sanitize 1.0.6 → 1.0.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. data/HISTORY +6 -0
  2. data/README.rdoc +1 -1
  3. data/lib/sanitize.rb +2 -2
  4. metadata +4 -4
data/HISTORY CHANGED
@@ -1,6 +1,12 @@
1
1
  Sanitize History
2
2
  ================================================================================
3
3
 
4
+ Version 1.0.7 (2009-04-11)
5
+ * Requires Hpricot 0.8.1+, which is finally compatible with Ruby 1.9.1.
6
+ * Fixed a bug that caused named character entities containing digits (like
7
+ ²) to be escaped when they shouldn't have been. [Reported by Sebastian
8
+ Steinmetz]
9
+
4
10
  Version 1.0.6 (2009-02-23)
5
11
  * Removed htmlentities gem dependency.
6
12
  * Existing well-formed character entity references in the input string are now
data/README.rdoc CHANGED
@@ -15,7 +15,7 @@ or maliciously-formed HTML. When in doubt, Sanitize always errs on the side of
15
15
  caution.
16
16
 
17
17
  *Author*:: Ryan Grove (mailto:ryan@wonko.com)
18
- *Version*:: 1.0.6 (2009-02-23)
18
+ *Version*:: 1.0.7 (2009-04-11)
19
19
  *Copyright*:: Copyright (c) 2009 Ryan Grove. All rights reserved.
20
20
  *License*:: MIT License (http://opensource.org/licenses/mit-license.php)
21
21
  *Website*:: http://github.com/rgrove/sanitize
data/lib/sanitize.rb CHANGED
@@ -26,7 +26,7 @@ $:.uniq!
26
26
 
27
27
  require 'rubygems'
28
28
 
29
- gem 'hpricot', '~> 0.6'
29
+ gem 'hpricot', '~> 0.8.1'
30
30
 
31
31
  require 'hpricot'
32
32
  require 'sanitize/config'
@@ -46,7 +46,7 @@ class Sanitize
46
46
 
47
47
  # Matches an unencoded ampersand that is not part of a valid character entity
48
48
  # reference.
49
- REGEX_AMPERSAND = /&(?!(?:[a-z]+|#[0-9]+|#x[0-9a-f]+);)/i
49
+ REGEX_AMPERSAND = /&(?!(?:[a-z]+[0-9]{0,2}|#[0-9]+|#x[0-9a-f]+);)/i
50
50
 
51
51
  # Matches an attribute value that could be treated by a browser as a URL
52
52
  # with a protocol prefix, such as "http:" or "javascript:". Any string of zero
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sanitize
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.6
4
+ version: 1.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Grove
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-02-23 00:00:00 -08:00
12
+ date: 2009-04-11 00:00:00 -07:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -20,7 +20,7 @@ dependencies:
20
20
  requirements:
21
21
  - - ~>
22
22
  - !ruby/object:Gem::Version
23
- version: "0.6"
23
+ version: 0.8.1
24
24
  version:
25
25
  description:
26
26
  email: ryan@wonko.com
@@ -61,7 +61,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
61
61
  requirements: []
62
62
 
63
63
  rubyforge_project:
64
- rubygems_version: 1.2.0
64
+ rubygems_version: 1.3.1
65
65
  signing_key:
66
66
  specification_version: 2
67
67
  summary: Whitelist-based HTML sanitizer.