qiita-markdown 0.25.0 → 0.30.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of qiita-markdown might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 89534a166cf79eb437e025498219b56ad7f62ec2
4
- data.tar.gz: 8e4d0c3fe57c5876dbc3467a1a523fb2b96f7174
2
+ SHA256:
3
+ metadata.gz: 42cc63e59c291528b6941557bab180be94412a558f0c24870542ea77527fad9f
4
+ data.tar.gz: b777d78995b04138e71ece8dec23ef25b186264592edadbf9269aa5a782931bc
5
5
  SHA512:
6
- metadata.gz: a7b791b1d6ee445d539b1f6576d17f00e70370f3a723efcf614c85ea1277a49d43848570202955fdf016ff11965657a3feb8395887ea11de8c37510da60949c3
7
- data.tar.gz: a31faf66fcd5e3d5509adeb1b4726e6b76f9184efdf6831f451048e5fbb9d187b7b62846f888ff5691a9b8f338ec1c7664579aad58e40e26008cddc90588fab4
6
+ metadata.gz: 9c3bd31ede849e9e75d07527de512df7dbe4f4ce3d72bc0e2de82820ce83324c5f4f9473672b3ee35e4e7f4136d613d033f225e95e30318e61deed43757b6aea
7
+ data.tar.gz: aed9e848764dad909246821c8e30074c7317496fcfe5dd89fb374d693e39c43da0a4c71e957d3f6764cb89199d27ac2e17c161abda8aeb0333568f96d2644475
data/CHANGELOG.md CHANGED
@@ -1,5 +1,30 @@
1
1
  ## Unreleased
2
2
 
3
+ ## 0.30.0
4
+
5
+ - Use greenmat 3.5.1.0
6
+
7
+ ## 0.29.0
8
+
9
+ - Accept new embeded script and iframes
10
+ - Gist
11
+ - Youtube
12
+ - SlideShare
13
+ - SpeekerDeck
14
+ - GoogleSlide
15
+
16
+ ## 0.28.0
17
+
18
+ - Accept new codepen script url (cpwebassets.codepen.io)
19
+
20
+ ## 0.27.0
21
+
22
+ - Support embed Asciinema
23
+
24
+ ## 0.26.0
25
+
26
+ - Use greenmat 3.2.2.4
27
+
3
28
  ## 0.25.0
4
29
 
5
30
  - Accept new codepen script url (static.codepen.io)
@@ -9,8 +9,15 @@ require "sanitize"
9
9
 
