publishing_platform_markdown 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/Gemfile +10 -0
- data/README.md +2 -0
- data/Rakefile +8 -0
- data/lib/publishing_platform_markdown/html_sanitizer.rb +35 -0
- data/lib/publishing_platform_markdown/version.rb +5 -0
- data/lib/publishing_platform_markdown.rb +42 -0
- metadata +96 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 0bb1a117a2a6388ec14973e1cba25a4cf6e1f1199d2668dd21c0268e862d364f
|
|
4
|
+
data.tar.gz: 3bef4c6285959e89dffd519a6eb8e5aa6234277003aee5808ea3cf6873d32da0
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: bb080a093077d16a38aee94cbd0e23f38482d32eff955ce11fd7eb0f647888200e9c87ece5fdf43ca110bcacdcae899a39ffabf97b7db0612d9610ac06618eec
|
|
7
|
+
data.tar.gz: e72f0a10ae62916c5df2ec63cab35adb917de86cca0fc4c1cd058ee2a9fca596b21370f0e34b15d8889aa7b2f9077b4d4c7991dd8394fbaab6fb07a9df19065c
|
data/Gemfile
ADDED
data/README.md
ADDED
data/Rakefile
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
class PublishingPlatformMarkdown::HtmlSanitizer
|
|
2
|
+
def initialize(dirty_html, options = {})
|
|
3
|
+
@dirty_html = dirty_html
|
|
4
|
+
end
|
|
5
|
+
|
|
6
|
+
def sanitize(allowed_elements: [])
|
|
7
|
+
Sanitize.fragment(@dirty_html, sanitize_config(allowed_elements:))
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def sanitize_config(allowed_elements: [])
|
|
11
|
+
# We purposefully disable style elements which Sanitize::Config::RELAXED allows
|
|
12
|
+
elements = Sanitize::Config::RELAXED[:elements] - %w[style] +
|
|
13
|
+
%w[svg path].concat(allowed_elements)
|
|
14
|
+
|
|
15
|
+
Sanitize::Config.merge(
|
|
16
|
+
Sanitize::Config::RELAXED,
|
|
17
|
+
elements:,
|
|
18
|
+
attributes: {
|
|
19
|
+
# We purposefully disable style attributes which Sanitize::Config::RELAXED allows
|
|
20
|
+
:all => Sanitize::Config::RELAXED[:attributes][:all] + %w[role aria-label] - %w[style],
