RubyGems - phlex - Versions diffs - 1.3.2 → 1.3.3 - Mend

phlex 1.3.2 → 1.3.3

This version of phlex might be problematic. Click here for more details.

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fe4d886672079338214f95fb037805836bfae5e975c549153ffbabeef2d1cd35
-  data.tar.gz: 4e88e58ab6351024d738b07a4dc7231837462b09396f55fa7cec6904f32b031d
+  metadata.gz: 1159a0896a3d636c2a5c2a9a08f33e9763378aaba3cef5ab91a0f6988c3fc13d
+  data.tar.gz: '0288a77615f58f361e0d5cbebd87b937dfd4ec040eda9d1229247168db48bc71'
 SHA512:
-  metadata.gz: 386ab00e03abeb9a752d91ca025c21765bce174a375326544170be5ff032e5ed7289b114981871482baccc46024d9d31cacad64db564d45129b1b182938b349a
-  data.tar.gz: 7557c4583e78b49421ca301982b0ee5f8b0dab478075a6882b8040bace46e6dd5f49e81a401f5e3101f42380898e00ddbac7e5a864ce269710415febf8514ac3
+  metadata.gz: 8d51860ec7cf43b2071baaa32636450e1f31684ff5bef5f87352f1f2ac31fc4edd5740f0441f8a3e26469e026583be4e0bf047447226327ba981569c83cc982d
+  data.tar.gz: 82738cc1998a31e41c9d7989b77d3e90c33135b4347c6b98d1999156ac696dd3d7739623578fb4569d17776e7e40fb751aafb0e01965ae5df9cbb78d2b41c198

data/.ruby-version CHANGED Viewed

data/lib/phlex/html.rb CHANGED Viewed

@@ -267,14 +267,6 @@ module Phlex
 		end
 		private def __final_attributes__(**attributes)
-			if attributes[:href]&.start_with?(/\s*javascript:/)
-				attributes.delete(:href)
-			end
-			if attributes["href"]&.start_with?(/\s*javascript:/)
-				attributes.delete("href")
-			end
 			buffer = +""
 			__build_attributes__(attributes, buffer: buffer)
@@ -291,8 +283,11 @@ module Phlex
 					else k.to_s
 				end
+				lower_name = name.downcase
+				next if lower_name == "href" && v.start_with?(/\s*javascript:/i)
 				# Detect unsafe attribute names. Attribute names are considered unsafe if they match an event attribute or include unsafe characters.
-				if HTML::EVENT_ATTRIBUTES[name] || name.match?(/[<>&"']/)
+				if HTML::EVENT_ATTRIBUTES[lower_name] || name.match?(/[<>&"']/)
 					raise ArgumentError, "Unsafe attribute name detected: #{k}."
 				end

data/lib/phlex/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Phlex
-	VERSION = "1.3.2"
+	VERSION = "1.3.3"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: phlex
 version: !ruby/object:Gem::Version
-  version: 1.3.2
+  version: 1.3.3
 platform: ruby
 authors:
 - Joel Drapper
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-02-11 00:00:00.000000000 Z
+date: 2024-03-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: concurrent-ruby
@@ -99,7 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.6
+rubygems_version: 3.5.6
 signing_key:
 specification_version: 4
 summary: A framework for building views in Ruby.