qiita-markdown 0.22.0 → 0.23.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of qiita-markdown might be problematic. Click here for more details.

Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop_todo.yml +2 -1
  3. data/CHANGELOG.md +4 -0
  4. data/lib/qiita/markdown.rb +2 -1
  5. data/lib/qiita/markdown/embed/code_pen.rb +10 -0
  6. data/lib/qiita/markdown/embed/tweet.rb +10 -0
  7. data/lib/qiita/markdown/filters/final_sanitizer.rb +2 -2
  8. data/lib/qiita/markdown/filters/user_input_sanitizer.rb +1 -1
  9. data/lib/qiita/markdown/transformers/filter_attributes.rb +1 -1
  10. data/lib/qiita/markdown/transformers/filter_script.rb +2 -1
  11. data/lib/qiita/markdown/version.rb +1 -1
  12. data/spec/qiita/markdown/processor_spec.rb +30 -5
  13. metadata +4 -3
  14. data/lib/qiita/markdown/code_pen.rb +0 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ff3cf2974ec3776febf776a8509ea134b7e6b94d
4
- data.tar.gz: 16d059b677b0cf622be0d3c85e4ad9e293ffcdef
3
+ metadata.gz: 16c43409c5b2bdceefb568344cf9280e7d1e50b2
4
+ data.tar.gz: f4225f554071f1e8c8c339248f08b3ef5253be46
5
5
  SHA512:
6
- metadata.gz: ab3e0be1351d8872fc3cc8d75502a3f8bd95f24a9870af84c164676b52e84f0ee34a72f7321db28c3889d133d167ec14c1ef32d0de9da3a918b0f4cdc4c43496
7
- data.tar.gz: b91800c0d2282cc001d7fa9df45f1688f721c47d82ab5a01b62e656a10f2ccb7d8a18901076261bbc0ef88945ba87f042fd9cc54001b2638def2ebbfa83fe47e
6
+ metadata.gz: 5a9edc2d4826bfefd294ad32cf556fbb6985ac94d4e91a435a9513f6aec51c1a58bc435eebd45350e275ad1e5314c188c0e56bd3d56bc6130d9fcbe18f72ba6e
7
+ data.tar.gz: 2da9ab1ee70db812a391875522e53606991f177d1f66b7da80192b9db1bbda9cc83d101cb6b01fd292c6dc405b35ccac4cc01a694d7f872b9e7ae5b01bc19155
data/.rubocop_todo.yml CHANGED
@@ -52,12 +52,13 @@ Style/FileName:
52
52
  # Cop supports --auto-correct.
53
53
  Style/MutableConstant:
54
54
  Exclude:
55
+ - 'lib/qiita/markdown/embed/code_pen.rb'
56
+ - 'lib/qiita/markdown/embed/tweet.rb'
55
57
  - 'lib/qiita/markdown/filters/checkbox.rb'
56
58
  - 'lib/qiita/markdown/filters/code_block.rb'
57
59
  - 'lib/qiita/markdown/filters/sanitize.rb'
58
60
  - 'lib/qiita/markdown/filters/simplify.rb'
59
61
  - 'lib/qiita/markdown/filters/syntax_highlight.rb'
60
- - 'lib/qiita/markdown/code_pen.rb'
61
62
  - 'lib/qiita/markdown/processor.rb'
62
63
  - 'lib/qiita/markdown/summary_processor.rb'
63
64
  - 'lib/qiita/markdown/version.rb'
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  ## Unreleased
2
2
 
3
+ ## 0.23.0
4
+
5
+ - Support embed Tweet
6
+
3
7
  ## 0.22.0
4
8
 
5
9
  - Support embed CodePen
data/lib/qiita/markdown.rb CHANGED
@@ -7,7 +7,8 @@ require "nokogiri"
7
7
  require "pygments"
8
8
  require "sanitize"
9
9
 
