qiita-markdown 0.14.0 → 0.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f54a09d35de11e6c0b8048cfe8dde77a4b909896
-  data.tar.gz: 367ea2b6458da0baaa0bd09d80713110bcdee391
+  metadata.gz: aeafaca650b98a99a00e0735bde849f99faff1fb
+  data.tar.gz: 2911b685bc654da88a608ba1ee7c4636027c9a40
 SHA512:
-  metadata.gz: e9e187cc785090db99d4b1b9197a8b3f1f148ff681ddfd7be4ca84d66593e5e14a2921362228ee69e8cb577076bdb42a9d7884563d3a3feed8c6a87d86cf9983
-  data.tar.gz: 6a54122f245928bd01551fbc2734da61643d77942238020cbc4045bb807eda27b0b62b3b44d27977dd7d0fa38b009be3aa32b05d9eb0bbb8c1579d5be50778ce
+  metadata.gz: 019f1dd78735350a0e5c43f0c869fc3656ae858aaeec5d659b9eab64a1d040f3e0685a26313facb6fa750b526aecf676ad5b874aca06a49e18867fa384a60030
+  data.tar.gz: 26232bd99bac696a6eb05cd37054a53c0227773db46f78f0406abc63f0076d1b84ad06ca0058d53d8d2dcb18a4fbc5966f3f867f1f49f7d50f65f8d2eacbe7ff

data/CHANGELOG.md

@@ -1,3 +1,6 @@
+## 0.15.0
+- Append rel=nofollow and target=_blank to all external a tags
+
 ## 0.14.0
 - Add some attributes to mentions for rendering hovercard
 

data/README.md

@@ -15,7 +15,7 @@ Qiita-specified markdown processor.
 Qiita::Markdown::Processor provides markdown rendering logic.
 
 ```ruby
-processor = Qiita::Markdown::Processor.new
+processor = Qiita::Markdown::Processor.new(hostname: "example.com")
 processor.call(markdown)
 # => {
 #   codes: [
@@ -38,7 +38,7 @@ Qiita::Markdown is built on [jch/html-pipeline](https://github.com/jch/html-pipe
 Add your favorite html-pipeline-compatible filters.
 
 ```ruby
-processor = Qiita::Markdown::Processor.new
+processor = Qiita::Markdown::Processor.new(hostname: "example.com")
 processor.filters << HTML::Pipeline::ImageMaxWidthFilter
 processor.call(text)
 ```
@@ -55,13 +55,14 @@ processor.call(text)
 :emoji_names         - A list of allowed emoji names. (Array<String>)
 :emoji_url_generator - #call'able object that accepts emoji name as argument and returns emoji image URL. (#call)
                        The original implementation is used when the generator returned a falsey value.
+:hostname            - FQDN. Used to check whether or not each URL of `href` attributes is external site. (String)
 :language_aliases    - Alias table for some language names. (Hash)
 :rule                - Sanitization rule table. (Hash)
 :script              - A flag to allow to embed script element. (Boolean)
 ```
 
 ```ruby
-processor = Qiita::Markdown::Processor.new(asset_root: "http://example.com/assets")
+processor = Qiita::Markdown::Processor.new(asset_root: "http://example.com/assets", hostname: "example.com")
 processor.call(text)
 ```
 
@@ -87,6 +88,6 @@ SummaryProcessor accepts the following context in addition to the Processor's co
 ```
 