|
|
21
|
+
"a" => Sanitize::Config::RELAXED[:attributes]["a"] + [:data] + %w[draggable],
|
|
22
|
+
"svg" => %w[xmlns width height viewbox focusable],
|
|
23
|
+
"path" => %w[fill d],
|
|
24
|
+
"div" => [:data],
|
|
25
|
+
# The style attributes are permitted here just for the ones Kramdown for table alignment
|
|
26
|
+
# we replace them in a post processor.
|
|
27
|
+
"th" => Sanitize::Config::RELAXED[:attributes]["th"] + %w[style],
|
|
28
|
+
"td" => Sanitize::Config::RELAXED[:attributes]["td"] + %w[style],
|
|
29
|
+
},
|
|
30
|
+
# The only styling we permit is text-align on table cells (which is the CSS kramdown
|
|
31
|
+
# generates), we can therefore only allow this one CSS property
|
|
32
|
+
css: { properties: %w[text-align] },
|
|
33
|
+
)
|
|
34
|
+
end
|
|
35
|
+
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "active_support"
|
|
4
|
+
require "active_support/core_ext/hash"
|
|
5
|
+
require "active_support/core_ext/array"
|
|
6
|
+
require "kramdown"
|
|
7
|
+
require "sanitize"
|
|
8
|
+
|
|
9
|
+
require_relative "publishing_platform_markdown/version"
|
|
10
|
+
require_relative "publishing_platform_markdown/html_sanitizer"
|
|
11
|
+
|
|
12
|
+
module PublishingPlatformMarkdown
|
|
13
|
+
class Document
|
|
14
|
+
def self.to_html(source, options = {})
|
|
15
|
+
new(source, options).to_html
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def initialize(source, options = {})
|
|
19
|
+
options = options.dup.deep_symbolize_keys
|
|
20
|
+
@source = source ? source.dup : ""
|
|
21
|
+
|
|
22
|
+
@allowed_elements = options.delete(:allowed_elements) || []
|
|
23
|
+
@options = { sanitize: true,
|
|
24
|
+
syntax_highlighter: nil }.merge(options)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def to_html
|
|
28
|
+
@to_html ||= if @options[:sanitize]
|
|
29
|
+
HtmlSanitizer.new(kramdown_doc.to_html)
|
|
30
|
+
.sanitize(allowed_elements: @allowed_elements)
|
|
31
|
+
else
|
|
32
|
+
kramdown_doc.to_html
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
private
|
|
37
|
+
|
|
38
|
+
def kramdown_doc
|
|
39
|
+
@kramdown_doc ||= Kramdown::Document.new(@source, @options)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: publishing_platform_markdown
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Publishing Platform
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: exe
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2024-08-09 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: kramdown
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: 2.3.1
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: 2.4.1
|
|
23
|
+
type: :runtime
|
|
24
|
+
prerelease: false
|
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
26
|
+
requirements:
|
|
27
|
+
- - ">="
|
|
28
|
+
- !ruby/object:Gem::Version
|
|
29
|
+
version: 2.3.1
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: 2.4.1
|
|
33
|
+
- !ruby/object:Gem::Dependency
|
|
34
|
+
name: sanitize
|
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
|
36
|
+
requirements:
|
|
37
|
+
- - "~>"
|
|
38
|
+
- !ruby/object:Gem::Version
|
|
39
|
+
version: '6'
|
|
40
|
+
type: :runtime
|
|
41
|
+
prerelease: false
|
|
42
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
43
|
+
requirements:
|
|
44
|
+
- - "~>"
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '6'
|
|
47
|
+
- !ruby/object:Gem::Dependency
|
|
48
|
+
name: publishing_platform_rubocop
|
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
|
50
|
+
requirements:
|
|
51
|
+
- - ">="
|
|
52
|
+
- !ruby/object:Gem::Version
|
|
53
|
+
version: '0'
|
|
54
|
+
type: :development
|
|
55
|
+
prerelease: false
|
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
57
|
+
requirements:
|
|
58
|
+
- - ">="
|
|
59
|
+
- !ruby/object:Gem::Version
|
|
60
|
+
version: '0'
|
|
61
|
+
description: Markup language for the Publishing Platform
|
|
62
|
+
email:
|
|
63
|
+
executables: []
|
|
64
|
+
extensions: []
|
|
65
|
+
extra_rdoc_files: []
|
|
66
|
+
files:
|
|
67
|
+
- Gemfile
|
|
68
|
+
- README.md
|
|
69
|
+
- Rakefile
|
|
70
|
+
- lib/publishing_platform_markdown.rb
|
|
71
|
+
- lib/publishing_platform_markdown/html_sanitizer.rb
|
|
72
|
+
- lib/publishing_platform_markdown/version.rb
|
|
73
|
+
homepage:
|
|
74
|
+
licenses:
|
|
75
|
+
- MIT
|
|
76
|
+
metadata: {}
|
|
77
|
+
post_install_message:
|
|
78
|
+
rdoc_options: []
|
|
79
|
+
require_paths:
|
|
80
|
+
- lib
|
|
81
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
82
|
+
requirements:
|
|
83
|
+
- - ">="
|
|
84
|
+
- !ruby/object:Gem::Version
|
|
85
|
+
version: '3.0'
|
|
86
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
87
|
+
requirements:
|
|
88
|
+
- - ">="
|
|
89
|
+
- !ruby/object:Gem::Version
|
|
90
|
+
version: '0'
|
|
91
|
+
requirements: []
|
|
92
|
+
rubygems_version: 3.3.7
|
|
93
|
+
signing_key:
|
|
94
|
+
specification_version: 4
|
|
95
|
+
summary: Markup language for the Publishing Platform
|
|
96
|
+
test_files: []
|