qiita-markdown 0.19.0 → 0.19.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of qiita-markdown might be problematic. Click here for more details.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3eb75a91593610b1dd442a8d9acfc482e987ffc5
|
|
4
|
+
data.tar.gz: 8ec204270a2308ee5999c2b163e31c199c866e21
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 61dc32d46b01408c08f07b480554ad346ef96ff629d68140c16592a5a77f90163fd5331fca5b4d206ad92aeff330bcb5d4b3e9ce4d8b9b9584329a8085e58a80
|
|
7
|
+
data.tar.gz: b5f84f32227113bfbb6a1b71f85f7a5fcd5e906dea4a177f9916ec533523bc9399f83d794f8a2f351b46fae64d03e82f47e950135d460db8ab71600758515bb6
|
data/CHANGELOG.md
CHANGED
|
@@ -1124,6 +1124,28 @@ describe Qiita::Markdown::Processor do
|
|
|
1124
1124
|
end
|
|
1125
1125
|
end
|
|
1126
1126
|
end
|
|
1127
|
+
|
|
1128
|
+
context "with class attribute for <div> tag" do
|
|
1129
|
+
let(:markdown) do
|
|
1130
|
+
<<-EOS.strip_heredoc
|
|
1131
|
+
<div class="footnotes malicious-class">foo</div>
|
|
1132
|
+
EOS
|
|
1133
|
+
end
|
|
1134
|
+
|
|
1135
|
+
if allowed
|
|
1136
|
+
it "does not sanitize the classes" do
|
|
1137
|
+
should eq <<-EOS.strip_heredoc
|
|
1138
|
+
<div class="footnotes malicious-class">foo</div>
|
|
1139
|
+
EOS
|
|
1140
|
+
end
|
|
1141
|
+
else
|
|
1142
|
+
it "sanitizes classes except `footnotes`" do
|
|
1143
|
+
should eq <<-EOS.strip_heredoc
|
|
1144
|
+
<div class="footnotes">foo</div>
|
|
1145
|
+
EOS
|
|
1146
|
+
end
|
|
1147
|
+
end
|
|
1148
|
+
end
|
|
1127
1149
|
end
|
|
1128
1150
|
|
|
1129
1151
|
context "without script and strict context" do
|