10
10
  require "qiita/markdown/embed/code_pen"
11
11
  require "qiita/markdown/embed/tweet"
12
+ require "qiita/markdown/embed/asciinema"
13
+ require "qiita/markdown/embed/gist"
14
+ require "qiita/markdown/embed/youtube"
15
+ require "qiita/markdown/embed/slide_share"
16
+ require "qiita/markdown/embed/google_slide"
17
+ require "qiita/markdown/embed/speeker_deck"
12
18
  require "qiita/markdown/transformers/filter_attributes"
13
19
  require "qiita/markdown/transformers/filter_script"
20
+ require "qiita/markdown/transformers/filter_iframe"
14
21
  require "qiita/markdown/transformers/strip_invalid_node"
15
22
  require "qiita/markdown/filters/checkbox"
16
23
  require "qiita/markdown/filters/code_block"
@@ -0,0 +1,9 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module Asciinema
5
+ SCRIPT_HOST = "asciinema.org".freeze
6
+ end
7
+ end
8
+ end
9
+ end
@@ -5,6 +5,7 @@ module Qiita
5
5
  SCRIPT_URLS = [
6
6
  "https://production-assets.codepen.io/assets/embed/ei.js",
7
7
  "https://static.codepen.io/assets/embed/ei.js",
8
+ "https://cpwebassets.codepen.io/assets/embed/ei.js",
8
9
  ]
9
10
  CLASS_NAME = %w[codepen]
10
11
  DATA_ATTRIBUTES = %w[
@@ -0,0 +1,9 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module Gist
5
+ SCRIPT_HOST = "gist.github.com".freeze
6
+ end
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,9 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module GoogleSlide
5
+ SCRIPT_HOST = "docs.google.com".freeze
6
+ end
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,9 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module SlideShare
5
+ SCRIPT_HOST = "www.slideshare.net".freeze
6
+ end
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,16 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module SpeekerDeck
5
+ SCRIPT_URLS = [
6
+ "//speakerdeck.com/assets/embed.js",
7
+ ].freeze
8
+ CLASS_NAME = %w[speakerdeck-embed].freeze
9
+ DATA_ATTRIBUTES = %w[
10
+ data-id data-ratio
11
+ ].freeze
12
+ ATTRIBUTES = %w[class] + DATA_ATTRIBUTES
13
+ end
14
+ end
15
+ end
16
+ end
@@ -0,0 +1,12 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Embed
4
+ module Youtube
5
+ SCRIPT_HOSTS = [
6
+ "www.youtube-nocookie.com",
7
+ "www.youtube.com",
8
+ ].freeze
9
+ end
10
+ end
11
+ end
12
+ end
@@ -47,7 +47,9 @@ module Qiita
47
47
  "async",
48
48
  "src",
49
49
  "type",
50
- ],
50
+ ].concat(
51
+ Embed::SpeekerDeck::ATTRIBUTES,
52
+ ),
51
53
  "span" => [
52
54
  "style",
53
55
  ],
@@ -137,6 +139,7 @@ module Qiita
137
139
  "s",
138
140
  "samp",
139
141
  "script",
142
+ "iframe",
140
143
  "span",
141
144
  "strike",
142
145
  "strong",
@@ -186,14 +189,15 @@ module Qiita
186
189
  transformers: [
187
190
  Transformers::StripInvalidNode,
188
191
  Transformers::FilterScript,
192
+ Transformers::FilterIframe,
189
193
  ],
190
194
  }.freeze
191
195
 
192
196
  SCRIPTABLE_RULE = RULE.dup.tap do |rule|
193
197
  rule[:attributes] = RULE[:attributes].dup
194
198
  rule[:attributes][:all] = rule[:attributes][:all] + [:data]
195
- rule[:elements] = RULE[:elements] + ["iframe", "video"]
196
- rule[:transformers] = rule[:transformers] - [Transformers::FilterScript]
199
+ rule[:elements] = RULE[:elements] + ["video"]
200
+ rule[:transformers] = rule[:transformers] - [Transformers::FilterScript, Transformers::FilterIframe]
197
201
  end
198
202
 
199
203
  def call
@@ -6,7 +6,7 @@ module Qiita
6
6
  RULE = {
7
7
  elements: %w[
8
8
  a b blockquote br code dd del details div dl dt em font h1 h2 h3 h4 h5 h6
9
- hr i img ins kbd li ol p pre q rp rt ruby s samp script strike strong sub
9
+ hr i img ins kbd li ol p pre q rp rt ruby s samp script iframe strike strong sub
10
10
  summary sup table tbody td tfoot th thead tr ul var
11
11
  ],
12
12
  attributes: {
@@ -26,7 +26,18 @@ module Qiita
26
26
  "li" => %w[id],
27
27
  "p" => Embed::CodePen::ATTRIBUTES,
28
28
  "q" => %w[cite],
29
- "script" => %w[async src],
29
+ "script" => %w[async src id].concat(Embed::SpeekerDeck::ATTRIBUTES),
30
+ "iframe" => %w[
31
+ allowfullscreen
32
+ frameborder
33
+ height
34
+ marginheight
35
+ marginwidth
36
+ scrolling
37
+ src
38
+ style
39
+ width
40
+ ],
30
41
  "sup" => %w[id],
31
42
  "td" => %w[colspan rowspan style],
32
43
  "th" => %w[colspan rowspan style],
@@ -42,6 +53,7 @@ module Qiita
42
53
  transformers: [
43
54
  Transformers::FilterAttributes,
44
55
  Transformers::FilterScript,
56
+ Transformers::FilterIframe,
45
57
  ],
46
58
  }.freeze
47
59
 
