sanitize 4.1.0 → 4.2.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of sanitize might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: db5b47018757eca02968cca236fae793558f28a3
4
- data.tar.gz: 2556f1ebfb26b038190f334a39aff61315cd57b0
3
+ metadata.gz: abb1df5c4bd3af158380b4fd3125ab354f0d8cfa
4
+ data.tar.gz: 9e418edd6b360cb64579d5cd1e57f9e4acb8e527
5
5
  SHA512:
6
- metadata.gz: 2ddad668c07d8440a7e3bd4ccf4a066f6c1f0a7d9aeb8a0f43bd04569c8b5dd7959130d50c0725f902fa6f1bf8ed930b4d00ee4fa977f3364702d53387463b39
7
- data.tar.gz: 677279ef0d92a8e1d96e1ac28cfa12a5e4934887952a75dc891a5f37014352b8369f5effc1e480a10ae10363724840dbb1a9b5ec7b60b317a501ec370811d5b4
6
+ metadata.gz: 78570f43744763cddcc1eee64bc62f2d315cbf544b21c022ee49184b30f680d294388d8d63fac8bd6fefdaff7acc202bdcd30ff3dc7418d0bd802c661eeb2fad
7
+ data.tar.gz: 2fe95ba29fede36ba37f0d28e58336369cf3745936ef9397ee27872f8586e25ba10568911d67225928aa905141b6a692a2afc5d959f25dc329014cd5ecff9def
data/HISTORY.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # Sanitize History
2
2
 
3
+ ## 4.2.0 (2016-08-22)
4
+
5
+ * Added `-webkit-font-smoothing` to the relaxed CSS config. [@louim - #154][154]
6
+
7
+ * Fixed: Nokogumbo >=1.4.9 changed its behavior in a way that allowed invalid
8
+ doctypes (like `<!DOCTYPE nonsense>`) when the `:allow_doctype` config setting
9
+ was `true`. Invalid doctypes are now coerced to valid ones as they were prior
10
+ to this Nokogumbo change.
11
+
12
+ [154]:https://github.com/rgrove/sanitize/pull/154
13
+
14
+
3
15
  ## 4.1.0 (2016-06-17)
4
16
 
5
17
  * Added a new CSS config setting, `:import_url_validator`. This is a Proc or
data/lib/sanitize.rb CHANGED
@@ -82,7 +82,6 @@ class Sanitize
82
82
  # Default transformers always run at the end of the chain, after any custom
83
83
  # transformers.
84
84
  @transformers << Transformers::CleanComment unless @config[:allow_comments]
85
- @transformers << Transformers::CleanDoctype unless @config[:allow_doctype]
86
85
 
87
86
  if @config[:elements].include?('style')
88
87
  scss = Sanitize::CSS.new(config)
@@ -95,6 +94,7 @@ class Sanitize
95
94
  end
96
95
 
97
96
  @transformers <<
97
+ Transformers::CleanDoctype <<
98
98
  Transformers::CleanCDATA <<
99
99
  Transformers::CleanElement.new(@config)
100
100
  end
@@ -254,6 +254,7 @@ class Sanitize
254
254
  -webkit-flow-from
255
255
  -webkit-flow-into
256
256
  -webkit-font-size-delta
257
+ -webkit-font-smoothing
257
258
  -webkit-grid-area
258
259
  -webkit-grid-auto-columns
259
260
  -webkit-grid-auto-flow
@@ -3,10 +3,16 @@
3
3
  class Sanitize; module Transformers
4
4
 
5
5
  CleanDoctype = lambda do |env|
6
+ return if env[:is_whitelisted]
7
+
6
8
  node = env[:node]
7
9
 
8
10
  if node.type == Nokogiri::XML::Node::DTD_NODE
9
- node.unlink unless env[:is_whitelisted]
11
+ if env[:config][:allow_doctype]
12
+ node.name = 'html'
13
+ else
14
+ node.unlink
15
+ end
10
16
  end
11
17
  end
12
18
 
@@ -1,5 +1,5 @@
1
1
  # encoding: utf-8
2
2
 
3
3
  class Sanitize
4
- VERSION = '4.1.0'
4
+ VERSION = '4.2.0'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sanitize
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.1.0
4
+ version: 4.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Grove
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-17 00:00:00.000000000 Z
11
+ date: 2016-08-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: crass