sanitize 1.0.7 → 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/HISTORY +6 -0
- data/README.rdoc +2 -1
- data/lib/sanitize.rb +1 -0
- metadata +3 -3
data/HISTORY
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
Sanitize History
|
|
2
2
|
================================================================================
|
|
3
3
|
|
|
4
|
+
Version 1.0.8 (2009-04-23)
|
|
5
|
+
* Added a workaround for an Hpricot bug that prevents attribute names from
|
|
6
|
+
being downcased in recent versions of Hpricot. This was exploitable to
|
|
7
|
+
prevent non-whitelisted protocols from being cleaned. [Reported by Ben
|
|
8
|
+
Wanicur]
|
|
9
|
+
|
|
4
10
|
Version 1.0.7 (2009-04-11)
|
|
5
11
|
* Requires Hpricot 0.8.1+, which is finally compatible with Ruby 1.9.1.
|
|
6
12
|
* Fixed a bug that caused named character entities containing digits (like
|
data/README.rdoc
CHANGED
|
@@ -15,7 +15,7 @@ or maliciously-formed HTML. When in doubt, Sanitize always errs on the side of
|
|
|
15
15
|
caution.
|
|
16
16
|
|
|
17
17
|
*Author*:: Ryan Grove (mailto:ryan@wonko.com)
|
|
18
|
-
*Version*:: 1.0.
|
|
18
|
+
*Version*:: 1.0.8 (2009-04-23)
|
|
19
19
|
*Copyright*:: Copyright (c) 2009 Ryan Grove. All rights reserved.
|
|
20
20
|
*License*:: MIT License (http://opensource.org/licenses/mit-license.php)
|
|
21
21
|
*Website*:: http://github.com/rgrove/sanitize
|
|
@@ -145,6 +145,7 @@ or ideas that later became code:
|
|
|
145
145
|
* Adam Hooper <adam@adamhooper.com>
|
|
146
146
|
* Mutwin Kraus <mutle@blogage.de>
|
|
147
147
|
* Dev Purkayastha <dev.purkayastha@gmail.com>
|
|
148
|
+
* Ben Wanicur <bwanicur@verticalresponse.com>
|
|
148
149
|
|
|
149
150
|
== License
|
|
150
151
|
|
data/lib/sanitize.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sanitize
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Grove
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-04-
|
|
12
|
+
date: 2009-04-23 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -61,7 +61,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
61
61
|
requirements: []
|
|
62
62
|
|
|
63
63
|
rubyforge_project:
|
|
64
|
-
rubygems_version: 1.
|
|
64
|
+
rubygems_version: 1.2.0
|
|
65
65
|
signing_key:
|
|
66
66
|
specification_version: 2
|
|
67
67
|
summary: Whitelist-based HTML sanitizer.
|