@@ -0,0 +1,50 @@
1
+ module Qiita
2
+ module Markdown
3
+ module Transformers
4
+ class FilterIframe
5
+ URL_WHITE_LIST = [
6
+ ].flatten.freeze
7
+
8
+ HOST_WHITE_LIST = [
9
+ Embed::Youtube::SCRIPT_HOSTS,
10
+ Embed::SlideShare::SCRIPT_HOST,
11
+ Embed::GoogleSlide::SCRIPT_HOST,
12
+ ].flatten.freeze
13
+
14
+ def self.call(*args)
15
+ new(*args).transform
16
+ end
17
+
18
+ def initialize(env)
19
+ @env = env
20
+ end
21
+
22
+ def transform
23
+ if name == "iframe"
24
+ if URL_WHITE_LIST.include?(node["src"]) || HOST_WHITE_LIST.include?(host_of(node["src"]))
25
+ node.children.unlink
26
+ else
27
+ node.unlink
28
+ end
29
+ end
30
+ end
31
+
32
+ private
33
+
34
+ def name
35
+ @env[:node_name]
36
+ end
37
+
38
+ def node
39
+ @env[:node]
40
+ end
41
+
42
+ def host_of(url)
43
+ Addressable::URI.parse(url).host if url
44
+ rescue Addressable::URI::InvalidURIError
45
+ nil
46
+ end
47
+ end
48
+ end
49
+ end
50
+ end
@@ -2,9 +2,15 @@ module Qiita
2
2
  module Markdown
3
3
  module Transformers
4
4
  class FilterScript
5
- WHITE_LIST = [
5
+ URL_WHITE_LIST = [
6
6
  Embed::CodePen::SCRIPT_URLS,
7
7
  Embed::Tweet::SCRIPT_URL,
8
+ Embed::SpeekerDeck::SCRIPT_URLS,
9
+ ].flatten.freeze
10
+
11
+ HOST_WHITE_LIST = [
12
+ Embed::Asciinema::SCRIPT_HOST,
13
+ Embed::Gist::SCRIPT_HOST,
8
14
  ].flatten.freeze
9
15
 
10
16
  def self.call(*args)
@@ -17,7 +23,7 @@ module Qiita
17
23
 
18
24
  def transform
19
25
  if name == "script"
20
- if WHITE_LIST.include?(node["src"])
26
+ if URL_WHITE_LIST.include?(node["src"]) || HOST_WHITE_LIST.include?(host_of(node["src"]))
21
27
  node["async"] = "async" unless node.attributes.key?("async")
22
28
  node.children.unlink
23
29
  else
@@ -35,6 +41,12 @@ module Qiita
35
41
  def node
36
42
  @env[:node]
37
43
  end
44
+
45
+ def host_of(url)
46
+ Addressable::URI.parse(url).host if url
47
+ rescue Addressable::URI::InvalidURIError
48
+ nil
49
+ end
38
50
  end
39
51
  end
40
52
  end
@@ -1,5 +1,5 @@
1
1
  module Qiita
2
2
  module Markdown
3
- VERSION = "0.25.0"
3
+ VERSION = "0.30.0"
4
4
  end
5
5
  end
@@ -23,12 +23,12 @@ Gem::Specification.new do |spec|
23
23
  spec.add_dependency "html-pipeline", "~> 2.0"
24
24
  spec.add_dependency "mem"
25
25
  spec.add_dependency "pygments.rb", "~> 1.0"
26
- spec.add_dependency "greenmat", "3.2.2.3"
26
+ spec.add_dependency "greenmat", "3.5.1.0"
27
27
  spec.add_dependency "sanitize"
28
28
  spec.add_dependency "addressable"
29
29
  spec.add_development_dependency "activesupport", "4.2.6"
30
30
  spec.add_development_dependency "benchmark-ips", "~> 1.2"
31
- spec.add_development_dependency "bundler", "~> 1.7"
31
+ spec.add_development_dependency "bundler"
32
32
  spec.add_development_dependency "codeclimate-test-reporter", "0.4.4"
33
33
  spec.add_development_dependency "pry"
34
34
  spec.add_development_dependency "rake", "~> 10.0"
@@ -740,7 +740,7 @@ describe Qiita::Markdown::Processor do
740
740
 
