sanitize 4.4.0 → 4.5.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sanitize might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/HISTORY.md +11 -0
- data/lib/sanitize.rb +1 -1
- data/lib/sanitize/config/relaxed.rb +27 -0
- data/lib/sanitize/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3d044396a7f8807c0907944b0bd4ac1ca7a04f42
|
4
|
+
data.tar.gz: cae7156d36f0a6a02ccf210d56ac43d763cdc4d5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 294784d899e87313c865d14f5ff9eaacb09d1face94616d2c3725ba96a8cfcd62e820853f2cd3de9ea6a542cee4ad1ea49e111e03e5bd3d253b9c20ddefe1923
|
7
|
+
data.tar.gz: 4d889afacbe678b20e477a683cd2252773d5658e103822f1d3717c1b5d31ad3163cfb3c21d892f3e36450ecc0e8207feec821844f7cedaab438c2d6dd053b765
|
data/HISTORY.md
CHANGED
@@ -1,5 +1,16 @@
|
|
1
1
|
# Sanitize History
|
2
2
|
|
3
|
+
## 4.5.0 (2017-06-04)
|
4
|
+
|
5
|
+
* Added SVG-related CSS properties to the relaxed config. See [the diff][161]
|
6
|
+
for the full list of added properties. [@louim - #161][161]
|
7
|
+
|
8
|
+
* Fixed: Sanitize now strips null bytes (`\u0000`) before passing input to
|
9
|
+
Nokogumbo, since they can cause recent versions to crash with a failed
|
10
|
+
assertion in the Gumbo parser.
|
11
|
+
|
12
|
+
[161]:https://github.com/rgrove/sanitize/pull/161
|
13
|
+
|
3
14
|
## 4.4.0 (2016-09-29)
|
4
15
|
|
5
16
|
* Added `srcset` to the attribute whitelist for `img` elements in the relaxed
|
data/lib/sanitize.rb
CHANGED
@@ -30,7 +30,7 @@ class Sanitize
|
|
30
30
|
# it to the parser.
|
31
31
|
#
|
32
32
|
# http://www.w3.org/TR/unicode-xml/#Charlist
|
33
|
-
REGEX_UNSUITABLE_CHARS = /[\u0340\u0341\u17a3\u17d3\u2028\u2029\u202a-\u202e\u206a-\u206f\ufff9-\ufffb\ufeff\ufffc\u{1d173}-\u{1d17a}\u{e0000}-\u{e007f}]/u
|
33
|
+
REGEX_UNSUITABLE_CHARS = /[\u0000\u0340\u0341\u17a3\u17d3\u2028\u2029\u202a-\u202e\u206a-\u206f\ufff9-\ufffb\ufeff\ufffc\u{1d173}-\u{1d17a}\u{e0000}-\u{e007f}]/u
|
34
34
|
|
35
35
|
#--
|
36
36
|
# Class Methods
|
@@ -431,7 +431,10 @@ class Sanitize
|
|
431
431
|
clip-path
|
432
432
|
clip-rule
|
433
433
|
color
|
434
|
+
color-interpolation
|
434
435
|
color-interpolation-filters
|
436
|
+
color-profile
|
437
|
+
color-rendering
|
435
438
|
column-count
|
436
439
|
column-fill
|
437
440
|
column-gap
|
@@ -460,6 +463,10 @@ class Sanitize
|
|
460
463
|
dominant-baseline
|
461
464
|
elevation
|
462
465
|
empty-cells
|
466
|
+
enable-background
|
467
|
+
fill
|
468
|
+
fill-opacity
|
469
|
+
fill-rule
|
463
470
|
filter
|
464
471
|
flex
|
465
472
|
flex-basis
|
@@ -492,6 +499,8 @@ class Sanitize
|
|
492
499
|
font-variant-numeric
|
493
500
|
font-variant-position
|
494
501
|
font-weight
|
502
|
+
glyph-orientation-horizontal
|
503
|
+
glyph-orientation-vertical
|
495
504
|
grid
|
496
505
|
grid-area
|
497
506
|
grid-auto-columns
|
@@ -520,6 +529,7 @@ class Sanitize
|
|
520
529
|
justify-content
|
521
530
|
justify-items
|
522
531
|
justify-self
|
532
|
+
kerning
|
523
533
|
left
|
524
534
|
letter-spacing
|
525
535
|
lighting-color
|
@@ -541,8 +551,12 @@ class Sanitize
|
|
541
551
|
margin-left
|
542
552
|
margin-right
|
543
553
|
margin-top
|
554
|
+
marker
|
555
|
+
marker-end
|
556
|
+
marker-mid
|
544
557
|
marker-offset
|
545
558
|
marker-side
|
559
|
+
marker-start
|
546
560
|
marks
|
547
561
|
mask
|
548
562
|
mask-box
|
@@ -602,6 +616,7 @@ class Sanitize
|
|
602
616
|
pitch
|
603
617
|
pitch-range
|
604
618
|
play-during
|
619
|
+
pointer-events
|
605
620
|
position
|
606
621
|
presentation-level
|
607
622
|
quotes
|
@@ -620,6 +635,7 @@ class Sanitize
|
|
620
635
|
shape-image-threshold
|
621
636
|
shape-margin
|
622
637
|
shape-outside
|
638
|
+
shape-rendering
|
623
639
|
size
|
624
640
|
speak
|
625
641
|
speak-as
|
@@ -627,12 +643,23 @@ class Sanitize
|
|
627
643
|
speak-numeral
|
628
644
|
speak-punctuation
|
629
645
|
speech-rate
|
646
|
+
stop-color
|
647
|
+
stop-opacity
|
630
648
|
stress
|
631
649
|
string-set
|
650
|
+
stroke
|
651
|
+
stroke-dasharray
|
652
|
+
stroke-dashoffset
|
653
|
+
stroke-linecap
|
654
|
+
stroke-linejoin
|
655
|
+
stroke-miterlimit
|
656
|
+
stroke-opacity
|
657
|
+
stroke-width
|
632
658
|
tab-size
|
633
659
|
table-layout
|
634
660
|
text-align
|
635
661
|
text-align-last
|
662
|
+
text-anchor
|
636
663
|
text-combine-horizontal
|
637
664
|
text-combine-upright
|
638
665
|
text-decoration
|
data/lib/sanitize/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sanitize
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ryan Grove
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-06-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: crass
|
@@ -58,28 +58,28 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: 5.
|
61
|
+
version: 5.10.2
|
62
62
|
type: :development
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: 5.
|
68
|
+
version: 5.10.2
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: rake
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
73
|
- - "~>"
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version:
|
75
|
+
version: 12.0.0
|
76
76
|
type: :development
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
80
|
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version:
|
82
|
+
version: 12.0.0
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
84
|
name: redcarpet
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|