sanitize 3.1.0 → 3.1.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sanitize might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/HISTORY.md +12 -1
- data/lib/sanitize.rb +1 -1
- data/lib/sanitize/version.rb +1 -1
- data/test/test_sanitize.rb +8 -0
- data/test/test_unicode.rb +11 -0
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f58c1c50884ecfb9f4b0e0370d7d9aecf26af343
|
4
|
+
data.tar.gz: 2dff24adc2c0f463049a6d2df74284a6fdf35263
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5065f900b48a965b39e2cdbb817e8b52f71cd228fe6f7082f415c180e92f073b654e792f12237c3a4c16a140833de437087d0aa67a7867a0fe715c47fad634a1
|
7
|
+
data.tar.gz: 841711b2ff6216536443df8465d02bb948eb77bda5f6a91fe48db1a4b03a89b56008bd70f78a442a929d0cfd4d1bb34f506c989bf056d889d6d0bcb3c8085b9a
|
data/HISTORY.md
CHANGED
@@ -1,7 +1,18 @@
|
|
1
1
|
Sanitize History
|
2
2
|
================================================================================
|
3
3
|
|
4
|
-
Version 3.1.
|
4
|
+
Version 3.1.1 (2015-02-04)
|
5
|
+
--------------------------
|
6
|
+
|
7
|
+
* Fixed: `#document` and `#fragment` failed on frozen strings, and could
|
8
|
+
unintentionally modify unfrozen strings if they used an encoding other than
|
9
|
+
UTF-8 or if they contained characters not allowed in HTML.
|
10
|
+
[@AnchorCat - #128][128]
|
11
|
+
|
12
|
+
[128]:https://github.com/rgrove/sanitize/pull/128
|
13
|
+
|
14
|
+
|
15
|
+
Version 3.1.0 (2014-12-22)
|
5
16
|
--------------------------
|
6
17
|
|
7
18
|
* Added the following CSS properties to the relaxed config. [@ehudc - #120][120]
|
data/lib/sanitize.rb
CHANGED
data/lib/sanitize/version.rb
CHANGED
data/test/test_sanitize.rb
CHANGED
@@ -22,6 +22,10 @@ describe 'Sanitize' do
|
|
22
22
|
@s.document(input)
|
23
23
|
input.must_equal('<!DOCTYPE html><b>foo</b>')
|
24
24
|
end
|
25
|
+
|
26
|
+
it 'should not choke on frozen documents' do
|
27
|
+
@s.document('<!doctype html><html><b>foo</b>'.freeze).must_equal "<html>foo</html>\n"
|
28
|
+
end
|
25
29
|
end
|
26
30
|
|
27
31
|
describe '#fragment' do
|
@@ -42,6 +46,10 @@ describe 'Sanitize' do
|
|
42
46
|
@s.fragment('<html><body><b>foo</b></body></html>').must_equal 'foo'
|
43
47
|
@s.fragment('<!DOCTYPE html><html><body><b>foo</b></body></html>').must_equal 'foo'
|
44
48
|
end
|
49
|
+
|
50
|
+
it 'should not choke on frozen fragments' do
|
51
|
+
@s.fragment('<b>foo</b>'.freeze).must_equal 'foo'
|
52
|
+
end
|
45
53
|
end
|
46
54
|
|
47
55
|
describe '#node!' do
|
data/test/test_unicode.rb
CHANGED
@@ -11,6 +11,17 @@ describe 'Unicode' do
|
|
11
11
|
@s = Sanitize.new(Sanitize::Config::RELAXED)
|
12
12
|
end
|
13
13
|
|
14
|
+
it 'should not modify the input string' do
|
15
|
+
fragment = "a\u0340b\u0341c"
|
16
|
+
document = "a\u0340b\u0341c"
|
17
|
+
|
18
|
+
@s.document(document)
|
19
|
+
@s.fragment(fragment)
|
20
|
+
|
21
|
+
fragment.must_equal "a\u0340b\u0341c"
|
22
|
+
document.must_equal "a\u0340b\u0341c"
|
23
|
+
end
|
24
|
+
|
14
25
|
it 'should strip deprecated grave and acute clones' do
|
15
26
|
@s.document("a\u0340b\u0341c").must_equal "<html><head></head><body>abc</body></html>\n"
|
16
27
|
@s.fragment("a\u0340b\u0341c").must_equal 'abc'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sanitize
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.1.
|
4
|
+
version: 3.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ryan Grove
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2015-02-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: crass
|
@@ -165,7 +165,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
165
165
|
version: 1.2.0
|
166
166
|
requirements: []
|
167
167
|
rubyforge_project:
|
168
|
-
rubygems_version: 2.
|
168
|
+
rubygems_version: 2.4.5
|
169
169
|
signing_key:
|
170
170
|
specification_version: 4
|
171
171
|
summary: Whitelist-based HTML and CSS sanitizer.
|