741
741
  it "generates footnotes elements" do
742
742
  should eq <<-HTML.strip_heredoc
743
- <p><sup id="fnref1"><a href="#fn1" rel="footnote" title="test">1</a></sup></p>
743
+ <p><sup id="fnref1"><a href="#fn1" title="test">1</a></sup></p>
744
744
 
745
745
  <div class="footnotes">
746
746
  <hr>
@@ -756,6 +756,25 @@ describe Qiita::Markdown::Processor do
756
756
  end
757
757
  end
758
758
 
759
+ context "with footenotes syntax with code block" do
760
+ let(:markdown) do
761
+ <<-MARKDOWN.strip_heredoc
762
+ ```
763
+ [^1]
764
+ [^1]: test
765
+ ```
766
+ MARKDOWN
767
+ end
768
+
769
+ it "generates only code blocks without footnotes" do
770
+ should eq <<-HTML.strip_heredoc
771
+ <div class="code-frame" data-lang="text"><div class="highlight"><pre><span></span>[^1]
772
+ [^1]: test
773
+ </pre></div></div>
774
+ HTML
775
+ end
776
+ end
777
+
759
778
  context "with manually written link inside of <sup> tag" do
760
779
  let(:markdown) do
761
780
  <<-MARKDOWN.strip_heredoc
@@ -1385,6 +1404,128 @@ describe Qiita::Markdown::Processor do
1385
1404
  end
1386
1405
  end
1387
1406
 
