rails-deprecated_sanitizer-no-registration 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG.md +19 -0
- data/LICENSE +22 -0
- data/README.md +17 -0
- data/lib/rails-deprecated_sanitizer.rb +1 -0
- data/lib/rails/deprecated_sanitizer.rb +25 -0
- data/lib/rails/deprecated_sanitizer/html-scanner.rb +21 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/document.rb +68 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/node.rb +532 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/sanitizer.rb +188 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/selector.rb +830 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/tokenizer.rb +107 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/version.rb +11 -0
- data/lib/rails/deprecated_sanitizer/version.rb +5 -0
- data/test/cdata_node_test.rb +16 -0
- data/test/document_test.rb +149 -0
- data/test/node_test.rb +90 -0
- data/test/tag_node_test.rb +244 -0
- data/test/test_helper.rb +13 -0
- data/test/text_node_test.rb +51 -0
- data/test/tokenizer_test.rb +132 -0
- metadata +112 -0
data/test/test_helper.rb
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
require 'bundler/setup'
|
2
|
+
require 'minitest/autorun'
|
3
|
+
require 'active_support'
|
4
|
+
require 'active_support/test_case'
|
5
|
+
require 'active_support/testing/autorun'
|
6
|
+
|
7
|
+
require 'action_view/helpers/sanitize_helper'
|
8
|
+
|
9
|
+
require 'rails/deprecated_sanitizer'
|
10
|
+
|
11
|
+
# Show backtraces for deprecated behavior for quicker cleanup.
|
12
|
+
ActiveSupport::Deprecation.debug = true
|
13
|
+
ActiveSupport::TestCase.test_order = :random
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'rails/deprecated_sanitizer/html-scanner/html/node'
|
3
|
+
|
4
|
+
class TextNodeTest < ActiveSupport::TestCase
|
5
|
+
def setup
|
6
|
+
@node = HTMLDeprecated::Text.new(nil, 0, 0, "hello, howdy, aloha, annyeong")
|
7
|
+
end
|
8
|
+
|
9
|
+
def test_to_s
|
10
|
+
assert_equal "hello, howdy, aloha, annyeong", @node.to_s
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_find_string
|
14
|
+
assert_equal @node, @node.find("hello, howdy, aloha, annyeong")
|
15
|
+
assert_equal false, @node.find("bogus")
|
16
|
+
end
|
17
|
+
|
18
|
+
def test_find_regexp
|
19
|
+
assert_equal @node, @node.find(/an+y/)
|
20
|
+
assert_nil @node.find(/b/)
|
21
|
+
end
|
22
|
+
|
23
|
+
def test_find_hash
|
24
|
+
assert_equal @node, @node.find(:content => /howdy/)
|
25
|
+
assert_nil @node.find(:content => /^howdy$/)
|
26
|
+
assert_equal false, @node.find(:content => "howdy")
|
27
|
+
end
|
28
|
+
|
29
|
+
def test_find_other
|
30
|
+
assert_nil @node.find(:hello)
|
31
|
+
end
|
32
|
+
|
33
|
+
def test_match_string
|
34
|
+
assert @node.match("hello, howdy, aloha, annyeong")
|
35
|
+
assert_equal false, @node.match("bogus")
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_match_regexp
|
39
|
+
assert_not_nil @node, @node.match(/an+y/)
|
40
|
+
assert_nil @node.match(/b/)
|
41
|
+
end
|
42
|
+
|
43
|
+
def test_match_hash
|
44
|
+
assert_not_nil @node, @node.match(:content => "howdy")
|
45
|
+
assert_nil @node.match(:content => /^howdy$/)
|
46
|
+
end
|
47
|
+
|
48
|
+
def test_match_other
|
49
|
+
assert_nil @node.match(:hello)
|
50
|
+
end
|
51
|
+
end
|
@@ -0,0 +1,132 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'rails/deprecated_sanitizer/html-scanner/html/tokenizer'
|
3
|
+
|
4
|
+
class TokenizerTest < ActiveSupport::TestCase
|
5
|
+
|
6
|
+
def test_blank
