safe_redirect 0.1.7 → 0.1.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/safe_redirect/safe_redirect.rb +1 -1
- data/lib/safe_redirect/version.rb +1 -1
- metadata +2 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9bea54db6f46e150f339c0a34d2778c5a0ccb9ec
|
4
|
+
data.tar.gz: 1df29a162b56ac46989c29d1f06285cbd25da584
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5eceec28da87fa63b50e530c9529f56bd4fbdbeaea2f5c11329c4ca8b7dc60e9c4f87bedddf08250f86fff956933367332392131caf4be1b680883a39918453d
|
7
|
+
data.tar.gz: 574dcad181101890960caea28171a47f4d3e621c0afa561d804795afd18d4d3a832a05e9dc30d894069a39d9b19fba5b6de40dbd7a3cfcf4452e9c0c92f58c80
|
@@ -29,7 +29,7 @@ module SafeRedirect
|
|
29
29
|
stripped_path = path.strip
|
30
30
|
unless safe_domain?(stripped_path)
|
31
31
|
stripped_path.gsub!(/https?:\/\/[a-z0-9\-\.:@]*/i, '')
|
32
|
-
stripped_path.gsub!(/^((https?:|data:|javascript
|
32
|
+
stripped_path.gsub!(/^((https?:|data:|javascript:|\.|\/\/|@|%25%40)+[a-z0-9\-\.:@%]*)+/i, '')
|
33
33
|
end
|
34
34
|
stripped_path.empty? ? '/' : stripped_path
|
35
35
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: safe_redirect
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Edwin Tunggawan
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-06-
|
11
|
+
date: 2016-06-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|
@@ -71,4 +71,3 @@ test_files:
|
|
71
71
|
- spec/lib/safe_redirect/configuration_spec.rb
|
72
72
|
- spec/lib/safe_redirect/safe_redirect_spec.rb
|
73
73
|
- spec/spec_helper.rb
|
74
|
-
has_rdoc:
|