sanitized_attributes 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/lib/sanitized_attributes/sanitized_attribute.rb +10 -2
- data/lib/sanitized_attributes.rb +7 -3
- data/spec/sanitized_attributes_spec.rb +10 -1
- metadata +3 -3
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.0.
|
|
1
|
+
1.0.1
|
|
@@ -9,6 +9,14 @@ module SanitizedAttributes; class SanitizedAttribute
|
|
|
9
9
|
Sanitize.clean(content, sanitize_config)
|
|
10
10
|
end
|
|
11
11
|
|
|
12
|
+
def define_ar_writer_method(klass)
|
|
13
|
+
this = self
|
|
14
|
+
attr_name = @attr_name
|
|
15
|
+
klass.send(:define_method, "#{@attr_name}=") {|value|
|
|
16
|
+
send(:write_attribute, attr_name, this.sanitize(value))
|
|
17
|
+
}
|
|
18
|
+
end
|
|
19
|
+
|
|
12
20
|
def define_writer_method(klass)
|
|
13
21
|
this = self
|
|
14
22
|
attr_name = @attr_name
|
|
@@ -27,10 +35,10 @@ module SanitizedAttributes; class SanitizedAttribute
|
|
|
27
35
|
|
|
28
36
|
def add(klass, attr_name, options = {})
|
|
29
37
|
attrib = new(attr_name, options)
|
|
30
|
-
attrib.define_writer_method(klass)
|
|
31
38
|
if klass.respond_to?(:alias_method_chain)
|
|
32
|
-
|
|
39
|
+
attrib.define_ar_writer_method(klass)
|
|
33
40
|
else
|
|
41
|
+
attrib.define_writer_method(klass)
|
|
34
42
|
klass.send(:alias_method, "#{attr_name}_without_sanitization=", "#{attr_name}=")
|
|
35
43
|
klass.send(:alias_method, "#{attr_name}=", "#{attr_name}_with_sanitization=")
|
|
36
44
|
end
|
data/lib/sanitized_attributes.rb
CHANGED
|
@@ -65,10 +65,14 @@ module SanitizedAttributes
|
|
|
65
65
|
def option_transforms
|
|
66
66
|
@option_transforms ||=
|
|
67
67
|
begin
|
|
68
|
-
@options
|
|
69
|
-
|
|
70
|
-
|
|
68
|
+
if @options
|
|
69
|
+
@options.map do |name, tproc|
|
|
70
|
+
lambda do |env|
|
|
71
|
+
tproc.call(env, env[:config][name]) if env[:config][name]
|
|
72
|
+
end
|
|
71
73
|
end
|
|
74
|
+
else
|
|
75
|
+
[]
|
|
72
76
|
end
|
|
73
77
|
end
|
|
74
78
|
end
|
|
@@ -18,7 +18,16 @@ describe "SanitizedAttributes" do
|
|
|
18
18
|
SanitizedAttributes.add_profile(:quotes_only, :elements => %w[blockquote])
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
it "
|
|
21
|
+
it "removes all HTML by default" do
|
|
22
|
+
@klass.module_eval do
|
|
23
|
+
sanitize_attribute :orz
|
|
24
|
+
end
|
|
25
|
+
obj = @klass.new
|
|
26
|
+
obj.orz = "<a>Orz are not *many bubbles* like <p/>*campers*. <p></p>Orz <b>are just</b> Orz. <p>- Orz</p>"
|
|
27
|
+
obj.orz.should == "Orz are not *many bubbles* like *campers*. Orz are just Orz. - Orz"
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
it "sanitizes attributes with custom options and profiles" do
|
|
22
31
|
@klass.module_eval do
|
|
23
32
|
sanitize_attribute :orz, :elements => %w[p], :no_empties => %w[p]
|
|
24
33
|
sanitize_attribute :vux, :quotes_only
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sanitized_attributes
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 21
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 1
|
|
8
8
|
- 0
|
|
9
|
-
-
|
|
10
|
-
version: 1.0.
|
|
9
|
+
- 1
|
|
10
|
+
version: 1.0.1
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- CrowdCompass, Inc.
|