|
7
|
+
tokenize ""
|
8
|
+
assert_end
|
9
|
+
end
|
10
|
+
|
11
|
+
def test_space
|
12
|
+
tokenize " "
|
13
|
+
assert_next " "
|
14
|
+
assert_end
|
15
|
+
end
|
16
|
+
|
17
|
+
def test_tag_simple_open
|
18
|
+
tokenize "<tag>"
|
19
|
+
assert_next "<tag>"
|
20
|
+
assert_end
|
21
|
+
end
|
22
|
+
|
23
|
+
def test_tag_simple_self_closing
|
24
|
+
tokenize "<tag />"
|
25
|
+
assert_next "<tag />"
|
26
|
+
assert_end
|
27
|
+
end
|
28
|
+
|
29
|
+
def test_tag_simple_closing
|
30
|
+
tokenize "</tag>"
|
31
|
+
assert_next "</tag>"
|
32
|
+
end
|
33
|
+
|
34
|
+
def test_tag_with_single_quoted_attribute
|
35
|
+
tokenize %{<tag a='hello'>x}
|
36
|
+
assert_next %{<tag a='hello'>}
|
37
|
+
end
|
38
|
+
|
39
|
+
def test_tag_with_single_quoted_attribute_with_escape
|
40
|
+
tokenize %{<tag a='hello\\''>x}
|
41
|
+
assert_next %{<tag a='hello\\''>}
|
42
|
+
end
|
43
|
+
|
44
|
+
def test_tag_with_double_quoted_attribute
|
45
|
+
tokenize %{<tag a="hello">x}
|
46
|
+
assert_next %{<tag a="hello">}
|
47
|
+
end
|
48
|
+
|
49
|
+
def test_tag_with_double_quoted_attribute_with_escape
|
50
|
+
tokenize %{<tag a="hello\\"">x}
|
51
|
+
assert_next %{<tag a="hello\\"">}
|
52
|
+
end
|
53
|
+
|
54
|
+
def test_tag_with_unquoted_attribute
|
55
|
+
tokenize %{<tag a=hello>x}
|
56
|
+
assert_next %{<tag a=hello>}
|
57
|
+
end
|
58
|
+
|
59
|
+
def test_tag_with_lt_char_in_attribute
|
60
|
+
tokenize %{<tag a="x < y">x}
|
61
|
+
assert_next %{<tag a="x < y">}
|
62
|
+
end
|
63
|
+
|
64
|
+
def test_tag_with_gt_char_in_attribute
|
65
|
+
tokenize %{<tag a="x > y">x}
|
66
|
+
assert_next %{<tag a="x > y">}
|
67
|
+
end
|
68
|
+
|
69
|
+
def test_doctype_tag
|
70
|
+
tokenize %{<!DOCTYPE "blah" "blah" "blah">\n <html>}
|
71
|
+
assert_next %{<!DOCTYPE "blah" "blah" "blah">}
|
72
|
+
assert_next %{\n }
|
73
|
+
assert_next %{<html>}
|
74
|
+
end
|
75
|
+
|
76
|
+
def test_cdata_tag
|
77
|
+
tokenize %{<![CDATA[<br>]]>}
|
78
|
+
assert_next %{<![CDATA[<br>]]>}
|
79
|
+
assert_end
|
80
|
+
end
|
81
|
+
|
82
|
+
def test_unterminated_cdata_tag
|
83
|
+
tokenize %{<content:encoded><![CDATA[ neverending...}
|
84
|
+
assert_next %{<content:encoded>}
|
85
|
+
assert_next %{<![CDATA[ neverending...}
|
86
|
+
assert_end
|
87
|
+
end
|
88
|
+
|
89
|
+
def test_less_than_with_space
|
90
|
+
tokenize %{original < hello > world}
|
91
|
+
assert_next %{original }
|
92
|
+
assert_next %{< hello > world}
|
93
|
+
end
|
94
|
+
|
95
|
+
def test_less_than_without_matching_greater_than
|
96
|
+
tokenize %{hello <span onmouseover="gotcha"\n<b>foo</b>\nbar</span>}
|
97
|
+
assert_next %{hello }
|
98
|
+
assert_next %{<span onmouseover="gotcha"\n}
|
99
|
+
assert_next %{<b>}
|
100
|
+
assert_next %{foo}
|
101
|
+
assert_next %{</b>}
|
102
|
+
assert_next %{\nbar}
|
103
|
+
assert_next %{</span>}
|
104
|
+
assert_end
|
105
|
+
end
|
106
|
+
|
107
|
+
def test_unterminated_comment
|
108
|
+
tokenize %{hello <!-- neverending...}
|
109
|
+
assert_next %{hello }
|
110
|
+
assert_next %{<!-- neverending...}
|
111
|
+
assert_end
|
112
|
+
end
|
113
|
+
|
114
|
+
private
|
115
|
+
|
116
|
+
def tokenize(text)
|
117
|
+
@tokenizer = HTMLDeprecated::Tokenizer.new(text)
|
118
|
+
end
|
119
|
+
|
120
|
+
def assert_next(expected, message=nil)
|
121
|
+
token = @tokenizer.next
|
122
|
+
assert_equal expected, token, message
|
123
|
+
end
|
124
|
+
|
125
|
+
def assert_sequence(*expected)
|
126
|
+
assert_next expected.shift until expected.empty?
