3 → 2.21.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +269 -31
- data/README.md +109 -124
- data/lib/loofah/concerns.rb +207 -0
- data/lib/loofah/elements.rb +85 -79
- data/lib/loofah/helpers.rb +37 -20
- data/lib/loofah/{html → html4}/document.rb +6 -7
- data/lib/loofah/html4/document_fragment.rb +15 -0
- data/lib/loofah/html5/document.rb +17 -0
- data/lib/loofah/html5/document_fragment.rb +15 -0
- data/lib/loofah/html5/libxml2_workarounds.rb +10 -8
- data/lib/loofah/html5/safelist.rb +1055 -0
- data/lib/loofah/html5/scrub.rb +153 -58
- data/lib/loofah/metahelpers.rb +11 -6
- data/lib/loofah/scrubber.rb +22 -15
- data/lib/loofah/scrubbers.rb +66 -55
- data/lib/loofah/version.rb +6 -0
- data/lib/loofah/xml/document.rb +2 -0
- data/lib/loofah/xml/document_fragment.rb +4 -7
- data/lib/loofah.rb +131 -38
- metadata +28 -216
- data/.gemtest +0 -0
- data/Gemfile +0 -22
- data/Manifest.txt +0 -40
- data/Rakefile +0 -79
- data/benchmark/benchmark.rb +0 -149
- data/benchmark/fragment.html +0 -96
- data/benchmark/helper.rb +0 -73
- data/benchmark/www.slashdot.com.html +0 -2560
- data/lib/loofah/html/document_fragment.rb +0 -40
- data/lib/loofah/html5/whitelist.rb +0 -186
- data/lib/loofah/instance_methods.rb +0 -127
- data/test/assets/msword.html +0 -63
- data/test/assets/testdata_sanitizer_tests1.dat +0 -502
- data/test/helper.rb +0 -18
- data/test/html5/test_sanitizer.rb +0 -382
- data/test/integration/test_ad_hoc.rb +0 -204
- data/test/integration/test_helpers.rb +0 -43
- data/test/integration/test_html.rb +0 -72
- data/test/integration/test_scrubbers.rb +0 -400
- data/test/integration/test_xml.rb +0 -55
- data/test/unit/test_api.rb +0 -142
- data/test/unit/test_encoding.rb +0 -20
- data/test/unit/test_helpers.rb +0 -62
- data/test/unit/test_scrubber.rb +0 -229
- data/test/unit/test_scrubbers.rb +0 -14
data/benchmark/helper.rb
DELETED
@@ -1,73 +0,0 @@
|
|
1
|
-
require 'rubygems'
|
2
|
-
require 'open-uri'
|
3
|
-
require 'hpricot'
|
4
|
-
require File.expand_path(File.dirname(__FILE__) + "/../lib/loofah")
|
5
|
-
require 'benchmark'
|
6
|
-
require "action_view"
|
7
|
-
require "action_controller/vendor/html-scanner"
|
8
|
-
require "sanitize"
|
9
|
-
require 'hitimes'
|
10
|
-
require 'htmlfilter'
|
11
|
-
|
12
|
-
unless defined?(HTMLFilter)
|
13
|
-
HTMLFilter = HtmlFilter
|
14
|
-
end
|
15
|
-
|
16
|
-
class RailsSanitize
|
17
|
-
include ActionView::Helpers::SanitizeHelper
|
18
|
-
extend ActionView::Helpers::SanitizeHelper::ClassMethods
|
19
|
-
end
|
20
|
-
|
21
|
-
class HTML5libSanitize
|
22
|
-
require 'html5/html5parser'
|
23
|
-
require 'html5/liberalxmlparser'
|
24
|
-
require 'html5/treewalkers'
|
25
|
-
require 'html5/treebuilders'
|
26
|
-
require 'html5/serializer'
|
27
|
-
require 'html5/sanitizer'
|
28
|
-
|
29
|
-
include HTML5
|
30
|
-
|
31
|
-
def sanitize(html)
|
32
|
-
HTMLParser.parse_fragment(html, {
|
33
|
-
:tokenizer => HTMLSanitizer,
|
34
|
-
:encoding => 'utf-8',
|
35
|
-
:tree => TreeBuilders::REXML::TreeBuilder
|
36
|
-
}).to_s
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
BIG_FILE = File.read(File.join(File.dirname(__FILE__), "www.slashdot.com.html"))
|
41
|
-
FRAGMENT = File.read(File.join(File.dirname(__FILE__), "fragment.html"))
|
42
|
-
SNIPPET = "This is typical form field input in <b>length and content."
|
43
|
-
|
44
|
-
class Measure
|
45
|
-
def initialize
|
46
|
-
clear_measure
|
47
|
-
end
|
48
|
-
|
49
|
-
def clear_measure
|
50
|
-
@first_time = true
|
51
|
-
@baseline = nil
|
52
|
-
end
|
53
|
-
|
54
|
-
def measure(name, ntimes)
|
55
|
-
if @first_time
|
56
|
-
printf " %-30s %7s %8s %5s\n", "", "total", "single", "rel"
|
57
|
-
@first_time = false
|
58
|
-
end
|
59
|
-
timer = Hitimes::TimedMetric.new(name)
|
60
|
-
timer.start
|
61
|
-
ntimes.times do |j|
|
62
|
-
yield
|
63
|
-
end
|
64
|
-
timer.stop
|
65
|
-
if @baseline
|
66
|
-
printf " %30s %7.3f (%8.6f) %5.2fx\n", timer.name, timer.sum, timer.sum / ntimes, timer.sum / @baseline
|
67
|
-
else
|
68
|
-
@baseline = timer.sum
|
69
|
-
printf " %30s %7.3f (%8.6f) %5s\n", timer.name, timer.sum, timer.sum / ntimes, "-"
|
70
|
-
end
|
71
|
-
timer.sum
|
72
|
-
end
|
73
|
-
end
|