 ```ruby
-processor = Qiita::Markdown::SummaryProcessor.new(truncate: { length: 80 })
+processor = Qiita::Markdown::SummaryProcessor.new(truncate: { length: 80 }, hostname: "example.com")
 processor.call(text)
 ```

data/lib/qiita/markdown.rb

@@ -10,6 +10,7 @@ require "sanitize"
 require "qiita/markdown/filters/checkbox"
 require "qiita/markdown/filters/code"
 require "qiita/markdown/filters/emoji"
+require "qiita/markdown/filters/external_link"
 require "qiita/markdown/filters/footnote"
 require "qiita/markdown/filters/greenmat"
 require "qiita/markdown/filters/group_mention"

data/lib/qiita/markdown/filters/external_link.rb

@@ -0,0 +1,41 @@
+require "addressable/uri"
+
+module Qiita
+  module Markdown
+    module Filters
+      class ExternalLink < HTML::Pipeline::Filter
+        def call
+          doc.search("a").each do |anchor|
+            next unless anchor["href"]
+            href = anchor["href"].strip
+            href_host = host_of(href)
+            next unless href_host
+            if href_host != hostname
+              anchor["rel"] = "nofollow"
+              anchor["target"] = "_blank"
+            end
+          end
+
+          doc
+        end
+
+        def validate
+          needs :hostname
+        end
+
+        private
+
+        def host_of(url)
+          uri = Addressable::URI.parse(url)
+          uri.host
+        rescue Addressable::URI::InvalidURIError
+          nil
+        end
+
+        def hostname
+          context[:hostname]
+        end
+      end
+    end
+  end
+end

data/lib/qiita/markdown/filters/sanitize.rb

@@ -49,6 +49,7 @@ module Qiita
               "data-hovercard-target-name",
               "data-hovercard-target-type",
               "href",
+              "rel",
             ],
             "iframe" => [
               "allowfullscreen",

data/lib/qiita/markdown/processor.rb

@@ -15,6 +15,7 @@ module Qiita
         Filters::SyntaxHighlight,
         Filters::Mention,
         Filters::GroupMention,
+        Filters::ExternalLink,
         Filters::Sanitize,
       ]
 

data/lib/qiita/markdown/summary_processor.rb

@@ -9,6 +9,7 @@ module Qiita
         Filters::Simplify,
         Filters::Emoji,
         Filters::Mention,
+        Filters::ExternalLink,
         Filters::Sanitize,
         Filters::Truncate,
       ]

data/lib/qiita/markdown/version.rb

@@ -1,5 +1,5 @@
 module Qiita
   module Markdown
-    VERSION = "0.14.0"
+    VERSION = "0.15.0"
   end
 end

data/qiita-markdown.gemspec

@@ -25,6 +25,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "pygments.rb"
   spec.add_dependency "greenmat", ">= 3.2.0.2", "< 4"
   spec.add_dependency "sanitize"
+  spec.add_dependency "addressable"
   spec.add_development_dependency "activesupport", "4.2.6"
   spec.add_development_dependency "benchmark-ips", "~> 1.2"
   spec.add_development_dependency "bundler", "~> 1.7"

data/spec/qiita/markdown/processor_spec.rb

@@ -7,7 +7,7 @@ describe Qiita::Markdown::Processor do
     end
 
     let(:context) do
-      {}
+      { hostname: "example.com" }
     end
 
     let(:markdown) do
@@ -482,7 +482,7 @@ describe Qiita::Markdown::Processor do
 
       it "replaces it with preferred link and updates :mentioned_groups" do
         is_expected.to eq <<-EOS.strip_heredoc
-          <p><a href="https://alice.example.com/groups/bob">@alice/bob</a></p>
+          <p><a href="https://alice.example.com/groups/bob" rel="nofollow" target="_blank">@alice/bob</a></p>
         EOS
         expect(result[:mentioned_groups]).to eq [{
           group_url_name: "bob",
@@ -517,13 +517,13 @@ describe Qiita::Markdown::Processor do
 
     context "with raw URL" do
       let(:markdown) do
-        "http://qiita.com/search?q=日本語"
+        "http://example.com/search?q=日本語"
       end
 
       it "creates link for that with .autolink class" do
         should eq(
-          '<p><a href="http://qiita.com/search?q=%E6%97%A5%E6%9C%AC%E8%AA%9E" class="autolink">' \
-          "http://qiita.com/search?q=日本語</a></p>\n"
+          '<p><a href="http://example.com/search?q=%E6%97%A5%E6%9C%AC%E8%AA%9E" class="autolink">' \
+          "http://example.com/search?q=日本語</a></p>\n"
         )
       end
     end
@@ -745,7 +745,7 @@ describe Qiita::Markdown::Processor do
 
       it "generates footnotes elements" do
         should eq <<-EOS.strip_heredoc
-          <p><sup id="fnref1"><a href="#fn1" title="test">1</a></sup></p>
+          <p><sup id="fnref1"><a href="#fn1" rel="footnote" title="test">1</a></sup></p>
 
           <div class="footnotes">
           <hr>
@@ -764,13 +764,13 @@ describe Qiita::Markdown::Processor do
     context "with manually written link inside of <sup> tag" do
       let(:markdown) do
         <<-EOS.strip_heredoc
-          <sup>[Qiita](http://qiita.com/)</sup>
+          <sup>[Example](http://example.com/)</sup>
         EOS
       end
 
       it "does not confuse the structure with automatically generated footnote reference" do
         should eq <<-EOS.strip_heredoc
-          <p><sup><a href="http://qiita.com/">Qiita</a></sup></p>
+          <p><sup><a href="http://example.com/">Example</a></sup></p>
         EOS
       end
     end
@@ -847,5 +847,137 @@ describe Qiita::Markdown::Processor do
         )
       end
     end
+
+    context "with internal URL" do
+      let(:markdown) do
+        "http://qiita.com/?a=b"
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which does not have rel='nofollow' and target='_blank'" do
+        should eq(
+          '<p><a href="http://qiita.com/?a=b" class="autolink">' \
+          "http://qiita.com/?a=b</a></p>\n"