1407
+ context "with HTML embed code for Asciinema" do
1408
+ let(:markdown) do
1409
+ <<-MARKDOWN.strip_heredoc
1410
+ <script id="example" src="https://asciinema.org/a/example.js"></script>
1411
+ MARKDOWN
1412
+ end
1413
+
1414
+ if allowed
1415
+ it "does not sanitize embed code" do
1416
+ should eq <<-HTML.strip_heredoc
1417
+ <script id="example" src="https://asciinema.org/a/example.js"></script>
1418
+ HTML
1419
+ end
1420
+ else
1421
+ it "forces async attribute on script" do
1422
+ should eq <<-HTML.strip_heredoc
1423
+ <script id="example" src="https://asciinema.org/a/example.js" async="async"></script>
1424
+ HTML
1425
+ end
1426
+ end
1427
+ end
1428
+
1429
+ context "with HTML embed code for Gist" do
1430
+ let(:markdown) do
1431
+ <<-MARKDOWN.strip_heredoc
1432
+ <script id="example" src="https://gist.github.com/a/example.js"></script>
1433
+ MARKDOWN
1434
+ end
1435
+
1436
+ if allowed
1437
+ it "does not sanitize embed code" do
1438
+ should eq <<-HTML.strip_heredoc
1439
+ <script id="example" src="https://gist.github.com/a/example.js"></script>
1440
+ HTML
1441
+ end
1442
+ else
1443
+ it "forces async attribute on script" do
1444
+ should eq <<-HTML.strip_heredoc
1445
+ <script id="example" src="https://gist.github.com/a/example.js" async="async"></script>
1446
+ HTML
1447
+ end
1448
+ end
1449
+ end
1450
+
1451
+ context "with HTML embed code for Youtube" do
1452
+ let(:markdown) do
1453
+ <<-MARKDOWN.strip_heredoc
1454
+ <iframe width="100" height="100" src="https://www.youtube.com/embed/example"></iframe>
1455
+ MARKDOWN
1456
+ end
1457
+
1458
+ it "does not sanitize embed code" do
1459
+ should eq <<-HTML.strip_heredoc
1460
+ <iframe width="100" height="100" src="https://www.youtube.com/embed/example"></iframe>
1461
+ HTML
1462
+ end
1463
+
1464
+ context "when url is privacy enhanced mode" do
1465
+ let(:markdown) do
1466
+ <<-MARKDOWN.strip_heredoc
1467
+ <iframe width="100" height="100" src="https://www.youtube-nocookie.com/embed/example"></iframe>
1468
+ MARKDOWN
1469
+ end
1470
+
1471
+ it "does not sanitize embed code" do
1472
+ should eq <<-HTML.strip_heredoc
1473
+ <iframe width="100" height="100" src="https://www.youtube-nocookie.com/embed/example"></iframe>
1474
+ HTML
1475
+ end
1476
+ end
1477
+ end
1478
+
1479
+ context "with HTML embed code for SlideShare" do
1480
+ let(:markdown) do
1481
+ <<-MARKDOWN.strip_heredoc
1482
+ <iframe width="100" height="100" src="https://www.slideshare.net/embed/example"></iframe>
1483
+ MARKDOWN
1484
+ end
1485
+
1486
+ it "does not sanitize embed code" do
1487
+ should eq <<-HTML.strip_heredoc
1488
+ <iframe width="100" height="100" src="https://www.slideshare.net/embed/example"></iframe>
1489
+ HTML
1490
+ end
1491
+ end
1492
+
1493
+ context "with HTML embed code for GoogleSlide" do
1494
+ let(:markdown) do
1495
+ <<-MARKDOWN.strip_heredoc
1496
+ <iframe src="https://docs.google.com/presentation/d/example/embed" frameborder="0" width="482" height="300" allowfullscreen="true" mozallowfullscreen="true" webkitallowfullscreen="true"></iframe>
1497
+ MARKDOWN
1498
+ end
1499
+
1500
+ it "does not sanitize embed code" do
1501
+ should eq <<-HTML.strip_heredoc
1502
+ <iframe src="https://docs.google.com/presentation/d/example/embed" frameborder="0" width="482" height="300" allowfullscreen="true"></iframe>
1503
+ HTML
1504
+ end
1505
+ end
1506
+
1507
+ context "with HTML embed code for SpeekerDeck" do
1508
+ let(:markdown) do
1509
+ <<-MARKDOWN.strip_heredoc
1510
+ <script async class="speakerdeck-embed" data-id="example" data-ratio="1.33333333333333" src="//speakerdeck.com/assets/embed.js"></script>
1511
+ MARKDOWN
1512
+ end
1513
+
1514
+ if allowed
1515
+ it "does not sanitize embed code" do
1516
+ should eq <<-HTML.strip_heredoc
1517
+ <script async class="speakerdeck-embed" data-id="example" data-ratio="1.33333333333333" src="//speakerdeck.com/assets/embed.js"></script>
