sanitize 3.0.2 → 3.0.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of sanitize might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: deeb3ae443c40c253cdb678466e2c45c06469287
4
- data.tar.gz: f818071efddc24d9cc59e0d5c265fb82ead463bd
3
+ metadata.gz: 04116455cb1ededd3413abade63532f93664c741
4
+ data.tar.gz: 608d034be8d8b305407f87be7e439e00917a1e62
5
5
  SHA512:
6
- metadata.gz: 8e7d3aea9a7c510e79882c67ed0c51096dbdeb7a492ba93ab632cfac876d06c0c93787e4048834da3520ad880193e29486344e8e510fd985e632cee7c46ef4cf
7
- data.tar.gz: 3d3ce9d3c6585e35bb11d1a9b3b04c7d45602a5d968a704cb977df77ccd32c16b927b6d147c76e3807e50b8649e788ed1b1abe5ec623714dab10190fe1000735
6
+ metadata.gz: d79b43a450dbc1336a9e648f2f33c8675da87dea4068784bafe56b0a71b9b2f11810a660657336a5ace1b7d406bcf9f1a0b16894d9d5bfd000d2ad1ec4bb326c
7
+ data.tar.gz: 5f800eafba144631a99b94f71de49cbf323bf6548ef3b19c2c019718b1d127743007ef9c53c28b2447a4faf89fcfd95fdd996491d6f582aeb95d648d7ccfede1
data/HISTORY.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Sanitize History
2
2
  ================================================================================
3
3
 
4
+ Version 3.0.3 (2014-10-29)
5
+ --------------------------
6
+
7
+ * Fixed: Some CSS selectors weren't parsed correctly inside the body of a
8
+ `@media` block, causing them to be removed even when whitelist rules should
9
+ have allowed them to remain. [#121][121]
10
+
11
+ [121]:https://github.com/rgrove/sanitize/issues/121
12
+
13
+
4
14
  Version 3.0.2 (2014-09-02)
5
15
  --------------------------
6
16
 
data/lib/sanitize/css.rb CHANGED
@@ -143,7 +143,10 @@ class Sanitize; class CSS
143
143
  return nil unless @config[:at_rules].include?(name)
144
144
 
145
145
  if AT_RULES_WITH_STYLES.include?(name)
146
- styles = Crass::Parser.parse_rules(rule[:block][:value],
146
+ # Remove the { and } tokens surrounding the @media block.
147
+ tokens = rule[:block][:tokens][1...-1]
148
+
149
+ styles = Crass::Parser.parse_rules(tokens,
147
150
  :preserve_comments => @config[:allow_comments],
148
151
  :preserve_hacks => @config[:allow_hacks])
149
152
 
@@ -1,5 +1,5 @@
1
1
  # encoding: utf-8
2
2
 
3
3
  class Sanitize
4
- VERSION = '3.0.2'
4
+ VERSION = '3.0.3'
5
5
  end
@@ -219,4 +219,31 @@ describe 'Sanitize::CSS' do
219
219
  end
220
220
  end
221
221
  end
222
+
223
+ describe 'bugs' do
224
+ before do
225
+ @default = Sanitize::CSS.new
226
+ @relaxed = Sanitize::CSS.new(Sanitize::Config::RELAXED[:css])
227
+ end
228
+
229
+ # https://github.com/rgrove/sanitize/issues/121
230
+ it 'should parse the contents of @media rules properly' do
231
+ css = '@media { p[class="center"] { text-align: center; }}'
232
+ @relaxed.stylesheet(css).must_equal css
233
+
234
+ css = %[
235
+ @media (max-width: 720px) {
236
+ p.foo > .bar { float: right; width: expression(body.scrollLeft + 50 + 'px'); }
237
+ #baz { color: green; }
238
+ }
239
+ ].strip
240
+
241
+ @relaxed.stylesheet(css).must_equal %[
242
+ @media (max-width: 720px) {
243
+ p.foo > .bar { float: right; }
244
+ #baz { color: green; }
245
+ }
246
+ ].strip
247
+ end
248
+ end
222
249
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sanitize
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.2
4
+ version: 3.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Grove
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-09-03 00:00:00.000000000 Z
11
+ date: 2014-10-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: crass