rgrove-sanitize 1.0.6 → 1.0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/HISTORY +5 -0
- data/lib/sanitize.rb +1 -1
- metadata +2 -2
data/HISTORY
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Sanitize History
|
|
2
2
|
================================================================================
|
|
3
3
|
|
|
4
|
+
Version 1.0.7 (?)
|
|
5
|
+
* Fixed a bug that caused named character entities containing digits (like
|
|
6
|
+
²) to be escaped when they shouldn't have been. [Reported by Sebastian
|
|
7
|
+
Steinmetz]
|
|
8
|
+
|
|
4
9
|
Version 1.0.6 (2009-02-23)
|
|
5
10
|
* Removed htmlentities gem dependency.
|
|
6
11
|
* Existing well-formed character entity references in the input string are now
|
data/lib/sanitize.rb
CHANGED
|
@@ -46,7 +46,7 @@ class Sanitize
|
|
|
46
46
|
|
|
47
47
|
# Matches an unencoded ampersand that is not part of a valid character entity
|
|
48
48
|
# reference.
|
|
49
|
-
REGEX_AMPERSAND = /&(?!(?:[a-z]
|
|
49
|
+
REGEX_AMPERSAND = /&(?!(?:[a-z]+[0-9]{0,2}|#[0-9]+|#x[0-9a-f]+);)/i
|
|
50
50
|
|
|
51
51
|
# Matches an attribute value that could be treated by a browser as a URL
|
|
52
52
|
# with a protocol prefix, such as "http:" or "javascript:". Any string of zero
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rgrove-sanitize
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.6
|
|
4
|
+
version: 1.0.6.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Grove
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-
|
|
12
|
+
date: 2009-04-01 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|