|
127
|
+
end
|
128
|
+
|
129
|
+
def assert_end(message=nil)
|
130
|
+
assert_nil @tokenizer.next, message
|
131
|
+
end
|
132
|
+
end
|
metadata
ADDED
@@ -0,0 +1,112 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rails-deprecated_sanitizer-no-registration
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.4
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Kasper Timm Hansen
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-11-21 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: activesupport
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 4.2.0.alpha
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 4.2.0.alpha
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '2.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '2.0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rake
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
description:
|
56
|
+
email:
|
57
|
+
- kaspth@gmail.com
|
58
|
+
executables: []
|
59
|
+
extensions: []
|
60
|
+
extra_rdoc_files: []
|
61
|
+
files:
|
62
|
+
- CHANGELOG.md
|
63
|
+
- LICENSE
|
64
|
+
- README.md
|
65
|
+
- lib/rails-deprecated_sanitizer.rb
|
66
|
+
- lib/rails/deprecated_sanitizer.rb
|
67
|
+
- lib/rails/deprecated_sanitizer/html-scanner.rb
|
68
|
+
- lib/rails/deprecated_sanitizer/html-scanner/html/document.rb
|
69
|
+
- lib/rails/deprecated_sanitizer/html-scanner/html/node.rb
|
70
|
+
- lib/rails/deprecated_sanitizer/html-scanner/html/sanitizer.rb
|
71
|
+
- lib/rails/deprecated_sanitizer/html-scanner/html/selector.rb
|
72
|
+
- lib/rails/deprecated_sanitizer/html-scanner/html/tokenizer.rb
|
73
|
+
- lib/rails/deprecated_sanitizer/html-scanner/html/version.rb
|
74
|
+
- lib/rails/deprecated_sanitizer/version.rb
|
75
|
+
- test/cdata_node_test.rb
|
76
|
+
- test/document_test.rb
|
77
|
+
- test/node_test.rb
|
78
|
+
- test/tag_node_test.rb
|
79
|
+
- test/test_helper.rb
|
80
|
+
- test/text_node_test.rb
|
81
|
+
- test/tokenizer_test.rb
|
82
|
+
homepage: https://github.com/rails/rails-deprecated_sanitizer
|
83
|
+
licenses:
|
84
|
+
- MIT
|
85
|
+
metadata: {}
|
86
|
+
post_install_message:
|
87
|
+
rdoc_options: []
|
88
|
+
require_paths:
|
89
|
+
- lib
|
90
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
91
|
+
requirements:
|
92
|
+
- - ">="
|
93
|
+
- !ruby/object:Gem::Version
|
94
|
+
version: '0'
|
95
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
96
|
+
requirements:
|
97
|
+
- - ">="
|
98
|
+
- !ruby/object:Gem::Version
|
99
|
+
version: '0'
|
100
|
+
requirements: []
|
101
|
+
rubygems_version: 3.0.4
|
102
|
+
signing_key:
|
103
|
+
specification_version: 4
|
104
|
+
summary: Deprecated sanitizer API extracted from Action View.
|
105
|
+
test_files:
|
106
|
+
- test/node_test.rb
|
107
|
+
- test/text_node_test.rb
|
108
|
+
- test/tag_node_test.rb
|
109
|
+
- test/cdata_node_test.rb
|
110
|
+
- test/tokenizer_test.rb
|
111
|
+
- test/test_helper.rb
|
112
|
+
- test/document_test.rb
|