sanitize 2.0.5 → 2.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e5c69e88d2fe8117cf4ef82ff0d1469c67444b9d
-  data.tar.gz: 7708f7ca071901b213f06a542626e246c6d60409
+  metadata.gz: 240d390dd3a6813197ab1e3ccafb42f2103bf136
+  data.tar.gz: 5813a179d76ec2e44a7eb0bd0a7582c23ea0696b
 SHA512:
-  metadata.gz: 90de33c0a818467a0df40564c9230a111744bd7cb064b1c3f68a4403d605970f33af2f5604b87a2c6103e7fb847061227d196675a4089f9e7f29b1748611e2fa
-  data.tar.gz: 1ae481892f1a1b7dbcdd20f02eebad70d320bb1e8f8ec888c6da61b8274b931074ceea562c46c02d90955fcda5118f4b69aa7332ff042162a4e5ef23f6760623
+  metadata.gz: dbc7db8d41dbac5be557a50ab69d096fe5373cd8310196b4666e7e0d7fb3f12c5138e7605c86b4ccc713b500e9ad2c0e3e06374b891c12b0fed7b2949c90868c
+  data.tar.gz: 401cdf8549edce7742fb6b0498aa82da817926537f9eca32ec87b400290541aa1051645c7dea61de8edd128f8302a42d39359e5b1bc30d4a3fb25de673024c96

data/HISTORY.md

@@ -1,6 +1,14 @@
 Sanitize History
 ================================================================================
 
+Version 2.0.6 (2013-07-10)
+--------------------------
+
+* Fixed: Version 2.0.5 inadvertently included some work-in-progress changes that
+  shouldn't have made their way into the master branch. This is what happens
+  when I release before coffee instead of after.
+
+
 Version 2.0.5 (2013-07-10)
 --------------------------
 

data/README.rdoc

@@ -14,7 +14,7 @@ of fragile regular expressions, Sanitize has no trouble dealing with malformed
 or maliciously-formed HTML, and will always output valid HTML or XHTML.
 
 *Author*::    Ryan Grove (mailto:ryan@wonko.com)
-*Version*::   2.0.4 (2013-06-12)
+*Version*::   2.0.6 (2013-07-10)
 *Copyright*:: Copyright (c) 2013 Ryan Grove. All rights reserved.
 *License*::   MIT License (http://opensource.org/licenses/mit-license.php)
 *Website*::   http://github.com/rgrove/sanitize

data/lib/sanitize.rb

@@ -26,7 +26,6 @@ require 'set'
 require 'nokogiri'
 require 'sanitize/version'
 require 'sanitize/config'
-require 'sanitize/config/default'
 require 'sanitize/config/restricted'
 require 'sanitize/config/basic'
 require 'sanitize/config/relaxed'

data/lib/sanitize/config.rb

@@ -22,17 +22,64 @@
 
 class Sanitize
   module Config
+    DEFAULT = {
 
-    # Deeply freeze and return a configuration Hash.
-    def self.freeze_config(config)
-      if Array === config
-        config.each { |c| freeze_config(c) }
-      elsif Hash === config
-        config.each_value { |c| freeze_config(c) }
-      end
+      # Whether or not to allow HTML comments. Allowing comments is strongly
+      # discouraged, since IE allows script execution within conditional
+      # comments.
+      :allow_comments => false,
 
-      config.freeze
-    end
+      # HTML attributes to add to specific elements. By default, no attributes
+      # are added.
+      :add_attributes => {},
 
+      # HTML attributes to allow in specific elements. By default, no attributes
+      # are allowed.
+      :attributes => {},
+
+      # HTML elements to allow. By default, no elements are allowed (which means
+      # that all HTML will be stripped).
+      :elements => [],
+
+      # Output format. Supported formats are :html and :xhtml. Default is :html.
+      :output => :html,
+
+      # Character encoding to use for HTML output. Default is 'utf-8'.
+      :output_encoding => 'utf-8',
+
+      # URL handling protocols to allow in specific attributes. By default, no
+      # protocols are allowed. Use :relative in place of a protocol if you want
+      # to allow relative URLs sans protocol.
+      :protocols => {},
+
+      # If this is true, Sanitize will remove the contents of any filtered
+      # elements in addition to the elements themselves. By default, Sanitize
+      # leaves the safe parts of an element's contents behind when the element
+      # is removed.
+      #
+      # If this is an Array of element names, then only the contents of the
+      # specified elements (when filtered) will be removed, and the contents of
+      # all other filtered elements will be left behind.
+      :remove_contents => false,
+
+      # Transformers allow you to filter or alter nodes using custom logic. See
+      # README.rdoc for details and examples.
+      :transformers => [],
+
+      # By default, transformers perform depth-first traversal (deepest node
+      # upward). This setting allows you to specify transformers that should
+      # perform breadth-first traversal (top node downward).
+      :transformers_breadth => [],
+
+      # Elements which, when removed, should have their contents surrounded by
+      # space characters to preserve readability. For example,
+      # `foo<div>bar</div>baz` will become 'foo bar baz' when the <div> is
+      # removed.
+      :whitespace_elements => %w[
+        address article aside blockquote br dd div dl dt footer h1 h2 h3 h4 h5
+        h6 header hgroup hr li nav ol p pre section ul
+      ]
+
+    }
   end
 end

