qti 2.12.1 → 2.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0f9b01aa2a3dd926eecc38def85058a183d1cdc137e7b2fdb7e57e53d039ec8d
4
- data.tar.gz: 947616c8831529af2441ff21f24202be5a09a0edf14ed285576840c595019e25
3
+ metadata.gz: 012e43c78ded5cf4f1ec586f8bbd321cadb532facc73e3b06bf9ecd884ab724f
4
+ data.tar.gz: d95a01adb90683fa13c2bd769581edc53771c8a8157c692954090d38936fc318
5
5
  SHA512:
6
- metadata.gz: 56801239a3801104cf1f79bd485fbeb45485b694360d4f2e98cc1edeaa3945b3c5aa85ccc9cdf282d5ee8657dc55b70731087cce0b65749fc9b12cf2c583819d
7
- data.tar.gz: 9aee853c6af495ae4349aec0f429b17ec8d61cf46c952d5b96f92f63d0b6e5334332bd56249106c7df616fac44d7e4d0be9a28da4abff65528c22fa82029ede4
6
+ metadata.gz: bfd79edf504cedad28c37fb5c34ce67b54e2421ba8db324e25d905d23881c66d44f64f700d6803c8853f70b68864f249eb9725d47b3f3b232c66d3a9b2217f39
7
+ data.tar.gz: 197b13f906c3604df179ab2276d69fcd8e0183f8988046bcd73df35653c312c02f0e37127874d6d371d7320e7e9d0b2bea5a6bbc324d419d1c3067907fa8e1d9
data/lib/qti/sanitizer.rb CHANGED
@@ -10,11 +10,15 @@ module Qti
10
10
 
11
11
  PROTOCOLS = ['http', 'https', :relative].freeze
12
12
  FILTER_TAGS = %w[iframe object embed video audio source].freeze
13
+ ALL_DATA_ATTR = [:data].freeze
13
14
  MEDIA_SRC_ATTR = %w[src data type codebase].freeze
14
15
  MEDIA_FMT_ATTR = %w[width height classid].freeze
15
16
  MEDIA_ALT_ATTR = %w[title alt allow allowfullscreen].freeze
16
- MEDIA_EXT_ATTR = %w[data-media-type data-media-id].freeze
17
- MEDIA_ATTR = [MEDIA_SRC_ATTR, MEDIA_FMT_ATTR, MEDIA_ALT_ATTR, MEDIA_EXT_ATTR].flatten.freeze
17
+ MEDIA_ATTR = [MEDIA_SRC_ATTR, MEDIA_FMT_ATTR, MEDIA_ALT_ATTR, ALL_DATA_ATTR].flatten.freeze
18
+
19
+ def self.relaxed_config(element, overrides)
20
+ Sanitize::Config::RELAXED[:attributes][element] + overrides
21
+ end
18
22
 
19
23
  CONFIG =
20
24
  {
@@ -38,7 +42,9 @@ module Qti
38
42
  allowscriptaccess width height],
39
43
  'iframe' => %w[src width height name align frameborder scrolling sandbox
40
44
  allowfullscreen webkitallowfullscreen mozallowfullscreen
41
- allow] # TODO: remove explicit allow with domain whitelist account setting
45
+ allow] + ALL_DATA_ATTR, # TODO: remove explicit allow with domain whitelist account setting
46
+ 'a' => relaxed_config('a', ['target'] + ALL_DATA_ATTR),
47
+ 'img' => relaxed_config('img', ALL_DATA_ATTR)
42
48
  }
43
49
  }.freeze
44
50
 
data/lib/qti/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Qti
2
- VERSION = '2.12.1'.freeze
2
+ VERSION = '2.13.1'.freeze
3
3
  end
@@ -31,13 +31,6 @@ describe Qti::Sanitizer do
31
31
  expect(sanitizer.clean(html)).to include 'classid'
32
32
  end
33
33
 
34
- it 'allows needed media extension attributes' do
35
- html = '<object data-media-type="thing" data-media-id=123456789>'
36
-
37
- expect(sanitizer.clean(html)).to include 'data-media-type'
38
- expect(sanitizer.clean(html)).to include 'data-media-id'
39
- end
40
-
41
34
  it 'allows needed media alt attributes' do
42
35
  html = '<source title="Title" alt="description" allow="fullscreen" allowfullscreen=1>'
43
36
 
@@ -46,5 +39,20 @@ describe Qti::Sanitizer do
46
39
  expect(sanitizer.clean(html)).to include 'allow'
47
40
  expect(sanitizer.clean(html)).to include 'allowfullscreen'
48
41
  end
42
+
43
+ it 'allows data attributes on <img>, <object>, <video>, <audio>, <iframe>, <source>, <a>' do
44
+ %w[<img> <object> <video> <audio> <iframe> <source> <a>].each do |tag|
45
+ tag.insert(-2, ' data-test="thing" data-media-id=123456789')
46
+
47
+ expect(sanitizer.clean(tag)).to include 'data-test'
48
+ expect(sanitizer.clean(tag)).to include 'data-media-id'
49
+ end
50
+ end
51
+
52
+ it 'allows target attribute on <a>' do
53
+ html = '<a href="http://a.url" target="_blank">'
54
+
55
+ expect(sanitizer.clean(html)).to include 'target="_blank"'
56
+ end
49
57
  end
50
58
  end
@@ -36,11 +36,11 @@ describe Qti::V1::Models::AssessmentItem do
36
36
  expect(loaded_class.item_body).to include '\(sample equation\)'
37
37
  end
38
38
 
39
- it 'does not transform math content when conversion is Disabled' do
39
+ it 'does not replace <img> math content with pure latex when conversion is Disabled' do
40
40
  Qti.configure do |config|
41
41
  config.extract_latex_from_image_tags = false
42
42
  end
43
- expect(loaded_class.item_body).not_to include '"sample equation"'
43
+ expect(loaded_class.item_body).to include '<img data-equation-content="sample equation"'
44
44
  end
45
45
 
46
46
  describe '#points_possible' do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: qti
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.12.1
4
+ version: 2.13.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adrian Diaz
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2023-01-31 00:00:00.000000000 Z
15
+ date: 2023-04-24 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: actionview