sanitize 6.1.3 → 7.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,47 +1,48 @@
1
- # encoding: utf-8
2
- require_relative 'common'
1
+ # frozen_string_literal: true
3
2
 
4
- describe 'Sanitize::Transformers::CleanComment' do
3
+ require_relative "common"
4
+
5
+ describe "Sanitize::Transformers::CleanComment" do
5
6
  make_my_diffs_pretty!
6
7
  parallelize_me!
7
8
 
8
- describe 'when :allow_comments is false' do
9
+ describe "when :allow_comments is false" do
9
10
  before do
10
- @s = Sanitize.new(:allow_comments => false, :elements => ['div'])
11
+ @s = Sanitize.new(allow_comments: false, elements: ["div"])
11
12
  end
12
13
 
13
- it 'should remove comments' do
14
- _(@s.fragment('foo <!-- comment --> bar')).must_equal 'foo bar'
15
- _(@s.fragment('foo <!-- ')).must_equal 'foo '
16
- _(@s.fragment('foo <!-- - -> bar')).must_equal 'foo '
17
- _(@s.fragment("foo <!--\n\n\n\n-->bar")).must_equal 'foo bar'
18
- _(@s.fragment("foo <!-- <!-- <!-- --> --> -->bar")).must_equal 'foo --&gt; --&gt;bar'
19
- _(@s.fragment("foo <div <!-- comment -->>bar</div>")).must_equal 'foo <div>&gt;bar</div>'
14
+ it "should remove comments" do
15
+ _(@s.fragment("foo <!-- comment --> bar")).must_equal "foo bar"
16
+ _(@s.fragment("foo <!-- ")).must_equal "foo "
17
+ _(@s.fragment("foo <!-- - -> bar")).must_equal "foo "
18
+ _(@s.fragment("foo <!--\n\n\n\n-->bar")).must_equal "foo bar"
19
+ _(@s.fragment("foo <!-- <!-- <!-- --> --> -->bar")).must_equal "foo --&gt; --&gt;bar"
20
+ _(@s.fragment("foo <div <!-- comment -->>bar</div>")).must_equal "foo <div>&gt;bar</div>"
20
21
 
21
22
  # Special case: the comment markup is inside a <script>, which makes it
22
23
  # text content and not an actual HTML comment.
23
- _(@s.fragment("<script><!-- comment --></script>")).must_equal ''
24
+ _(@s.fragment("<script><!-- comment --></script>")).must_equal ""
24
25
 
25
- _(Sanitize.fragment("<script><!-- comment --></script>", :allow_comments => false, :elements => ['script']))
26
- .must_equal '<script><!-- comment --></script>'
26
+ _(Sanitize.fragment("<script><!-- comment --></script>", allow_comments: false, elements: ["script"]))
27
+ .must_equal "<script><!-- comment --></script>"
27
28
  end
28
29
  end
29
30
 
30
- describe 'when :allow_comments is true' do
31
+ describe "when :allow_comments is true" do
31
32
  before do
32
- @s = Sanitize.new(:allow_comments => true, :elements => ['div'])
33
+ @s = Sanitize.new(allow_comments: true, elements: ["div"])
33
34
  end
34
35
 
35
- it 'should allow comments' do
36
- _(@s.fragment('foo <!-- comment --> bar')).must_equal 'foo <!-- comment --> bar'
37
- _(@s.fragment('foo <!-- ')).must_equal 'foo <!-- -->'
38
- _(@s.fragment('foo <!-- - -> bar')).must_equal 'foo <!-- - -> bar-->'
36
+ it "should allow comments" do
37
+ _(@s.fragment("foo <!-- comment --> bar")).must_equal "foo <!-- comment --> bar"
38
+ _(@s.fragment("foo <!-- ")).must_equal "foo <!-- -->"
39
+ _(@s.fragment("foo <!-- - -> bar")).must_equal "foo <!-- - -> bar-->"
39
40
  _(@s.fragment("foo <!--\n\n\n\n-->bar")).must_equal "foo <!--\n\n\n\n-->bar"
40
- _(@s.fragment("foo <!-- <!-- <!-- --> --> -->bar")).must_equal 'foo <!-- <!-- <!-- --> --&gt; --&gt;bar'
41
- _(@s.fragment("foo <div <!-- comment -->>bar</div>")).must_equal 'foo <div>&gt;bar</div>'
41
+ _(@s.fragment("foo <!-- <!-- <!-- --> --> -->bar")).must_equal "foo <!-- <!-- <!-- --> --&gt; --&gt;bar"
42
+ _(@s.fragment("foo <div <!-- comment -->>bar</div>")).must_equal "foo <div>&gt;bar</div>"
42
43
 
