parameter_cleaner 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
@@ -4,18 +4,22 @@ class ActionController::Base
4
4
  before_filter :pc_remove_angle_brackets_from_params
5
5
 
6
6
  class <<self
7
+
8
+ #do_not_clean_param :name, :password
9
+ #do_not_clean_param /\[body\]/
7
10
  def do_not_clean_param(*names)
8
11
  names.each do |name|
9
- pc_uncleaned_params.push([*name].map{ |s| s.to_s })
12
+ pc_uncleaned_params.push([*name].map{ |s| s })
10
13
  end
14
+ pc_uncleaned_params.flatten!
11
15
  end
12
16
 
13
17
  def pc_uncleaned_params
14
- @pc_uncleaned_params ||= []
18
+ @@pc_uncleaned_params ||= []
15
19
  end
16
20
  end
17
21
 
18
- private
22
+ private
19
23
  def pc_remove_angle_brackets_from_params
20
24
  pc_remove_angle_brackets_from_hash(params)
21
25
  pc_remove_angle_brackets_from_hash(cookies)
@@ -30,15 +34,27 @@ private
30
34
  when Array
31
35
  value.map!{ |v| pc_remove_angle_brackets_from_value(v, h) }
32
36
  else
33
- hash[key] = pc_remove_angle_brackets_from_value(value, h) if value.respond_to?('include?'.to_sym)&&['<', '>'].any?{|c| value.include?(c)}
37
+ if value.respond_to?('include?'.to_sym)&&['<', '>'].any?{|c| value.include?(c)}
38
+ hash[key] = pc_remove_angle_brackets_from_value(value, h)
39
+ end
40
+ end
41
+ end
42
+ end
43
+
44
+ def pc_match_do_not_clean_param(hierarchy)
45
+ hierarchy_key_name = [hierarchy.first, hierarchy[1, hierarchy.size-1].map{|k| "[#{k}]"}.join].join
46
+ self.class.pc_uncleaned_params.each do |key|
47
+ if key.is_a?(Symbol) || key.is_a?(String)
48
+ return true if key.to_s==hierarchy_key_name
49
+ elsif key.is_a?(Regexp)
50
+ return true if hierarchy_key_name =~ key
34
51
  end
35
52
  end
53
+ false
36
54
  end
37
55
 
38
56
  def pc_remove_angle_brackets_from_value(value, hierarchy)
39
- return value if hierarchy.any?{ |k| k =~ /password/ } ||
40
- self.class.pc_uncleaned_params.include?(hierarchy) ||
41
- !value.respond_to?(:gsub)
57
+ return value if hierarchy.any?{ |k| k =~ /password/ } || pc_match_do_not_clean_param(hierarchy) || !value.respond_to?(:gsub)
42
58
  value.gsub(/[<>]/, "")
43
59
  end
44
60
  end
@@ -1,9 +1,9 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = %q{parameter_cleaner}
3
- s.version = "0.0.1"
3
+ s.version = "0.0.2"
4
4
 
5
5
  s.authors = ["Wayne Deng"]
6
- s.date = %q{2013-11-12}
6
+ s.date = %q{2013-11-14}
7
7
  s.platform = Gem::Platform::RUBY
8
8
  s.summary = "Clean all the angle brackets from user input params and cookies!"
9
9
  s.description = "Clean all the angle brackets from user input params and cookies! Based on https://github.com/madebymany/parameter_cleaner. Thanks to threedaymonk!"
metadata CHANGED
@@ -1,33 +1,23 @@
1
- --- !ruby/object:Gem::Specification
1
+ --- !ruby/object:Gem::Specification
2
2
  name: parameter_cleaner
3
- version: !ruby/object:Gem::Version
4
- hash: 29
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
5
  prerelease:
6
- segments:
7
- - 0
8
- - 0
9
- - 1
10
- version: 0.0.1
11
6
  platform: ruby
12
- authors:
7
+ authors:
13
8
  - Wayne Deng
14
9
  autorequire:
15
10
  bindir: bin
16
11
  cert_chain: []
17
-
18
- date: 2013-11-12 00:00:00 +08:00
19
- default_executable:
12
+ date: 2013-11-14 00:00:00.000000000 Z
20
13
  dependencies: []
21
-
22
- description: Clean all the angle brackets from user input params and cookies! Based on https://github.com/madebymany/parameter_cleaner. Thanks to threedaymonk!
14
+ description: Clean all the angle brackets from user input params and cookies! Based
15
+ on https://github.com/madebymany/parameter_cleaner. Thanks to threedaymonk!
23
16
  email: wayne.deng.cn@gmail.com
24
17
  executables: []
25
-
26
18
  extensions: []
27
-
28
19
  extra_rdoc_files: []
29
-
30
- files:
20
+ files:
31
21
  - init.rb
32
22
  - MIT-LICENSE
33
23
  - Rakefile
@@ -36,44 +26,34 @@ files:
36
26
  - test/test_helper.rb
37
27
  - lib/parameter_cleaner.rb
38
28
  - parameter_cleaner.gemspec
39
- has_rdoc: true
40
29
  homepage:
41
30
  licenses: []
42
-
43
31
  post_install_message:
44
- rdoc_options:
32
+ rdoc_options:
45
33
  - --line-numbers
46
34
  - --inline-source
47
35
  - --title
48
36
  - ParameterCleaner
49
37
  - --main
50
38
  - README
51
- require_paths:
39
+ require_paths:
52
40
  - lib
53
- required_ruby_version: !ruby/object:Gem::Requirement
41
+ required_ruby_version: !ruby/object:Gem::Requirement
54
42
  none: false
55
- requirements:
56
- - - ">="
57
- - !ruby/object:Gem::Version
58
- hash: 3
59
- segments:
60
- - 0
61
- version: "0"
62
- required_rubygems_version: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - ! '>='
45
+ - !ruby/object:Gem::Version
46
+ version: '0'
47
+ required_rubygems_version: !ruby/object:Gem::Requirement
63
48
  none: false
64
- requirements:
65
- - - ">="
66
- - !ruby/object:Gem::Version
67
- hash: 3
68
- segments:
69
- - 0
70
- version: "0"
49
+ requirements:
50
+ - - ! '>='
51
+ - !ruby/object:Gem::Version
52
+ version: '0'
71
53
  requirements: []
72
-
73
54
  rubyforge_project:
74
- rubygems_version: 1.5.2
55
+ rubygems_version: 1.8.24
75
56
  signing_key:
76
57
  specification_version: 3
77
58
  summary: Clean all the angle brackets from user input params and cookies!
78
59
  test_files: []
79
-