loofah 2.6.0 → 2.7.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of loofah might be problematic. Click here for more details.

Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +12 -0
  3. data/Gemfile +1 -1
  4. data/Rakefile +1 -1
  5. data/lib/loofah.rb +1 -1
  6. data/lib/loofah/html5/safelist.rb +3 -0
  7. data/lib/loofah/html5/scrub.rb +2 -0
  8. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '0378734abbcf1f374d8d501038180ff4d9492e4282ffe4d6134322dd213fc80b'
4
- data.tar.gz: 54955254f4179bf55adfc5bdaf3464c8a8f921f6e8e7fc92d9d2588b4fea02b1
3
+ metadata.gz: ce7e800422f2b83325a3c37aeb81c5fcb7f2c6d76d9be1f5228f3d49077643b8
4
+ data.tar.gz: 6f4a5303926248d42f4e375d59d8d92e60c7fb797762910dd027aa54d8875922
5
5
  SHA512:
6
- metadata.gz: e80d9e87682cbfd18b6f86a10f9928c3b94fb7f123792d8284344cf65a878a1ee8258b408dac8df87791ca5beda99858dfbac6515334d87bc2d98b45cdf17802
7
- data.tar.gz: da7fd4181e8f829837f0d1458e856b8ace6ed94fa13cdc227bc9432baaff0ec514f894b04b9d00157c6edddcff6a714284bc42a1c878a2ddb90d08b68931dba9
6
+ metadata.gz: 98570a9ed755a285a42b31c05b8f45413b77119162d190c199f2ea8624f1038cff8ce8532e4339e3747410c9ab8ca645b02f237975643d24b4ad3b447336a35a
7
+ data.tar.gz: '020485b66a1cb57fe1359bfbeec912631a48b268bbeb754b2ff67fa237cbb840d8ad5e66ec8b64b36d869dcf6866bd3c30191e3596a6481fd9a9258b0f4f8d96'
data/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # Changelog
2
2
 
3
+ ## 2.7.0 / 2020-08-26
4
+
5
+ ### Features
6
+
7
+ * Allow CSS properties `page-break-before`, `page-break-inside`, and `page-break-after`. [[#190](https://github.com/flavorjones/loofah/issues/190)] (Thanks, [@ahorek](https://github.com/ahorek)!)
8
+
9
+
10
+ ### Fixes
11
+
12
+ * Don't drop the `!important` rule from some CSS properties. [[#191](https://github.com/flavorjones/loofah/issues/191)] (Thanks, [@b7kich](https://github.com/b7kich)!)
13
+
14
+
3
15
  ## 2.6.0 / 2020-06-16
4
16
 
5
17
  ### Features
data/Gemfile CHANGED
@@ -10,7 +10,7 @@ gem "crass", "~>1.0.2"
10
10
  gem "rake", "~>12.3", :group => [:development, :test]
11
11
  gem "minitest", "~>2.2", :group => [:development, :test]
12
12
  gem "rr", "~>1.2.0", :group => [:development, :test]
13
- gem "json", "~>2.2.0", :group => [:development, :test]
13
+ gem "json", "~>2.3.0", :group => [:development, :test]
14
14
  gem "hoe-gemspec", "~>1.0", :group => [:development, :test]
15
15
  gem "hoe-debugging", "~>2.0", :group => [:development, :test]
16
16
  gem "hoe-bundler", "~>1.5", :group => [:development, :test]
data/Rakefile CHANGED
@@ -27,7 +27,7 @@ Hoe.spec "loofah" do
27
27
  extra_dev_deps << ["rake", "~> 12.3"]
28
28
  extra_dev_deps << ["minitest", "~>2.2"]
29
29
  extra_dev_deps << ["rr", "~>1.2.0"]
30
- extra_dev_deps << ["json", "~> 2.2.0"]
30
+ extra_dev_deps << ["json", "~> 2.3.0"]
31
31
  extra_dev_deps << ["hoe-gemspec", "~> 1.0"]
32
32
  extra_dev_deps << ["hoe-debugging", "~> 2.0"]
33
33
  extra_dev_deps << ["hoe-bundler", "~> 1.5"]
data/lib/loofah.rb CHANGED
@@ -29,7 +29,7 @@ require "loofah/html/document_fragment"
29
29
  #
30
30
  module Loofah
31
31
  # The version of Loofah you are using
32
- VERSION = "2.6.0"
32
+ VERSION = "2.7.0"
33
33
 
34
34
  class << self
35
35
  # Shortcut for Loofah::HTML::Document.parse
data/lib/loofah/html5/safelist.rb CHANGED
@@ -576,6 +576,9 @@ module Loofah
576
576
  "list-style-type",
577
577
  "max-width",
578
578
  "overflow",
579
+ "page-break-after",
580
+ "page-break-before",
581
+ "page-break-inside",
579
582
  "pause",
580
583
  "pause-after",
581
584
  "pause-before",
data/lib/loofah/html5/scrub.rb CHANGED
@@ -8,6 +8,7 @@ module Loofah
8
8
  CONTROL_CHARACTERS = /[`\u0000-\u0020\u007f\u0080-\u0101]/
9
9
  CSS_KEYWORDISH = /\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(ch|cm|r?em|ex|in|lh|mm|pc|pt|px|Q|vmax|vmin|vw|vh|%|,|\))?)\z/
10
10
  CRASS_SEMICOLON = { :node => :semicolon, :raw => ";" }
11
+ CSS_IMPORTANT = '!important'
11
12
 
12
13
  class << self
13
14
  def allowed_element?(element_name)
@@ -90,6 +91,7 @@ module Loofah
90
91
  end
91
92
  end.compact
92
93
  unless value.empty?
94
+ value << CSS_IMPORTANT if node[:important]
93
95
  propstring = sprintf "%s:%s", name, value.join(" ")
94
96
  sanitized_node = Crass.parse_properties(propstring).first
95
97
  sanitized_tree << sanitized_node << CRASS_SEMICOLON
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: loofah
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.6.0
4
+ version: 2.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mike Dalessio
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2020-06-16 00:00:00.000000000 Z
12
+ date: 2020-08-26 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: nokogiri
@@ -87,14 +87,14 @@ dependencies:
87
87
  requirements:
88
88
  - - "~>"
89
89
  - !ruby/object:Gem::Version
90
- version: 2.2.0
90
+ version: 2.3.0
91
91
  type: :development
92
92
  prerelease: false
93
93
  version_requirements: !ruby/object:Gem::Requirement
94
94
  requirements:
95
95
  - - "~>"
96
96
  - !ruby/object:Gem::Version
97
- version: 2.2.0
97
+ version: 2.3.0
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: hoe-gemspec
100
100
  requirement: !ruby/object:Gem::Requirement