+        )
+      end
+    end
+
+    context "with external URL" do
+      let(:markdown) do
+        "http://external.com/?a=b"
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which has rel='nofollow' and target='_blank'" do
+        should eq(
+          '<p><a href="http://external.com/?a=b" class="autolink" rel="nofollow" target="_blank">' \
+          "http://external.com/?a=b</a></p>\n"
+        )
+      end
+    end
+
+    context "with internal anchor tag" do
+      let(:markdown) do
+        '<a href="http://qiita.com/?a=b">foobar</a>'
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which does not have rel='nofollow' and target='_blank'" do
+        should eq(
+          "<p><a href=\"http://qiita.com/?a=b\">foobar</a></p>\n"
+        )
+      end
+    end
+
+    context "with external anchor tag" do
+      let(:markdown) do
+        '<a href="http://external.com/?a=b">foobar</a>'
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which has rel='nofollow' and target='_blank'" do
+        should eq(
+          "<p><a href=\"http://external.com/?a=b\" rel=\"nofollow\" target=\"_blank\">foobar</a></p>\n"
+        )
+      end
+    end
+
+    context "with external URL which ends with the hostname parameter" do
+      let(:markdown) do
+        "http://qqqqqqiita.com/?a=b"
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which has rel='nofollow' and target='_blank'" do
+        should eq(
+          '<p><a href="http://qqqqqqiita.com/?a=b" class="autolink" rel="nofollow" target="_blank">' \
+          "http://qqqqqqiita.com/?a=b</a></p>\n"
+        )
+      end
+    end
+
+    context "with external anchor tag which ends with the hostname parameter" do
+      let(:markdown) do
+        '<a href="http://qqqqqqiita.com/?a=b">foobar</a>'
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which has rel='nofollow' and target='_blank'" do
+        should eq(
+          "<p><a href=\"http://qqqqqqiita.com/?a=b\" rel=\"nofollow\" target=\"_blank\">foobar</a></p>\n"
+        )
+      end
+    end
+
+    context "with sub-domain URL of hostname parameter" do
+      let(:markdown) do
+        "http://sub.qiita.com/?a=b"
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which has rel='nofollow' and target='_blank'" do
+        should eq(
+          '<p><a href="http://sub.qiita.com/?a=b" class="autolink" rel="nofollow" target="_blank">' \
+          "http://sub.qiita.com/?a=b</a></p>\n"
+        )
+      end
+    end
+
+    context "with external anchor tag which has rel attribute" do
+      let(:markdown) do
+        '<a href="http://external.com/?a=b" rel="url">foobar</a>'
+      end
+
+      let(:context) do
+        { hostname: "qiita.com" }
+      end
+
+      it "creates link which has rel='nofollow' and target='_blank', and rel value is overwritten" do
+        should eq(
+          "<p><a href=\"http://external.com/?a=b\" rel=\"nofollow\" target=\"_blank\">foobar</a></p>\n"
+        )
+      end
+    end
   end
 end

data/spec/qiita/markdown/summary_processor_spec.rb

@@ -7,7 +7,7 @@ describe Qiita::Markdown::SummaryProcessor do
     end
 
     let(:context) do
-      {}
+      { hostname: "example.com" }
     end
 
     let(:markdown) do
@@ -185,17 +185,17 @@ describe Qiita::Markdown::SummaryProcessor do
 
     context "with a long document consisting of nested elements" do
       before do
-        context[:truncate] = { length: 10 }
+        context[:truncate] = { length: 12 }
       end
 
       let(:markdown) do
         <<-EOS.strip_heredoc
-          _[Qiita](http://qiita.com/) is **a technical knowledge sharing and collaboration platform for programmers**._
+          _[Example](http://example.com/) is **a technical knowledge sharing and collaboration platform for programmers**._
         EOS
       end
 
       it "truncates it while honoring the document structure" do
-        should eq '<em><a href="http://qiita.com/">Qiita</a> is <strong>…</strong></em>'
+        should eq '<em><a href="http://example.com/">Example</a> is <strong>…</strong></em>'
       end
     end
 
@@ -206,13 +206,13 @@ describe Qiita::Markdown::SummaryProcessor do
 
       let(:markdown) do
         <<-EOS.strip_heredoc
-          **12**   4 [ 6](http://qiita.com/)_7
+          **12**   4 [ 6](http://example.com/)_7
           9_ 123
         EOS
       end
 
       it "truncates it while counting the consecutive whilespaces as one" do
-        should eq "<strong>12</strong>   4 <a href=\"http://qiita.com/\"> 6</a><em>7\n9</em>…"
+        should eq "<strong>12</strong>   4 <a href=\"http://example.com/\"> 6</a><em>7\n9</em>…"
       end
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: qiita-markdown
 version: !ruby/object:Gem::Version
-  version: 0.14.0
+  version: 0.15.0
 platform: ruby
 authors:
 - Ryo Nakamura
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-22 00:00:00.000000000 Z
+date: 2016-08-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gemoji
@@ -114,6 +114,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: addressable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -250,6 +264,7 @@ files:
 - lib/qiita/markdown/filters/checkbox.rb
 - lib/qiita/markdown/filters/code.rb
 - lib/qiita/markdown/filters/emoji.rb
+- lib/qiita/markdown/filters/external_link.rb
 - lib/qiita/markdown/filters/footnote.rb
 - lib/qiita/markdown/filters/greenmat.rb
 - lib/qiita/markdown/filters/group_mention.rb
@@ -301,4 +316,3 @@ test_files:
 - spec/qiita/markdown/processor_spec.rb
 - spec/qiita/markdown/summary_processor_spec.rb
 - spec/spec_helper.rb
-has_rdoc: