onebox 1.8.87 → 1.8.88

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/lib/onebox/engine.rb +1 -6
  4. data/lib/onebox/helpers.rb +47 -0
  5. data/lib/onebox/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: feb212710bc29cb9f40fe3a693fa2f1da63b4c62ef45f95bf16dd5665b6f2ea7
4
- data.tar.gz: 5d1f092e320bd28f3ee17feac0e7b91139e769b0b42a4aeecc20f5e99dab2a00
3
+ metadata.gz: 05ff8777e383e0ca7f85d0b6779042a368bf2b5eeded7d5649acee095687cab5
4
+ data.tar.gz: edd3c4653a5574a5ad8f3720d340e1014cada9134d9f76145197a485dbc93f71
5
5
  SHA512:
6
- metadata.gz: 18bc5e6a7f72de373929ddbcbec7605135911a5126406cb98829f68986332a0d936da17dc0c219daa30619111cb29e1ba0a3c38d6db63d443cb3e83eea441365
7
- data.tar.gz: 0406d24b43f94876bc127b44a5e268ef2a56c4ad6233781d8f9a2d465b0b56e044c96ffaca05f84f6e6623cdb0f7faef5fe047642f20a8d0fb89fab070ee1b39
6
+ metadata.gz: 4bfd753abe8e3f406d729d23491bd86747b90a7e5ae125ae4ec7e7fc4205e16cfddd94355ea19536bed5371f2ad20001f86ef70b773c7f5f78a31390b03217f8
7
+ data.tar.gz: 23f3dcff844057f1c54de48121e163f94a306779a0b4d7312e98aab2da36501ab5f687683c7d36713c05f754642ed3637659cd2024787bb86fba6becef5d5283
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- onebox (1.8.87)
4
+ onebox (1.8.88)
5
5
  htmlentities (~> 4.3)
6
6
  moneta (~> 1.0)
7
7
  multi_json (~> 1.11)
data/lib/onebox/engine.rb CHANGED
@@ -81,12 +81,7 @@ module Onebox
81
81
  end
82
82
 
83
83
  def link
84
- @url.gsub(/['\"<>]/,
85
- "'" => '&#39;',
86
- '"' => '&quot;',
87
- '<' => '&lt;',
88
- '>' => '&gt;',
89
- )
84
+ ::Onebox::Helpers.uri_encode(@url)
90
85
  end
91
86
 
92
87
  def always_https?
data/lib/onebox/helpers.rb CHANGED
@@ -185,5 +185,52 @@ module Onebox
185
185
  end
186
186
  src
187
187
  end
188
+
189
+ RFC_3986_URI_REGEX = /^(?<scheme>([^:\/?#]+):)?(?<authority>\/\/([^\/?#]*))?(?<path>[^?#]*)(\?(?<query>[^#]*))?(#(?<fragment>.*))?$/
190
+
191
+ # Percent-encodes a URI query parameter per RFC3986 - https://tools.ietf.org/html/rfc3986
192
+ def self.uri_query_encode(query_string)
193
+ return "" unless query_string
194
+
195
+ # query can encode space to %20 OR +
196
+ # + MUST be encoded as %2B
197
+ # in RFC3968 both query and fragment are defined as:
198
+ # = *( pchar / "/" / "?" )
199
+ # CGI.escape turns space into + which is the most backward compatible
200
+ # however it doesn't roundtrip through URI.unescape which prefers %20
201
+ CGI.escape(query_string).gsub('+', '%20')
202
+ end
203
+
204
+ # Percent-encodes a URI string per RFC3986 - https://tools.ietf.org/html/rfc3986
205
+ def self.uri_encode(url)
206
+ return "" unless url
207
+
208
+ # parse uri into named matches, then reassemble properly encoded
209
+ parts = url.match(RFC_3986_URI_REGEX)
210
+
211
+ encoded = ""
212
+ encoded += parts[:scheme] unless parts[:scheme].nil?
213
+ encoded += parts[:authority] unless parts[:authority].nil?
214
+
215
+ # path requires space to be encoded as %20 (NEVER +)
216
+ # + should be left unencoded
217
+ # URI::parse and URI::Generic.build don't like paths encoded with CGI.escape
218
+ # URI.escape does not change / to %2F and : to %3A like CGI.escape
219
+ encoded += URI.escape(parts[:path]) unless parts[:path].nil?
220
+
221
+ # each query parameter
222
+ if !parts[:query].nil?
223
+ query_string = parts[:query].split('&').map do |pair|
224
+ # can optionally be separated by an =
225
+ pair.split('=').map do |v|
226
+ uri_query_encode(v)
227
+ end.join('=')
228
+ end.join('&')
229
+ encoded += '?' + query_string
230
+ end
231
+
232
+ encoded += '#' + uri_query_encode(parts[:fragment]) unless parts[:fragment].nil?
233
+ encoded
234
+ end
188
235
  end
189
236
  end
data/lib/onebox/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Onebox
4
- VERSION = "1.8.87"
4
+ VERSION = "1.8.88"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: onebox
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.8.87
4
+ version: 1.8.88
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joanna Zeta
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2019-04-30 00:00:00.000000000 Z
13
+ date: 2019-05-06 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: multi_json