loofah 2.21.2 → 2.21.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +14 -0
  3. data/lib/loofah/html5/scrub.rb +5 -4
  4. data/lib/loofah/version.rb +1 -1
  5. data/lib/loofah.rb +5 -8
  6. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f6cad9f8621046eb04ea5c9c0fbcf700406806d0917ced25eb8cfd91e6a5b2fc
4
- data.tar.gz: ead331468121d1c81293ce96c6c8502519830205ae6446cb3bb528f156970de8
3
+ metadata.gz: 5bc700e0a8a523327ae05ebaace9741de9c00f165279a9525515c6c50699c0d9
4
+ data.tar.gz: cc8db32a403e04256aad34637f0824b117159d357a4e180be1385b3998d90208
5
5
  SHA512:
6
- metadata.gz: a1f2c92b7e379a2303e52ab83b99d1e0cb6828bfd9015732affaac78ffd8a55fc09c30916409211abd4d890b9f8ee689b8051aad9fcf970d84dc466c65492078
7
- data.tar.gz: 4323a4996b105dbaa010c69f68f51becaacd936da5209fa2975fb35e3f842f71e7c46962b79c82cb5fde8df2504409325accbc0975617e45777e7414d82bdea2
6
+ metadata.gz: bda76a2e8ade5dd0461b3dca3386fb9a297fba1213a81ca404026fe17b33ab74fa4ed92916b11f921ac9e6b7bc77751e40ef7fabc706891d39e4e83cc091c17a
7
+ data.tar.gz: 981e45721b457e5c00a4c68dac710f121e23e0f26d5a1c35fbb3958b0e2574c12065e0b5166d0b55b0d836e79762326af1039aa442347993bc22c95ce5dad5fa
data/CHANGELOG.md CHANGED
@@ -1,5 +1,19 @@
1
1
  # Changelog
2
2
 
3
+ ## 2.21.4 / 2023-10-10
4
+
5
+ ### Fixed
6
+
7
+ * `Loofah::HTML5::Scrub.scrub_css` is more consistent in preserving whitespace (and lack of whitespace) in CSS property values. In particular, `.scrub_css` no longer inserts whitespace between tokens that did not already have whitespace between them. [[#273](https://github.com/flavorjones/loofah/issues/273), fixes [#271](https://github.com/flavorjones/loofah/issues/271)]
8
+
9
+
10
+ ## 2.21.3 / 2023-05-15
11
+
12
+ ### Fixed
13
+
14
+ * Quash "instance variable not initialized" warning in Ruby < 3.0. [[#268](https://github.com/flavorjones/loofah/issues/268)] (Thanks, [@dharamgollapudi](https://github.com/dharamgollapudi)!)
15
+
16
+
3
17
  ## 2.21.2 / 2023-05-11
4
18
 
5
19
  ### Dependencies
data/lib/loofah/html5/scrub.rb CHANGED
@@ -10,6 +10,7 @@ module Loofah
10
10
  CSS_KEYWORDISH = /\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(ch|cm|r?em|ex|in|lh|mm|pc|pt|px|Q|vmax|vmin|vw|vh|%|,|\))?)\z/ # rubocop:disable Layout/LineLength
11
11
  CRASS_SEMICOLON = { node: :semicolon, raw: ";" }
12
12
  CSS_IMPORTANT = "!important"
13
+ CSS_WHITESPACE = " "
13
14
  CSS_PROPERTY_STRING_WITHOUT_EMBEDDED_QUOTES = /\A(["'])?[^"']+\1\z/
14
15
  DATA_ATTRIBUTE_NAME = /\Adata-[\w-]+\z/
15
16
 
@@ -87,7 +88,7 @@ module Loofah
87
88
  value = node[:children].map do |child|
88
89
  case child[:node]
89
90
  when :whitespace
90
- nil
91
+ CSS_WHITESPACE
91
92
  when :string
92
93
  if CSS_PROPERTY_STRING_WITHOUT_EMBEDDED_QUOTES.match?(child[:raw])
93
94
  Crass::Parser.stringify(child)
@@ -106,12 +107,12 @@ module Loofah
106
107
  else
107
108
  child[:raw]
108
109
  end
109
- end.compact
110
+ end.compact.join.strip
110
111
 
111
112
  next if value.empty?
112
113
 
113
- value << CSS_IMPORTANT if node[:important]
114
- propstring = format("%s:%s", name, value.join(" "))
114
+ value << CSS_WHITESPACE << CSS_IMPORTANT if node[:important]
115
+ propstring = format("%s:%s", name, value)
115
116
  sanitized_node = Crass.parse_properties(propstring).first
116
117
  sanitized_tree << sanitized_node << CRASS_SEMICOLON
117
118
  end
data/lib/loofah/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  module Loofah
4
4
  # The version of Loofah you are using
5
- VERSION = "2.21.2"
5
+ VERSION = "2.21.4"
6
6
  end
data/lib/loofah.rb CHANGED
@@ -7,14 +7,11 @@ module Loofah
7
7
  def html5_support?
8
8
  # Note that Loofah can only support HTML5 in Nokogiri >= 1.14.0 because it requires the
9
9
  # subclassing fix from https://github.com/sparklemotion/nokogiri/pull/2534
10
- unless @html5_support_set
11
- @html5_support = (
12
- Gem::Version.new(Nokogiri::VERSION) > Gem::Version.new("1.14.0") &&
13
- Nokogiri.uses_gumbo?
14
- )
15
- @html5_support_set = true
16
- end
17
- @html5_support
10
+ return @html5_support if defined? @html5_support
11
+
12
+ @html5_support =
13
+ Gem::Version.new(Nokogiri::VERSION) > Gem::Version.new("1.14.0") &&
14
+ Nokogiri.uses_gumbo?
18
15
  end
19
16
  end
20
17
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: loofah
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.21.2
4
+ version: 2.21.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mike Dalessio
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2023-05-11 00:00:00.000000000 Z
12
+ date: 2023-10-10 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: crass
@@ -97,7 +97,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
97
97
  - !ruby/object:Gem::Version
98
98
  version: '0'
99
99
  requirements: []
100
- rubygems_version: 3.4.10
100
+ rubygems_version: 3.5.0.dev
101
101
  signing_key:
102
102
  specification_version: 4
103
103
  summary: Loofah is a general library for manipulating and transforming HTML/XML documents