43
- _(Sanitize.fragment("<script><!-- comment --></script>", :allow_comments => true, :elements => ['script']))
44
- .must_equal '<script><!-- comment --></script>'
44
+ _(Sanitize.fragment("<script><!-- comment --></script>", allow_comments: true, elements: ["script"]))
45
+ .must_equal "<script><!-- comment --></script>"
45
46
  end
46
47
  end
47
48
  end
@@ -1,7 +1,8 @@
1
- # encoding: utf-8
2
- require_relative 'common'
1
+ # frozen_string_literal: true
3
2
 
4
- describe 'Sanitize::Transformers::CSS::CleanAttribute' do
3
+ require_relative "common"
4
+
5
+ describe "Sanitize::Transformers::CSS::CleanAttribute" do
5
6
  make_my_diffs_pretty!
6
7
  parallelize_me!
7
8
 
@@ -9,21 +10,21 @@ describe 'Sanitize::Transformers::CSS::CleanAttribute' do
9
10
  @s = Sanitize.new(Sanitize::Config::RELAXED)
10
11
  end
11
12
 
12
- it 'should sanitize CSS properties in style attributes' do
13
+ it "should sanitize CSS properties in style attributes" do
13
14
  _(@s.fragment(%[
14
15
  <div style="color: #fff; width: expression(alert(1)); /* <-- evil! */"></div>
15
- ].strip)).must_equal %[
16
+ ].strip)).must_equal %(
16
17
  <div style="color: #fff; /* <-- evil! */"></div>
17
- ].strip
18
+ ).strip
18
19
  end
19
20
 
20
- it 'should remove the style attribute if the sanitized CSS is empty' do
21
- _(@s.fragment('<div style="width: expression(alert(1))"></div>')).
22
- must_equal '<div></div>'
21
+ it "should remove the style attribute if the sanitized CSS is empty" do
22
+ _(@s.fragment('<div style="width: expression(alert(1))"></div>'))
23
+ .must_equal "<div></div>"
23
24
  end
24
25
  end
25
26
 
26
- describe 'Sanitize::Transformers::CSS::CleanElement' do
27
+ describe "Sanitize::Transformers::CSS::CleanElement" do
27
28
  make_my_diffs_pretty!
28
29
  parallelize_me!
29
30
 
@@ -31,7 +32,7 @@ describe 'Sanitize::Transformers::CSS::CleanElement' do
31
32
  @s = Sanitize.new(Sanitize::Config::RELAXED)
32
33
  end
33
34
 
34
- it 'should sanitize CSS stylesheets in <style> elements' do
35
+ it "should sanitize CSS stylesheets in <style> elements" do
35
36
  html = %[
36
37
  <style>@import url(evil.css);
37
38
  /* Yay CSS! */
@@ -61,7 +62,7 @@ describe 'Sanitize::Transformers::CSS::CleanElement' do
61
62
  ].strip
62
63
  end
63
64
 
64
- it 'should remove the <style> element if the sanitized CSS is empty' do
65
- _(@s.fragment('<style></style>')).must_equal ''
65
+ it "should remove the <style> element if the sanitized CSS is empty" do
66
+ _(@s.fragment("<style></style>")).must_equal ""
66
67
  end
67
68
  end
@@ -1,22 +1,23 @@
1
- # encoding: utf-8
2
- require_relative 'common'
1
+ # frozen_string_literal: true
3
2
 
