safe_redirect 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/safe_redirect/safe_redirect.rb +2 -2
  3. data/lib/safe_redirect/version.rb +1 -1
  4. data/spec/lib/safe_redirect/safe_redirect_spec.rb +7 -2
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: def94975a8c7c916dbf8d0a1f515d6c326648e11
4
- data.tar.gz: d3dba9b3db5f6976130deb2c84fcdb985382bc0f
3
+ metadata.gz: 43ed422140bec3e839934d1ee42c78a5880d3330
4
+ data.tar.gz: 281fee30b7c0561af01dab24e6648acace4cac40
5
5
  SHA512:
6
- metadata.gz: af3862f529a3febcabe1e5e39452dc082c9ee4c82b34c25d08109fdfa3d7ea4e8f994169357a1edd666e1d0ac2aec3eec1264d72fcb08bff8d923992ac9f0d2f
7
- data.tar.gz: af9e318bcfe8b2ee50678546b209fa68295f937a4359bd0acece8297a6ae674811e4b6b386ad19a977f8dff6c3270659e56c48ee3c2c43fd523aa57f79b5d63c
6
+ metadata.gz: 359447032c5989940323a03c422b21d72eac5d4ca48b49c2d70ac22f90a5b2c5463417c12c21f1890dd0895f3178cfb3e6ffe04b5a3d4bb42ea931df05e13673
7
+ data.tar.gz: 0c4d28bd7613577ae102cf20e77852bf6888471416b4ef635bb05084a17d81ddfd15f7dc0b9093f5fe57c813c981bc60e62def8947fd25927ea1363fd9a83430
data/lib/safe_redirect/safe_redirect.rb CHANGED
@@ -28,8 +28,8 @@ module SafeRedirect
28
28
  stripped_path = path.strip
29
29
  unless safe_domain?(stripped_path)
30
30
  stripped_path.gsub!(/https?:\/\/[a-z0-9\-\.:@]*/i, '')
31
- stripped_path.gsub!(/^(data:|javascript:|\.|\/\/|@)+/i, '')
31
+ stripped_path.gsub!(/^(data:|javascript:|\.|\/\/|@)+[a-z0-9\-\.:@]*/i, '')
32
32
  end
33
- stripped_path
33
+ stripped_path.empty? ? '/' : stripped_path
34
34
  end
35
35
  end
data/lib/safe_redirect/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SafeRedirect
2
- VERSION = '0.1.3'
2
+ VERSION = '0.1.4'
3
3
  end
data/spec/lib/safe_redirect/safe_redirect_spec.rb CHANGED
@@ -39,7 +39,7 @@ module SafeRedirect
39
39
  end
40
40
 
41
41
  it "considers // an unsafe path" do
42
- expect(Controller.safe_path('//')).to eq('')
42
+ expect(Controller.safe_path('//')).to eq('/')
43
43
  end
44
44
 
45
45
  it "considers http://www.twitter.com a safe path" do
@@ -51,7 +51,12 @@ module SafeRedirect
51
51
  end
52
52
 
53
53
  it "considers https://www.bukalapak.com@google.com an unsafe path" do
54
- expect(Controller.safe_path('https://www.bukalapak.com@google.com')).to eq('')
54
+ expect(Controller.safe_path('https://www.bukalapak.com@google.com')).to eq('/')
55
+ end
56
+
57
+ it "considers .@@@google.com an unsafe path" do
58
+ expect(Controller.safe_path('.@@@google.com')).to eq('/')
59
+ expect(Controller.safe_path('.@@@google.com/search')).to eq('/search')
55
60
  end
56
61
 
57
62
  it "can use redirect_to method with only the target path" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: safe_redirect
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Edwin Tunggawan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-05-04 00:00:00.000000000 Z
11
+ date: 2016-05-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec