qiita-markdown 0.32.0 → 0.33.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of qiita-markdown might be problematic. Click here for more details.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 17dc016afba392cc6e3ea77af4cdc445e32c6004a6c23a24b8dce1a4e0ec1811
|
4
|
+
data.tar.gz: 042e3a11a8cc6d266463ae7bb8d3e46c8c732efeb061086586c80a277898cf38
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0c59646956b877c13e7c6ef62bd366483b5a7da78f19bfe8aee2305ea568c6f59dfb2d916e68a822e3363ddabbf7577166e8e21a8da79152550b11c77a3dc8d6
|
7
|
+
data.tar.gz: b907d5a284c9c77e9f264298d38d6ec4a0861179dda36320f6fd40187b606662b1e07e61d9f3e5bd2070f203e3de5d60b53cdb05593ca64ceb875c6bbd811f31
|
data/CHANGELOG.md
CHANGED
@@ -42,10 +42,10 @@ module Qiita
|
|
42
42
|
|
43
43
|
def host_of(url)
|
44
44
|
if url
|
45
|
-
|
46
|
-
Addressable::URI.parse(url).host if [
|
45
|
+
scheme = URI.parse(url).scheme
|
46
|
+
Addressable::URI.parse(url).host if ["http", "https"].include? scheme
|
47
47
|
end
|
48
|
-
rescue Addressable::URI::InvalidURIError
|
48
|
+
rescue Addressable::URI::InvalidURIError, URI::InvalidURIError
|
49
49
|
nil
|
50
50
|
end
|
51
51
|
end
|
@@ -44,10 +44,10 @@ module Qiita
|
|
44
44
|
|
45
45
|
def host_of(url)
|
46
46
|
if url
|
47
|
-
|
48
|
-
Addressable::URI.parse(url).host if [
|
47
|
+
scheme = URI.parse(url).scheme
|
48
|
+
Addressable::URI.parse(url).host if ["http", "https"].include? scheme
|
49
49
|
end
|
50
|
-
rescue Addressable::URI::InvalidURIError
|
50
|
+
rescue Addressable::URI::InvalidURIError, URI::InvalidURIError
|
51
51
|
nil
|
52
52
|
end
|
53
53
|
end
|
@@ -1616,7 +1616,7 @@ describe Qiita::Markdown::Processor do
|
|
1616
1616
|
context "with embed iframe code with xss" do
|
1617
1617
|
let(:markdown) do
|
1618
1618
|
<<-MARKDOWN.strip_heredoc
|
1619
|
-
<iframe src="javascript://docs.google.com
|
1619
|
+
<iframe src="javascript://docs.google.com:80/%0d%0aalert(document.domain)" frameborder="0" width="482" height="300" allowfullscreen="true" mozallowfullscreen="true" webkitallowfullscreen="true"></iframe>
|
1620
1620
|
MARKDOWN
|
1621
1621
|
|
1622
1622
|
it "forces width attribute on iframe" do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: qiita-markdown
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.33.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ryo Nakamura
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-03-
|
11
|
+
date: 2021-03-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gemoji
|