sanitize 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. data/HISTORY +4 -0
  2. data/README.rdoc +2 -1
  3. data/lib/sanitize.rb +4 -3
  4. metadata +2 -2
data/HISTORY CHANGED
@@ -1,6 +1,10 @@
1
1
  Sanitize History
2
2
  ================================================================================
3
3
 
4
+ Version 1.0.2 (2009-01-04)
5
+ * Fixed a bug that caused an exception to be thrown when parsing a valueless
6
+ attribute that's expected to contain a URL.
7
+
4
8
  Version 1.0.1 (2009-01-01)
5
9
  * You can now specify :relative in a protocol config array to allow attributes
6
10
  containing relative URLs with no protocol. The Basic and Relaxed configs
data/README.rdoc CHANGED
@@ -15,7 +15,7 @@ or maliciously-formed HTML. When in doubt, Sanitize always errs on the side of
15
15
  caution.
16
16
 
17
17
  *Author*:: Ryan Grove (mailto:ryan@wonko.com)
18
- *Version*:: 1.0.1 (2009-01-01)
18
+ *Version*:: 1.0.2 (2009-01-04)
19
19
  *Copyright*:: Copyright (c) 2009 Ryan Grove. All rights reserved.
20
20
  *License*:: MIT License (http://opensource.org/licenses/mit-license.php)
21
21
  *Website*:: http://github.com/rgrove/sanitize
@@ -24,6 +24,7 @@ caution.
24
24
 
25
25
  * RubyGems
26
26
  * Hpricot 0.6+
27
+ * HTMLEntities 4.0.0+
27
28
 
28
29
  == Usage
29
30
 
data/lib/sanitize.rb CHANGED
@@ -85,7 +85,7 @@ class Sanitize
85
85
  if node.comment?
86
86
  node.swap('') unless @config[:allow_comments]
87
87
  elsif node.elem?
88
- name = node.name.downcase
88
+ name = node.name.to_s.downcase
89
89
 
90
90
  # Delete any element that isn't in the whitelist.
91
91
  unless @config[:elements].include?(name)
@@ -96,7 +96,7 @@ class Sanitize
96
96
  if @config[:attributes].has_key?(name)
97
97
  # Delete any attribute that isn't in the whitelist for this element.
98
98
  node.raw_attributes.delete_if do |key, value|
99
- !@config[:attributes][name].include?(key.downcase)
99
+ !@config[:attributes][name].include?(key.to_s.downcase)
100
100
  end
101
101
 
102
102
  # Delete remaining attributes that use unacceptable protocols.
@@ -105,8 +105,9 @@ class Sanitize
105
105
 
106
106
  node.raw_attributes.delete_if do |key, value|
107
107
  next false unless protocol.has_key?(key)
108
+ next true if value.nil?
108
109
 
109
- if value.downcase =~ /^([^:]+)(?:\:|&#0*58;|&#x0*3a;)/
110
+ if value.to_s.downcase =~ /^([^:]+)(?:\:|&#0*58;|&#x0*3a;)/
110
111
  !protocol[key].include?($1.downcase)
111
112
  else
112
113
  !protocol[key].include?(:relative)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sanitize
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Grove
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-01-01 00:00:00 -08:00
12
+ date: 2009-01-04 00:00:00 -08:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency