rack-sanitize 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/lib/rack/sanitize.rb +2 -0
- data/rack-sanitize.gemspec +3 -2
- data/spec/fixtures/gnu.png +0 -0
- data/spec/rack/sanitize_spec.rb +23 -1
- data/spec/spec_helper.rb +5 -0
- metadata +4 -3
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.0.
|
1
|
+
0.0.2
|
data/lib/rack/sanitize.rb
CHANGED
data/rack-sanitize.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{rack-sanitize}
|
8
|
-
s.version = "0.0.
|
8
|
+
s.version = "0.0.2"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["robotapocalypse"]
|
12
|
-
s.date = %q{2010-
|
12
|
+
s.date = %q{2010-09-01}
|
13
13
|
s.description = %q{Remove all malicious HTML from your request before it reaches your application}
|
14
14
|
s.email = %q{pherph@gmail.com}
|
15
15
|
s.extra_rdoc_files = [
|
@@ -27,6 +27,7 @@ Gem::Specification.new do |s|
|
|
27
27
|
"VERSION",
|
28
28
|
"lib/rack/sanitize.rb",
|
29
29
|
"rack-sanitize.gemspec",
|
30
|
+
"spec/fixtures/gnu.png",
|
30
31
|
"spec/rack/sanitize_spec.rb",
|
31
32
|
"spec/spec.opts",
|
32
33
|
"spec/spec_helper.rb"
|
Binary file
|
data/spec/rack/sanitize_spec.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
require File.dirname(__FILE__) + '/../spec_helper'
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
|
2
2
|
|
3
3
|
describe Rack::Sanitize do
|
4
4
|
it "should sanitize GETs" do
|
@@ -70,4 +70,26 @@ describe Rack::Sanitize do
|
|
70
70
|
it "should default to sanitizing both GETs and POSTs" do
|
71
71
|
|
72
72
|
end
|
73
|
+
|
74
|
+
describe "file uploads" do
|
75
|
+
before do
|
76
|
+
@fixtures_dir = File.join(File.dirname(__FILE__), '..', 'fixtures')
|
77
|
+
@gnu_file = File.join(@fixtures_dir, 'gnu.png')
|
78
|
+
@uploaded_file = File.join(@fixtures_dir, 'uploaded_file.png')
|
79
|
+
end
|
80
|
+
|
81
|
+
after do
|
82
|
+
if File.exists?(@uploaded_file)
|
83
|
+
FileUtils.rm(@uploaded_file)
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
it "should not mess with file uploads" do
|
88
|
+
file = Rack::Test::UploadedFile.new(@gnu_file, 'image/png')
|
89
|
+
|
90
|
+
post '/fileupload', {"file" => file}
|
91
|
+
File.exists?(@uploaded_file).should be_true
|
92
|
+
FileUtils.compare_file(@gnu_file, @uploaded_file).should be_true
|
93
|
+
end
|
94
|
+
end
|
73
95
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -15,6 +15,11 @@ class PotentialVictim < Sinatra::Base
|
|
15
15
|
post '/post' do
|
16
16
|
"POSTs: #{Rack::Utils.unescape(request.POST.to_query)}"
|
17
17
|
end
|
18
|
+
|
19
|
+
post '/fileupload' do
|
20
|
+
tempfile = params["file"][:tempfile]
|
21
|
+
FileUtils.copy_file(tempfile.path, File.join(File.dirname(__FILE__), 'fixtures', 'uploaded_file.png'))
|
22
|
+
end
|
18
23
|
end
|
19
24
|
|
20
25
|
Spec::Runner.configure do |config|
|
metadata
CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
5
5
|
segments:
|
6
6
|
- 0
|
7
7
|
- 0
|
8
|
-
-
|
9
|
-
version: 0.0.
|
8
|
+
- 2
|
9
|
+
version: 0.0.2
|
10
10
|
platform: ruby
|
11
11
|
authors:
|
12
12
|
- robotapocalypse
|
@@ -14,7 +14,7 @@ autorequire:
|
|
14
14
|
bindir: bin
|
15
15
|
cert_chain: []
|
16
16
|
|
17
|
-
date: 2010-
|
17
|
+
date: 2010-09-01 00:00:00 -06:00
|
18
18
|
default_executable:
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
@@ -112,6 +112,7 @@ files:
|
|
112
112
|
- VERSION
|
113
113
|
- lib/rack/sanitize.rb
|
114
114
|
- rack-sanitize.gemspec
|
115
|
+
- spec/fixtures/gnu.png
|
115
116
|
- spec/rack/sanitize_spec.rb
|
116
117
|
- spec/spec.opts
|
117
118
|
- spec/spec_helper.rb
|