10
- require "qiita/markdown/code_pen"
10
+ require "qiita/markdown/embed/code_pen"
11
+ require "qiita/markdown/embed/tweet"
11
12
  require "qiita/markdown/transformers/filter_attributes"
12
13
  require "qiita/markdown/transformers/filter_script"
13
14
  require "qiita/markdown/transformers/strip_invalid_node"
data/lib/qiita/markdown/embed/code_pen.rb ADDED
@@ -0,0 +1,10 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module CodePen
5
+ SCRIPT_URL = "https://production-assets.codepen.io/assets/embed/ei.js"
6
+ ATTRIBUTES = %w[class data-embed-version data-slug-hash]
7
+ end
8
+ end
9
+ end
10
+ end
data/lib/qiita/markdown/embed/tweet.rb ADDED
@@ -0,0 +1,10 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module Tweet
5
+ SCRIPT_URL = "https://platform.twitter.com/widgets.js"
6
+ CLASS_NAME = %w[twitter-tweet]
7
+ end
8
+ end
9
+ end
10
+ end
data/lib/qiita/markdown/filters/final_sanitizer.rb CHANGED
@@ -41,7 +41,7 @@ module Qiita
41
41
  "itemscope",
42
42
  "itemtype",
43
43
  ],
44
- "p" => CodePen::ATTRIBUTES,
44
+ "p" => Embed::CodePen::ATTRIBUTES,
45
45
  "script" => [
46
46
  "async",
47
47
  "src",
@@ -191,7 +191,7 @@ module Qiita
191
191
  SCRIPTABLE_RULE = RULE.dup.tap do |rule|
192
192
  rule[:attributes] = RULE[:attributes].dup
193
193
  rule[:attributes][:all] = rule[:attributes][:all] + [:data]
194
- rule[:elements] = RULE[:elements] + ["iframe", "script", "video"]
194
+ rule[:elements] = RULE[:elements] + ["iframe", "video"]
195
195
  rule[:transformers] = rule[:transformers] - [Transformers::FilterScript]
196
196
  end
197
197
 
data/lib/qiita/markdown/filters/user_input_sanitizer.rb CHANGED
@@ -24,7 +24,7 @@ module Qiita
24
24
  "img" => %w[alt height src title width],
25
25
  "ins" => %w[cite datetime],
26
26
  "li" => %w[id],
27
- "p" => CodePen::ATTRIBUTES,
27
+ "p" => Embed::CodePen::ATTRIBUTES,
28
28
  "q" => %w[cite],
29
29
  "script" => %w[async src],
30
30
  "sup" => %w[id],
data/lib/qiita/markdown/transformers/filter_attributes.rb CHANGED
@@ -9,7 +9,7 @@ module Qiita
9
9
  "rev" => %w[footnote],
10
10
  },
11
11
  "blockquote" => {
12
- "class" => %w[twitter-tweet],
12
+ "class" => Embed::Tweet::CLASS_NAME,
13
13
  },
14
14
  "div" => {
15
15
  "class" => %w[footnotes],
data/lib/qiita/markdown/transformers/filter_script.rb CHANGED
@@ -3,7 +3,8 @@ module Qiita
3
3
  module Transformers
4
4
  class FilterScript
5
5
  WHITE_LIST = [
6
- CodePen::SCRIPT_URL,
6
+ Embed::CodePen::SCRIPT_URL,
7
+ Embed::Tweet::SCRIPT_URL,
7
8
  ].freeze
8
9
 
9
10
  def self.call(*args)
data/lib/qiita/markdown/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Qiita
2
2
  module Markdown
3
- VERSION = "0.22.0"
3
+ VERSION = "0.23.0"
4
4
  end
5
5
  end
data/spec/qiita/markdown/processor_spec.rb CHANGED
@@ -1312,7 +1312,7 @@ describe Qiita::Markdown::Processor do
1312
1312
  end
1313
1313
  end
1314
1314
 