data/lib/sanitize/config/basic.rb

@@ -22,7 +22,7 @@
 
 class Sanitize
   module Config
-    BASIC = freeze_config(
+    BASIC = {
       :elements => %w[
         a abbr b blockquote br cite code dd dfn dl dt em i kbd li mark ol p pre
         q s samp small strike strong sub sup time u ul var
@@ -46,6 +46,6 @@ class Sanitize
         'blockquote' => {'cite' => ['http', 'https', :relative]},
         'q'          => {'cite' => ['http', 'https', :relative]}
       }
-    )
+    }
   end
 end

data/lib/sanitize/config/relaxed.rb

@@ -22,7 +22,7 @@
 
 class Sanitize
   module Config
-    RELAXED = freeze_config(
+    RELAXED = {
       :elements => %w[
         a abbr b bdo blockquote br caption cite code col colgroup dd del dfn dl
         dt em figcaption figure h1 h2 h3 h4 h5 h6 hgroup i img ins kbd li mark
@@ -56,6 +56,6 @@ class Sanitize
         'ins'        => {'cite' => ['http', 'https', :relative]},
         'q'          => {'cite' => ['http', 'https', :relative]}
       }
-    )
+    }
   end
 end

data/lib/sanitize/config/restricted.rb

@@ -22,8 +22,8 @@
 
 class Sanitize
   module Config
-    RESTRICTED = freeze_config(
+    RESTRICTED = {
       :elements => %w[b em i strong u]
-    )
+    }
   end
 end

data/lib/sanitize/version.rb

@@ -1,3 +1,3 @@
 class Sanitize
-  VERSION = '2.0.5'
+  VERSION = '2.0.6'
 end

data/test/test_sanitize.rb

@@ -590,34 +590,3 @@ describe 'bugs' do
     Sanitize.clean!('foo <style>bar').must_equal('foo bar')
   end
 end
-
-describe "default configurations" do
-  def assert_deep_frozen(config)
-    if Hash === config
-      config.each_value { |c| assert_deep_frozen(c) }
-      config.frozen?.must_equal(true)
-    elsif Array === config
-      config.each { |c| assert_deep_frozen(c) }
-      config.frozen?.must_equal(true)
-    end
-  end
-
-  {
-    "DEFAULT" => Sanitize::Config::DEFAULT,
-    "RESTRICTED" => Sanitize::Config::RESTRICTED,
-    "BASIC" => Sanitize::Config::BASIC,
-    "RELAXED" => Sanitize::Config::RELAXED,
-  }.each do |name, config|
-    describe name do
-      it "should be frozen" do
-        assert_deep_frozen(config)
-      end
-    end
-  end
-
-  it "cannot be modified" do
-    assert_raises(RuntimeError, "can't modify frozen") {
-      Sanitize::Config::RESTRICTED.dup[:elements].push("script")
-    }
-  end
-end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sanitize
 version: !ruby/object:Gem::Version
-  version: 2.0.5
+  version: 2.0.6
 platform: ruby
 authors:
 - Ryan Grove
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-07-10 00:00:00.000000000 Z
+date: 2013-07-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -62,7 +62,6 @@ files:
 - LICENSE
 - README.rdoc
 - lib/sanitize/config/basic.rb
-- lib/sanitize/config/default.rb
 - lib/sanitize/config/relaxed.rb
 - lib/sanitize/config/restricted.rb
 - lib/sanitize/config.rb

data/lib/sanitize/config/default.rb

@@ -1,85 +0,0 @@
-#--
-# Copyright (c) 2013 Ryan Grove <ryan@wonko.com>
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the 'Software'), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in all
-# copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-# SOFTWARE.
-#++
-
-class Sanitize
-  module Config
-    DEFAULT = freeze_config(
-
-      # Whether or not to allow HTML comments. Allowing comments is strongly
-      # discouraged, since IE allows script execution within conditional
-      # comments.
-      :allow_comments => false,
-
-      # HTML attributes to add to specific elements. By default, no attributes
-      # are added.
-      :add_attributes => {},
-
-      # HTML attributes to allow in specific elements. By default, no attributes
-      # are allowed.
-      :attributes => {},
-
-      # HTML elements to allow. By default, no elements are allowed (which means
-      # that all HTML will be stripped).
-      :elements => [],
-
-      # Output format. Supported formats are :html and :xhtml. Default is :html.
-      :output => :html,
-
-      # Character encoding to use for HTML output. Default is 'utf-8'.
-      :output_encoding => 'utf-8',
-
-      # URL handling protocols to allow in specific attributes. By default, no
-      # protocols are allowed. Use :relative in place of a protocol if you want
-      # to allow relative URLs sans protocol.
-      :protocols => {},
-
-      # If this is true, Sanitize will remove the contents of any filtered
-      # elements in addition to the elements themselves. By default, Sanitize
-      # leaves the safe parts of an element's contents behind when the element
-      # is removed.
-      #
-      # If this is an Array of element names, then only the contents of the
-      # specified elements (when filtered) will be removed, and the contents of
-      # all other filtered elements will be left behind.
-      :remove_contents => false,
-
-      # Transformers allow you to filter or alter nodes using custom logic. See
-      # README.rdoc for details and examples.
-      :transformers => [],
-
-      # By default, transformers perform depth-first traversal (deepest node
-      # upward). This setting allows you to specify transformers that should
-      # perform breadth-first traversal (top node downward).
-      :transformers_breadth => [],
-
-      # Elements which, when removed, should have their contents surrounded by
-      # space characters to preserve readability. For example,
-      # `foo<div>bar</div>baz` will become 'foo bar baz' when the <div> is
-      # removed.
-      :whitespace_elements => %w[
-        address article aside blockquote br dd div dl dt footer h1 h2 h3 h4 h5
-        h6 header hgroup hr li nav ol p pre section ul
-      ]
-
-    )
-  end
-end