4
- describe 'Sanitize::Transformers::CleanDoctype' do
3
+ require_relative "common"
4
+
5
+ describe "Sanitize::Transformers::CleanDoctype" do
5
6
  make_my_diffs_pretty!
6
7
  parallelize_me!
7
8
 
8
- describe 'when :allow_doctype is false' do
9
+ describe "when :allow_doctype is false" do
9
10
  before do
10
- @s = Sanitize.new(:allow_doctype => false, :elements => ['html'])
11
+ @s = Sanitize.new(allow_doctype: false, elements: ["html"])
11
12
  end
12
13
 
13
- it 'should remove doctype declarations' do
14
- _(@s.document('<!DOCTYPE html><html>foo</html>')).must_equal "<html>foo</html>"
15
- _(@s.fragment('<!DOCTYPE html>foo')).must_equal 'foo'
14
+ it "should remove doctype declarations" do
15
+ _(@s.document("<!DOCTYPE html><html>foo</html>")).must_equal "<html>foo</html>"
16
+ _(@s.fragment("<!DOCTYPE html>foo")).must_equal "foo"
16
17
  end
17
18
 
18
- it 'should not allow doctype definitions in fragments' do
19
- _(@s.fragment('<!DOCTYPE html><html>foo</html>'))
19
+ it "should not allow doctype definitions in fragments" do
20
+ _(@s.fragment("<!DOCTYPE html><html>foo</html>"))
20
21
  .must_equal "foo"
21
22
 
22
23
  _(@s.fragment('<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"><html>foo</html>'))
@@ -27,13 +28,13 @@ describe 'Sanitize::Transformers::CleanDoctype' do
27
28
  end
28
29
  end
29
30
 
30
- describe 'when :allow_doctype is true' do
31
+ describe "when :allow_doctype is true" do
31
32
  before do
32
- @s = Sanitize.new(:allow_doctype => true, :elements => ['html'])
33
+ @s = Sanitize.new(allow_doctype: true, elements: ["html"])
33
34
  end
34
35
 
35
- it 'should allow doctype declarations in documents' do
36
- _(@s.document('<!DOCTYPE html><html>foo</html>'))
36
+ it "should allow doctype declarations in documents" do
37
+ _(@s.document("<!DOCTYPE html><html>foo</html>"))
37
38
  .must_equal "<!DOCTYPE html><html>foo</html>"
38
39
 
39
40
  _(@s.document('<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"><html>foo</html>'))
@@ -43,22 +44,22 @@ describe 'Sanitize::Transformers::CleanDoctype' do
43
44
  .must_equal "<!DOCTYPE html><html>foo</html>"
44
45
  end
45
46
 
46
- it 'should not allow obviously invalid doctype declarations in documents' do
47
- _(@s.document('<!DOCTYPE blah blah blah><html>foo</html>'))
47
+ it "should not allow obviously invalid doctype declarations in documents" do
48
+ _(@s.document("<!DOCTYPE blah blah blah><html>foo</html>"))
48
49
  .must_equal "<!DOCTYPE html><html>foo</html>"
49
50
 
50
- _(@s.document('<!DOCTYPE blah><html>foo</html>'))
51
+ _(@s.document("<!DOCTYPE blah><html>foo</html>"))
51
52
  .must_equal "<!DOCTYPE html><html>foo</html>"
52
53
 
53
54
  _(@s.document('<!DOCTYPE html BLAH "-//W3C//DTD HTML 4.01//EN"><html>foo</html>'))
54
55
  .must_equal "<!DOCTYPE html><html>foo</html>"
55
56
 
56
- _(@s.document('<!whatever><html>foo</html>'))
57
+ _(@s.document("<!whatever><html>foo</html>"))
57
58
  .must_equal "<html>foo</html>"
58
59
  end
59
60
 
60
- it 'should not allow doctype definitions in fragments' do
61
- _(@s.fragment('<!DOCTYPE html><html>foo</html>'))
61
+ it "should not allow doctype definitions in fragments" do
62
+ _(@s.fragment("<!DOCTYPE html><html>foo</html>"))
62
63
  .must_equal "foo"
63
64
 
64
65
  _(@s.fragment('<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"><html>foo</html>'))