phlex 1.4.1 → 1.4.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of phlex might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/phlex/sgml.rb +1 -1
- data/lib/phlex/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6410035f225128eb3a191ea0c5bc826578ac46c3c723f7093064351f30425ecc
|
4
|
+
data.tar.gz: 3282c45b6cad4f234e589a9fd0ebb797eb863651945541ff8b2d224254d6af26
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b6de1ef7fe778a78436985c7d04111268e748128e4cae58494a92566095aff84bebafabe018d8256ef9da269a4d807c979ac2d3a28a1b4c4bc8f8b51c5ca3e47
|
7
|
+
data.tar.gz: 90e47d2f28a8d45d8b69c048e7daca366bff057b2cad8019d14d58812ea46bce40d8ddd2de789fa158594b3da6e46dd73fdf57a3baaf77a5f471a9af4e7de2b0
|
data/lib/phlex/sgml.rb
CHANGED
@@ -276,7 +276,7 @@ module Phlex
|
|
276
276
|
end
|
277
277
|
|
278
278
|
lower_name = name.downcase
|
279
|
-
next if lower_name == "href" && v.start_with?(
|
279
|
+
next if lower_name == "href" && v.to_s.downcase.tr("\t \n", "").start_with?("javascript:")
|
280
280
|
|
281
281
|
# Detect unsafe attribute names. Attribute names are considered unsafe if they match an event attribute or include unsafe characters.
|
282
282
|
if HTML::EVENT_ATTRIBUTES[lower_name] || name.match?(/[<>&"']/)
|
data/lib/phlex/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: phlex
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.4.
|
4
|
+
version: 1.4.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Joel Drapper
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-04-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: concurrent-ruby
|
@@ -101,7 +101,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
101
101
|
- !ruby/object:Gem::Version
|
102
102
|
version: '0'
|
103
103
|
requirements: []
|
104
|
-
rubygems_version: 3.5.
|
104
|
+
rubygems_version: 3.5.9
|
105
105
|
signing_key:
|
106
106
|
specification_version: 4
|
107
107
|
summary: A framework for building views in Ruby.
|