RubyGems - loofah - Versions diffs - 2.16.0 → 2.17.0 - Mend

loofah 2.16.0 → 2.17.0

Potentially problematic release.

This version of loofah might be problematic. Click here for more details.

Files changed (5) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/lib/loofah/html5/safelist.rb +57 -1
data/lib/loofah/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d40096a6907f19cebf6b6b9a2ef87ce523b2716fba9c8d6fccedb9b482acfcef
-  data.tar.gz: 30988f4bfef885607cfa24cd727a5512be1133e7ce10e92af386f16b4e290fb1
+  metadata.gz: 7312c8a91f201016ceb465888c38c9a6e4f93ba362f1112a3f9d657bdb31e759
+  data.tar.gz: 47f2057c2ebce823f44ae997cdd5f3eba672d14c25ebd3176a54dd241573e7a5
 SHA512:
-  metadata.gz: 2e717a4402933b4a2a47ba39b2cd2da8daf5194ffacb9c803290a1946a251794339529ad847202ff0573753bd702f8b9e646b50cf9672ec163dbebc2dd9bdcaf
-  data.tar.gz: 0f3546b919f5a808f8e7a8fe32112ccb5759d86aa42becb82fe42fe7afeacaf5fe39af5cd7a49be627dfd17746b6ea16c5798a13b18b369cb75661b51401e30f
+  metadata.gz: a5ba0f513d4cb58450f3fdcbe178d266f51ae9f07ae0e8a64813b348c987c292aed10078a2de71ef0311efcd916b2e9c3b29df20eef61e8f242b2f4192a25748
+  data.tar.gz: 544bae277ff7a5ccf8d2f2820fec7db49d6157a4cf31d95d209d74e3de99e76fa0e2bd720c903830191f49756e62fa2d6fc6c0b23a1c76882b43f1e38372e4a5

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,12 @@
 # Changelog
+## 2.17.0 / 2022-04-28
+### Features
+* Allow ARIA attributes. [[#232](https://github.com/flavorjones/loofah/issues/232), [#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!)
 ## 2.16.0 / 2022-04-01
 ### Features

data/lib/loofah/html5/safelist.rb CHANGED Viewed

@@ -512,6 +512,62 @@ module Loofah
                                  "zoomAndPan",
                                ])
+      ARIA_ATTRIBUTES = Set.new([
+                                  "aria-activedescendant",
+                                  "aria-atomic",
+                                  "aria-autocomplete",
+                                  "aria-braillelabel",
+                                  "aria-brailleroledescription",
+                                  "aria-busy",
+                                  "aria-checked",
+                                  "aria-colcount",
+                                  "aria-colindex",
+                                  "aria-colindextext",
+                                  "aria-colspan",
+                                  "aria-controls",
+                                  "aria-current",
+                                  "aria-describedby",
+                                  "aria-description",
+                                  "aria-details",
+                                  "aria-disabled",
+                                  "aria-dropeffect",
+                                  "aria-errormessage",
+                                  "aria-expanded",
+                                  "aria-flowto",
+                                  "aria-grabbed",
+                                  "aria-haspopup",
+                                  "aria-hidden",
+                                  "aria-invalid",
+                                  "aria-keyshortcuts",
+                                  "aria-label",
+                                  "aria-labelledby",
+                                  "aria-level",
+                                  "aria-live",
+                                  "aria-multiline",
+                                  "aria-multiselectable",
+                                  "aria-orientation",
+                                  "aria-owns",
+                                  "aria-placeholder",
+                                  "aria-posinset",
+                                  "aria-pressed",
+                                  "aria-readonly",
+                                  "aria-relevant",
+                                  "aria-required",
+                                  "aria-roledescription",
+                                  "aria-rowcount",
+                                  "aria-rowindex",
+                                  "aria-rowindextext",
+                                  "aria-rowspan",
+                                  "aria-selected",
+                                  "aria-setsize",
+                                  "aria-sort",
+                                  "aria-valuemax",
+                                  "aria-valuemin",
+                                  "aria-valuenow",
+                                  "aria-valuetext",
+                                  "role",
+                                ])
       ATTR_VAL_IS_URI = Set.new([
                                   "action",
                                   "cite",
@@ -795,7 +851,7 @@ module Loofah
       # subclasses may define their own versions of these constants
       ALLOWED_ELEMENTS = ACCEPTABLE_ELEMENTS + MATHML_ELEMENTS + SVG_ELEMENTS
-      ALLOWED_ATTRIBUTES = ACCEPTABLE_ATTRIBUTES + MATHML_ATTRIBUTES + SVG_ATTRIBUTES
+      ALLOWED_ATTRIBUTES = ACCEPTABLE_ATTRIBUTES + MATHML_ATTRIBUTES + SVG_ATTRIBUTES + ARIA_ATTRIBUTES
       ALLOWED_CSS_PROPERTIES = ACCEPTABLE_CSS_PROPERTIES
       ALLOWED_CSS_KEYWORDS = ACCEPTABLE_CSS_KEYWORDS
       ALLOWED_CSS_FUNCTIONS = ACCEPTABLE_CSS_FUNCTIONS

data/lib/loofah/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Loofah
   # The version of Loofah you are using
-  VERSION = "2.16.0"
+  VERSION = "2.17.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: loofah
 version: !ruby/object:Gem::Version
-  version: 2.16.0
+  version: 2.17.0
 platform: ruby
 authors:
 - Mike Dalessio
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-01 00:00:00.000000000 Z
+date: 2022-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: crass