RubyGems - loofah - Versions diffs - 2.16.0 → 2.17.0 - Mend

loofah 2.16.0 → 2.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/lib/loofah/html5/safelist.rb +57 -1
data/lib/loofah/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d40096a6907f19cebf6b6b9a2ef87ce523b2716fba9c8d6fccedb9b482acfcef
-  data.tar.gz: 30988f4bfef885607cfa24cd727a5512be1133e7ce10e92af386f16b4e290fb1
+  metadata.gz: 7312c8a91f201016ceb465888c38c9a6e4f93ba362f1112a3f9d657bdb31e759
+  data.tar.gz: 47f2057c2ebce823f44ae997cdd5f3eba672d14c25ebd3176a54dd241573e7a5
 SHA512:
-  metadata.gz: 2e717a4402933b4a2a47ba39b2cd2da8daf5194ffacb9c803290a1946a251794339529ad847202ff0573753bd702f8b9e646b50cf9672ec163dbebc2dd9bdcaf
-  data.tar.gz: 0f3546b919f5a808f8e7a8fe32112ccb5759d86aa42becb82fe42fe7afeacaf5fe39af5cd7a49be627dfd17746b6ea16c5798a13b18b369cb75661b51401e30f
+  metadata.gz: a5ba0f513d4cb58450f3fdcbe178d266f51ae9f07ae0e8a64813b348c987c292aed10078a2de71ef0311efcd916b2e9c3b29df20eef61e8f242b2f4192a25748
+  data.tar.gz: 544bae277ff7a5ccf8d2f2820fec7db49d6157a4cf31d95d209d74e3de99e76fa0e2bd720c903830191f49756e62fa2d6fc6c0b23a1c76882b43f1e38372e4a5

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,12 @@
 # Changelog
+## 2.17.0 / 2022-04-28
+### Features
+* Allow ARIA attributes. [[#232](https://github.com/flavorjones/loofah/issues/232), [#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!)
 ## 2.16.0 / 2022-04-01
 ### Features

data/lib/loofah/html5/safelist.rb CHANGED Viewed

@@ -512,6 +512,62 @@ module Loofah
                                  "zoomAndPan",
                                ])
+      ARIA_ATTRIBUTES = Set.new([
+                                  "aria-activedescendant",
+                                  "aria-atomic",
+                                  "aria-autocomplete",
+                                  "aria-braillelabel",
+                                  "aria-brailleroledescription",
+                                  "aria-busy",
+                                  "aria-checked",
+                                  "aria-colcount",
+                                  "aria-colindex",
+                                  "aria-colindextext",
+                                  "aria-colspan",
+                                  "aria-controls",
+                                  "aria-current",
+                                  "aria-describedby",
+                                  "aria-description",
+                                  "aria-details",
+                                  "aria-disabled",
+                                  "aria-dropeffect",
+                                  "aria-errormessage",
+                                  "aria-expanded",
+                                  "aria-flowto",
+                                  "aria-grabbed",
+                                  "aria-haspopup",
+                                  "aria-hidden",
+                                  "aria-invalid",
+                                  "aria-keyshortcuts",
+                                  "aria-label",
+                                  "aria-labelledby",
+                                  "aria-level",
+                                  "aria-live",
+                                  "aria-multiline",
+                                  "aria-multiselectable",
+                                  "aria-orientation",
+                                  "aria-owns",
+                                  "aria-placeholder",
+                                  "aria-posinset",
+                                  "aria-pressed",
+                                  "aria-readonly",
+                                  "aria-relevant",
+                                  "aria-required",
+                                  "aria-roledescription",
+                                  "aria-rowcount",
+                                  "aria-rowindex",
+                                  "aria-rowindextext",
+                                  "aria-rowspan",
+                                  "aria-selected",
+                                  "aria-setsize",
+                                  "aria-sort",
+                                  "aria-valuemax",
+                                  "aria-valuemin",
+                                  "aria-valuenow",
+                                  "aria-valuetext",
+                                  "role",
+                                ])
       ATTR_VAL_IS_URI = Set.new([
                                   "action",
                                   "cite",
@@ -795,7 +851,7 @@ module Loofah
       # subclasses may define their own versions of these constants
       ALLOWED_ELEMENTS = ACCEPTABLE_ELEMENTS + MATHML_ELEMENTS + SVG_ELEMENTS
-      ALLOWED_ATTRIBUTES = ACCEPTABLE_ATTRIBUTES + MATHML_ATTRIBUTES + SVG_ATTRIBUTES
+      ALLOWED_ATTRIBUTES = ACCEPTABLE_ATTRIBUTES + MATHML_ATTRIBUTES + SVG_ATTRIBUTES + ARIA_ATTRIBUTES
       ALLOWED_CSS_PROPERTIES = ACCEPTABLE_CSS_PROPERTIES
       ALLOWED_CSS_KEYWORDS = ACCEPTABLE_CSS_KEYWORDS
       ALLOWED_CSS_FUNCTIONS = ACCEPTABLE_CSS_FUNCTIONS

data/lib/loofah/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Loofah
   # The version of Loofah you are using
-  VERSION = "2.16.0"
+  VERSION = "2.17.0"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: loofah
 version: !ruby/object:Gem::Version
-  version: 2.16.0
+  version: 2.17.0
 platform: ruby
 authors:
 - Mike Dalessio
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-01 00:00:00.000000000 Z
+date: 2022-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: crass