1315
- shared_examples_for "override codepen attributes" do |allowed:|
1315
+ shared_examples_for "override embed code attributes" do |allowed:|
1316
1316
  context "with HTML embed code for CodePen" do
1317
1317
  let(:markdown) do
1318
1318
  <<-EOS.strip_heredoc
@@ -1337,6 +1337,31 @@ describe Qiita::Markdown::Processor do
1337
1337
  end
1338
1338
  end
1339
1339
  end
1340
+
1341
+ context "with embed code for Tweet" do
1342
+ let(:markdown) do
1343
+ <<-EOS.strip_heredoc
1344
+ <blockquote class="twitter-tweet" data-cards="hidden" data-conversation="none">foo</blockquote>
1345
+ <script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
1346
+ EOS
1347
+ end
1348
+
1349
+ if allowed
1350
+ it "does not sanitize embed code" do
1351
+ should eq <<-EOS.strip_heredoc
1352
+ <blockquote class="twitter-tweet" data-cards="hidden" data-conversation="none">foo</blockquote>\n
1353
+ <script async src="https://platform.twitter.com/widgets.js"></script>
1354
+ EOS
1355
+ end
1356
+ else
1357
+ it "sanitizes attributes except `twitter-tweet` class" do
1358
+ should eq <<-EOS.strip_heredoc
1359
+ <blockquote class="twitter-tweet">foo</blockquote>\n
1360
+ <script async src="https://platform.twitter.com/widgets.js"></script>
1361
+ EOS
1362
+ end
1363
+ end
1364
+ end
1340
1365
  end
1341
1366
 
1342
1367
  context "without script and strict context" do
@@ -1352,7 +1377,7 @@ describe Qiita::Markdown::Processor do
1352
1377
  include_examples "data-attributes", allowed: false
1353
1378
  include_examples "class attribute", allowed: true
1354
1379
  include_examples "background-color", allowed: true
1355
- include_examples "override codepen attributes", allowed: false
1380
+ include_examples "override embed code attributes", allowed: false
1356
1381
  end
1357
1382
 
1358
1383
  context "with script context" do
@@ -1368,7 +1393,7 @@ describe Qiita::Markdown::Processor do
1368
1393
  include_examples "data-attributes", allowed: true
1369
1394
  include_examples "class attribute", allowed: true
1370
1395
  include_examples "background-color", allowed: true
1371
- include_examples "override codepen attributes", allowed: true
1396
+ include_examples "override embed code attributes", allowed: true
1372
1397
  end
1373
1398
 
1374
1399
  context "with strict context" do
@@ -1384,7 +1409,7 @@ describe Qiita::Markdown::Processor do
1384
1409
  include_examples "data-attributes", allowed: false
1385
1410
  include_examples "class attribute", allowed: false
1386
1411
  include_examples "background-color", allowed: false
1387
- include_examples "override codepen attributes", allowed: false
1412
+ include_examples "override embed code attributes", allowed: false
1388
1413
  end
1389
1414
 
1390
1415
  context "with script and strict context" do
@@ -1400,7 +1425,7 @@ describe Qiita::Markdown::Processor do
1400
1425
  include_examples "data-attributes", allowed: false
1401
1426
  include_examples "class attribute", allowed: false
1402
1427
  include_examples "background-color", allowed: false
1403
- include_examples "override codepen attributes", allowed: false
1428
+ include_examples "override embed code attributes", allowed: false
1404
1429
  end
1405
1430
  end
1406
1431
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: qiita-markdown
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.22.0
4
+ version: 0.23.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryo Nakamura
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-11-21 00:00:00.000000000 Z
11
+ date: 2017-12-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gemoji
@@ -256,7 +256,8 @@ files:
256
256
  - lib/qiita-markdown.rb
257
257
  - lib/qiita/markdown.rb
258
258
  - lib/qiita/markdown/base_processor.rb
259
- - lib/qiita/markdown/code_pen.rb
259
+ - lib/qiita/markdown/embed/code_pen.rb
260
+ - lib/qiita/markdown/embed/tweet.rb
260
261
  - lib/qiita/markdown/filters/checkbox.rb
261
262
  - lib/qiita/markdown/filters/code_block.rb
262
263
  - lib/qiita/markdown/filters/emoji.rb
data/lib/qiita/markdown/code_pen.rb DELETED
@@ -1,8 +0,0 @@
1
- module Qiita
2
- module Markdown
3
- module CodePen
4
- SCRIPT_URL = "https://production-assets.codepen.io/assets/embed/ei.js"
5
- ATTRIBUTES = %w[class data-embed-version data-slug-hash]
6
- end
7
- end
8
- end