rgrove-sanitize 1.0.6 → 1.0.6.1
Sign up to get free protection for your applications and to get access to all the features.
- data/HISTORY +5 -0
- data/lib/sanitize.rb +1 -1
- metadata +2 -2
data/HISTORY
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Sanitize History
|
|
2
2
|
================================================================================
|
|
3
3
|
|
|
4
|
+
Version 1.0.7 (?)
|
|
5
|
+
* Fixed a bug that caused named character entities containing digits (like
|
|
6
|
+
²) to be escaped when they shouldn't have been. [Reported by Sebastian
|
|
7
|
+
Steinmetz]
|
|
8
|
+
|
|
4
9
|
Version 1.0.6 (2009-02-23)
|
|
5
10
|
* Removed htmlentities gem dependency.
|
|
6
11
|
* Existing well-formed character entity references in the input string are now
|
data/lib/sanitize.rb
CHANGED
|
@@ -46,7 +46,7 @@ class Sanitize
|
|
|
46
46
|
|
|
47
47
|
# Matches an unencoded ampersand that is not part of a valid character entity
|
|
48
48
|
# reference.
|
|
49
|
-
REGEX_AMPERSAND = /&(?!(?:[a-z]
|
|
49
|
+
REGEX_AMPERSAND = /&(?!(?:[a-z]+[0-9]{0,2}|#[0-9]+|#x[0-9a-f]+);)/i
|
|
50
50
|
|
|
51
51
|
# Matches an attribute value that could be treated by a browser as a URL
|
|
52
52
|
# with a protocol prefix, such as "http:" or "javascript:". Any string of zero
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rgrove-sanitize
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.6
|
|
4
|
+
version: 1.0.6.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Grove
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-
|
|
12
|
+
date: 2009-04-01 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|