qiita-markdown 0.19.1 → 0.20.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of qiita-markdown might be problematic. Click here for more details.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: da128a043af30b7150fe3a7cfd4e498206287f4f
|
|
4
|
+
data.tar.gz: f1c24db2c52521cb1929480e94ac6c1e710fb325
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 26463d11cd37164156db324205e26e827bee86f060900641659d6ba106394552334408f82f896c2631ee6cc0ccb2b784d736ac57cfe0edf7a662155c2d73e7ef
|
|
7
|
+
data.tar.gz: feb783906656c3c7173ad19f3b92033d3e7fcdfe38d1d5842f22436cca6af693218ee372d7b2adb02a9a584759af513b62326f894d55ddc92f5325cc7ffd8725
|
data/CHANGELOG.md
CHANGED
|
@@ -10,6 +10,9 @@ module Qiita
|
|
|
10
10
|
"rel" => %w[footnote url],
|
|
11
11
|
"rev" => %w[footnote],
|
|
12
12
|
},
|
|
13
|
+
"blockquote" => {
|
|
14
|
+
"class" => %w[twitter-tweet],
|
|
15
|
+
},
|
|
13
16
|
"div" => {
|
|
14
17
|
"class" => %w[footnotes],
|
|
15
18
|
},
|
|
@@ -63,7 +66,7 @@ module Qiita
|
|
|
63
66
|
],
|
|
64
67
|
attributes: {
|
|
65
68
|
"a" => %w[class href rel title],
|
|
66
|
-
"blockquote" => %w[cite],
|
|
69
|
+
"blockquote" => %w[cite class],
|
|
67
70
|
"code" => %w[data-metadata],
|
|
68
71
|
"div" => %w[class],
|
|
69
72
|
"font" => %w[color],
|
|
@@ -1125,6 +1125,28 @@ describe Qiita::Markdown::Processor do
|
|
|
1125
1125
|
end
|
|
1126
1126
|
end
|
|
1127
1127
|
|
|
1128
|
+
context "with class attribute for <blockquote> tag" do
|
|
1129
|
+
let(:markdown) do
|
|
1130
|
+
<<-EOS.strip_heredoc
|
|
1131
|
+
<blockquote class="twitter-tweet malicious-class">foo</blockquote>
|
|
1132
|
+
EOS
|
|
1133
|
+
end
|
|
1134
|
+
|
|
1135
|
+
if allowed
|
|
1136
|
+
it "does not sanitize the classes" do
|
|
1137
|
+
should eq <<-EOS.strip_heredoc
|
|
1138
|
+
<blockquote class="twitter-tweet malicious-class">foo</blockquote>
|
|
1139
|
+
EOS
|
|
1140
|
+
end
|
|
1141
|
+
else
|
|
1142
|
+
it "sanitizes classes except `twitter-tweet`" do
|
|
1143
|
+
should eq <<-EOS.strip_heredoc
|
|
1144
|
+
<blockquote class="twitter-tweet">foo</blockquote>
|
|
1145
|
+
EOS
|
|
1146
|
+
end
|
|
1147
|
+
end
|
|
1148
|
+
end
|
|
1149
|
+
|
|
1128
1150
|
context "with class attribute for <div> tag" do
|
|
1129
1151
|
let(:markdown) do
|
|
1130
1152
|
<<-EOS.strip_heredoc
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: qiita-markdown
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.20.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryo Nakamura
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-06-
|
|
11
|
+
date: 2017-06-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gemoji
|