onebox 1.5.21 → 1.5.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. checksums.yaml +4 -4
  2. data/lib/onebox/engine.rb +18 -2
  3. data/lib/onebox/engine/amazon_onebox.rb +12 -6
  4. data/lib/onebox/engine/audio_onebox.rb +4 -0
  5. data/lib/onebox/engine/github_blob_onebox.rb +1 -1
  6. data/lib/onebox/engine/github_commit_onebox.rb +4 -2
  7. data/lib/onebox/engine/github_gist_onebox.rb +1 -0
  8. data/lib/onebox/engine/github_issue_onebox.rb +5 -3
  9. data/lib/onebox/engine/github_pullrequest_onebox.rb +4 -2
  10. data/lib/onebox/engine/google_calendar_onebox.rb +1 -0
  11. data/lib/onebox/engine/google_docs_onebox.rb +1 -0
  12. data/lib/onebox/engine/google_maps_onebox.rb +5 -3
  13. data/lib/onebox/engine/google_play_app_onebox.rb +2 -1
  14. data/lib/onebox/engine/image_onebox.rb +4 -0
  15. data/lib/onebox/engine/pubmed_onebox.rb +1 -1
  16. data/lib/onebox/engine/soundcloud_onebox.rb +2 -1
  17. data/lib/onebox/engine/stack_exchange_onebox.rb +6 -2
  18. data/lib/onebox/engine/standard_embed.rb +6 -1
  19. data/lib/onebox/engine/twitter_status_onebox.rb +2 -1
  20. data/lib/onebox/engine/video_onebox.rb +4 -0
  21. data/lib/onebox/engine/whitelisted_generic_onebox.rb +6 -7
  22. data/lib/onebox/engine/wikipedia_onebox.rb +1 -0
  23. data/lib/onebox/engine/youtube_onebox.rb +2 -6
  24. data/lib/onebox/version.rb +1 -1
  25. data/spec/fixtures/amazon.response +2845 -1268
  26. data/spec/lib/onebox/engine/amazon_onebox_spec.rb +10 -2
  27. data/spec/lib/onebox/engine/stack_exchange_onebox_spec.rb +1 -1
  28. data/spec/lib/onebox/engine/whitelisted_generic_onebox_spec.rb +3 -3
  29. data/spec/lib/onebox/engine/wikipedia_onebox_spec.rb +1 -0
  30. data/spec/lib/onebox/engine/youtube_onebox_spec.rb +4 -2
  31. data/spec/lib/onebox/engine_spec.rb +22 -2
  32. data/spec/lib/onebox/preview_spec.rb +1 -1
  33. data/templates/amazon.mustache +1 -1
  34. metadata +3 -3
data/spec/lib/onebox/engine/amazon_onebox_spec.rb CHANGED
@@ -62,11 +62,19 @@ describe Onebox::Engine::AmazonOnebox do
62
62
 
63
63
  describe "#to_html" do
64
64
  it "includes image" do
65
- expect(html).to include("img")
65
+ expect(html).to include("http://ecx.images-amazon.com/images/I/51opYcR6kVL._SY400_.jpg")
66
66
  end
67
67
 
68
68
  it "includes description" do
69
- expect(html).to include("Using only the finest natural materials and ecologically sound")
69
+ expect(html).to include("I have been programming for 25 years in a variety of hardware and software languages.")
70
+ end
71
+
72
+ it "includes price" do
73
+ expect(html).to include("$25.34")
74
+ end
75
+
76
+ it "includes title" do
77
+ expect(html).to include("Seven Languages in Seven Weeks: A Pragmatic Guide to Learning Programming Languages (Pragmatic Programmers)")
70
78
  end
71
79
 
72
80
  end
data/spec/lib/onebox/engine/stack_exchange_onebox_spec.rb CHANGED
@@ -3,7 +3,7 @@ require "spec_helper"
3
3
  describe Onebox::Engine::StackExchangeOnebox do
4
4
  before(:all) do
5
5
  @link = "http://stackoverflow.com/questions/17992553/concept-behind-these-four-lines-of-tricky-c-code"
6
- fake("http://api.stackexchange.com/2.1/questions/17992553?site=stackoverflow.com", response(described_class.onebox_name))
6
+ fake("https://api.stackexchange.com/2.1/questions/17992553?site=stackoverflow.com", response(described_class.onebox_name))
7
7
  end
8
8
 
9
9
  include_context "engines"
data/spec/lib/onebox/engine/whitelisted_generic_onebox_spec.rb CHANGED
@@ -50,18 +50,18 @@ describe Onebox::Engine::WhitelistedGenericOnebox do
50
50
  describe 'rewrites' do
51
51
  class DummyOnebox < Onebox::Engine::WhitelistedGenericOnebox
52
52
  def generic_html
53
- "<iframe src='https://youtube.com/asdf'></iframe>"
53
+ "<iframe src='http://youtube.com/asdf'></iframe>"
54
54
  end
55
55
  end
56
56
 
57
57
  it "doesn't rewrite URLs that arent in the list" do
58
58
  Onebox::Engine::WhitelistedGenericOnebox.rewrites = []
59
- expect(DummyOnebox.new("http://youtube.com").to_html).to eq "<iframe src='https://youtube.com/asdf'></iframe>"
59
+ expect(DummyOnebox.new("http://youtube.com").to_html).to eq "<iframe src='http://youtube.com/asdf'></iframe>"
60
60
  end
61
61
 
62
62
  it "rewrites URLs when whitelisted" do
63
63
  Onebox::Engine::WhitelistedGenericOnebox.rewrites = %w(youtube.com)
64
- expect(DummyOnebox.new("http://youtube.com").to_html).to eq "<iframe src='//youtube.com/asdf'></iframe>"
64
+ expect(DummyOnebox.new("http://youtube.com").to_html).to eq "<iframe src='https://youtube.com/asdf'></iframe>"
65
65
  end
66
66
  end
67
67
 
data/spec/lib/onebox/engine/wikipedia_onebox_spec.rb CHANGED
@@ -3,6 +3,7 @@ require "spec_helper"
3
3
  describe Onebox::Engine::WikipediaOnebox do
4
4
  before(:all) do
5
5
  @link = "http://en.wikipedia.org/wiki/Billy_Jack"
6
+ fake("https://en.wikipedia.org/wiki/Billy_Jack", response(described_class.onebox_name))
6
7
  end
7
8
 
8
9
  include_context "engines"
data/spec/lib/onebox/engine/youtube_onebox_spec.rb CHANGED
@@ -2,8 +2,9 @@ require 'spec_helper'
2
2
 
3
3
  describe Onebox::Engine::YoutubeOnebox do
4
4
  before do
5
- fake("http://www.youtube.com/watch?feature=player_embedded&v=21Lk4YiASMo", response("youtube"))
5
+ fake("https://www.youtube.com/watch?feature=player_embedded&v=21Lk4YiASMo", response("youtube"))
6
6
  fake("https://www.youtube.com/channel/UCL8ZULXASCc1I_oaOT0NaOQ", response("youtube-channel"))
7
+ fake("https://www.youtube.com/playlist?list=PL5308B2E5749D1696", response("youtube-playlist"))
7
8
  end
8
9
 
9
10
  it "adds wmode=opaque" do
@@ -31,7 +32,8 @@ describe Onebox::Engine::YoutubeOnebox do
31
32
  it "can onebox a playlist" do
32
33
  pending('no opengraph on playlists, needs special handling')
33
34
 
34
- Onebox.preview('https://www.youtube.com/playlist?list=PL5308B2E5749D1696').to_s
35
+ expect(Onebox.preview('https://www.youtube.com/playlist?list=PL5308B2E5749D1696')
36
+ .to_s).to match(/Dear Sophie/)
35
37
  end
36
38
 
37
39
  it "does not make HTTP requests unless necessary" do
data/spec/lib/onebox/engine_spec.rb CHANGED
@@ -21,8 +21,14 @@ describe Onebox::Engine do
21
21
  before { allow(Onebox::View).to receive(:template) { %|this shold be a template| } }
22
22
 
23
23
  it "escapes `link`" do
24
- html = OneboxEngineExample.new(%|http://foo.com" onscript="alert('foo')|).to_html
25
- expect(html).not_to include(%|onscript="alert('foo')|)
24
+ html = OneboxEngineExample.new(%|http://foo.com/'?a=1&b=2|).to_html
25
+ expect(html).not_to match(/&(?!amp;)(?!#39;)/)
26
+ end
27
+
28
+ it "escapes xss" do
29
+ skip 'this is checking the wrong thing'
30
+ html = OneboxEngineExample.new(%|http://foo.com/'?%20onmouseover=alert(/foo/)|).to_html
31
+ expect(html).not_to include(%|onmouseover=alert(/foo/)|)
26
32
  end
27
33
  end
28
34
 
@@ -66,6 +72,20 @@ describe Onebox::Engine do
66
72
  end
67
73
  end
68
74
 
75
+ class AlwaysHttpsEngineExample < OneboxEngineExample
76
+ always_https
77
+ end
78
+
79
+ describe "always_https" do
80
+ it "never returns a plain http url" do
81
+ url = 'http://play.google.com/store/apps/details?id=com.google.android.inputmethod.latin'
82
+ onebox = AlwaysHttpsEngineExample.new(url)
83
+ result = onebox.to_html
84
+ expect(result).to_not match(/http(?!s)/)
85
+ expect(result).to_not match(/['"]\/\//)
86
+ expect(result).to match(/https/)
87
+ end
88
+ end
69
89
  end
70
90
 
71
91
  describe ".onebox_name" do
data/spec/lib/onebox/preview_spec.rb CHANGED
@@ -17,7 +17,7 @@ describe Onebox::Preview do
17
17
 
18
18
  describe "#to_s" do
19
19
  it "returns some html if given a valid url" do
20
- title = "Knit Noro: Accessories"
20
+ title = "Seven Languages in Seven Weeks: A Pragmatic Guide to Learning Programming Languages (Pragmatic Programmers)"
21
21
  expect(preview.to_s).to include(title)
22
22
  end
23
23
 
data/templates/amazon.mustache CHANGED
@@ -3,4 +3,4 @@
3
3
  <h3><a href='{{link}}'>{{title}}</a></h3>
4
4
  {{#by_info}}<b>{{by_info}}</b>{{/by_info}}
5
5
  <p>{{description}}</p>
6
- <p>{{price}}</p>
6
+ <p><strong>{{price}}<strong></p>
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: onebox
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.5.21
4
+ version: 1.5.22
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joanna Zeta
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2015-06-26 00:00:00.000000000 Z
13
+ date: 2015-07-21 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: multi_json
@@ -413,7 +413,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
413
413
  version: '0'
414
414
  requirements: []
415
415
  rubyforge_project:
416
- rubygems_version: 2.4.6
416
+ rubygems_version: 2.4.5
417
417
  signing_key:
418
418
  specification_version: 4
419
419
  summary: A gem for turning URLs into previews.