ruby-saml 0.8.3 → 0.8.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of ruby-saml might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/changelog.md +3 -0
- data/lib/onelogin/ruby-saml/utils.rb +1 -1
- data/lib/onelogin/ruby-saml/version.rb +1 -1
- data/test/utils_test.rb +41 -0
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f485d8f86fc7bab5dccd17139c2b4c47f06d2ca7
|
|
4
|
+
data.tar.gz: b01df64b87b3eb6f6765960dc8bc4a5f7c4349dc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 88de3d60dadfb99be4e9158aaedae71165144150b8f88104c2cc130567ca61f859eebf0ca39ca44f4da56dbd1f36f2bfb8cbb66e2337a4da8cb3359703432cef
|
|
7
|
+
data.tar.gz: 2c4fce97b7b9ff0c4763199dd6b0a3f926fcc349617e5d2b5b717f5a131856fa2736ba85992ecf9a256801875ff6e919961363a1031652c52a1d80b2b742d66e
|
data/changelog.md
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
# RubySaml Changelog
|
|
2
2
|
|
|
3
|
+
### 0.8.4 (March 5, 2018)
|
|
4
|
+
* Improve the fix for CVE-2017-11428 to parse CDATA properly
|
|
5
|
+
|
|
3
6
|
### 0.8.3 (Feb 27, 2018)
|
|
4
7
|
* Fix vulnerability CVE-2017-11428. Process text of nodes properly, ignoring comments
|
|
5
8
|
* Fix DigestMethod lookup bug #144
|
|
@@ -8,7 +8,7 @@ module OneLogin
|
|
|
8
8
|
# that there all children other than text nodes can be ignored (e.g. comments). If nil is
|
|
9
9
|
# passed, nil will be returned.
|
|
10
10
|
def self.element_text(element)
|
|
11
|
-
element.texts.join if element
|
|
11
|
+
element.texts.map(&:value).join if element
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
end
|
data/test/utils_test.rb
ADDED
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
require File.expand_path(File.join(File.dirname(__FILE__), "test_helper"))
|
|
2
|
+
|
|
3
|
+
class UtilsTest < Test::Unit::TestCase
|
|
4
|
+
context "Utils" do
|
|
5
|
+
context 'element_text' do
|
|
6
|
+
should 'returns the element text' do
|
|
7
|
+
element = REXML::Document.new('<element>element text</element>').elements.first
|
|
8
|
+
assert_equal 'element text', OneLogin::RubySaml::Utils.element_text(element)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
should 'returns all segments of the element text' do
|
|
12
|
+
element = REXML::Document.new('<element>element <!-- comment -->text</element>').elements.first
|
|
13
|
+
assert_equal 'element text', OneLogin::RubySaml::Utils.element_text(element)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
should 'returns normalized element text' do
|
|
17
|
+
element = REXML::Document.new('<element>element & text</element>').elements.first
|
|
18
|
+
assert_equal 'element & text', OneLogin::RubySaml::Utils.element_text(element)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
should 'returns the CDATA element text' do
|
|
22
|
+
element = REXML::Document.new('<element><![CDATA[element & text]]></element>').elements.first
|
|
23
|
+
assert_equal 'element & text', OneLogin::RubySaml::Utils.element_text(element)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
should 'returns the element text with newlines and additional whitespace' do
|
|
27
|
+
element = REXML::Document.new("<element> element \n text </element>").elements.first
|
|
28
|
+
assert_equal " element \n text ", OneLogin::RubySaml::Utils.element_text(element)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
should 'returns nil when element is nil' do
|
|
32
|
+
assert_nil OneLogin::RubySaml::Utils.element_text(nil)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
should 'returns empty string when element has no text' do
|
|
36
|
+
element = REXML::Document.new('<element></element>').elements.first
|
|
37
|
+
assert_equal '', OneLogin::RubySaml::Utils.element_text(element)
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby-saml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- OneLogin LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-03-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: uuid
|
|
@@ -99,6 +99,7 @@ files:
|
|
|
99
99
|
- test/responses/wrapped_response_2.xml.base64
|
|
100
100
|
- test/settings_test.rb
|
|
101
101
|
- test/test_helper.rb
|
|
102
|
+
- test/utils_test.rb
|
|
102
103
|
- test/xml_security_test.rb
|
|
103
104
|
homepage: http://github.com/onelogin/ruby-saml
|
|
104
105
|
licenses: []
|
|
@@ -153,4 +154,5 @@ test_files:
|
|
|
153
154
|
- test/responses/wrapped_response_2.xml.base64
|
|
154
155
|
- test/settings_test.rb
|
|
155
156
|
- test/test_helper.rb
|
|
157
|
+
- test/utils_test.rb
|
|
156
158
|
- test/xml_security_test.rb
|