1518
+ HTML
1519
+ end
1520
+ else
1521
+ it "forces async attribute on script" do
1522
+ should eq <<-HTML.strip_heredoc
1523
+ <script async class="speakerdeck-embed" data-id="example" data-ratio="1.33333333333333" src="//speakerdeck.com/assets/embed.js"></script>
1524
+ HTML
1525
+ end
1526
+ end
1527
+ end
1528
+
1388
1529
  context "with embed code for Tweet" do
1389
1530
  let(:markdown) do
1390
1531
  <<-MARKDOWN.strip_heredoc
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: qiita-markdown
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.25.0
4
+ version: 0.30.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryo Nakamura
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-19 00:00:00.000000000 Z
11
+ date: 2021-02-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gemoji
@@ -86,14 +86,14 @@ dependencies:
86
86
  requirements:
87
87
  - - '='
88
88
  - !ruby/object:Gem::Version
89
- version: 3.2.2.3
89
+ version: 3.5.1.0
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - '='
95
95
  - !ruby/object:Gem::Version
96
- version: 3.2.2.3
96
+ version: 3.5.1.0
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: sanitize
99
99
  requirement: !ruby/object:Gem::Requirement
@@ -154,16 +154,16 @@ dependencies:
154
154
  name: bundler
155
155
  requirement: !ruby/object:Gem::Requirement
156
156
  requirements:
157
- - - "~>"
157
+ - - ">="
158
158
  - !ruby/object:Gem::Version
159
- version: '1.7'
159
+ version: '0'
160
160
  type: :development
161
161
  prerelease: false
162
162
  version_requirements: !ruby/object:Gem::Requirement
163
163
  requirements:
164
- - - "~>"
164
+ - - ">="
165
165
  - !ruby/object:Gem::Version
166
- version: '1.7'
166
+ version: '0'
167
167
  - !ruby/object:Gem::Dependency
168
168
  name: codeclimate-test-reporter
169
169
  requirement: !ruby/object:Gem::Requirement
@@ -234,7 +234,7 @@ dependencies:
234
234
  - - '='
235
235
  - !ruby/object:Gem::Version
236
236
  version: 0.49.1
237
- description:
237
+ description:
238
238
  email:
239
239
  - r7kamura@gmail.com
240
240
  executables: []
@@ -256,8 +256,14 @@ files:
256
256
  - lib/qiita-markdown.rb
257
257
  - lib/qiita/markdown.rb
258
258
  - lib/qiita/markdown/base_processor.rb
259
+ - lib/qiita/markdown/embed/asciinema.rb
259
260
  - lib/qiita/markdown/embed/code_pen.rb
261
+ - lib/qiita/markdown/embed/gist.rb
262
+ - lib/qiita/markdown/embed/google_slide.rb
263
+ - lib/qiita/markdown/embed/slide_share.rb
264
+ - lib/qiita/markdown/embed/speeker_deck.rb
260
265
  - lib/qiita/markdown/embed/tweet.rb
266
+ - lib/qiita/markdown/embed/youtube.rb
261
267
  - lib/qiita/markdown/filters/checkbox.rb
262
268
  - lib/qiita/markdown/filters/code_block.rb
263
269
  - lib/qiita/markdown/filters/emoji.rb
@@ -280,6 +286,7 @@ files:
280
286
  - lib/qiita/markdown/processor.rb
281
287
  - lib/qiita/markdown/summary_processor.rb
282
288
  - lib/qiita/markdown/transformers/filter_attributes.rb
289
+ - lib/qiita/markdown/transformers/filter_iframe.rb
283
290
  - lib/qiita/markdown/transformers/filter_script.rb
284
291
  - lib/qiita/markdown/transformers/strip_invalid_node.rb
285
292
  - lib/qiita/markdown/version.rb
@@ -294,7 +301,7 @@ homepage: https://github.com/increments/qiita-markdown
294
301
  licenses:
295
302
  - MIT
296
303
  metadata: {}
297
- post_install_message:
304
+ post_install_message:
298
305
  rdoc_options: []
299
306
  require_paths:
300
307
  - lib
@@ -309,9 +316,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
309
316
  - !ruby/object:Gem::Version
310
317
  version: '0'
311
318
  requirements: []
312
- rubyforge_project:
313
- rubygems_version: 2.6.11
314
- signing_key:
319
+ rubygems_version: 3.0.3
320
+ signing_key:
315
321
  specification_version: 4
316
322
  summary: Qiita-specified markdown processor.
317
323
  test_files: