slicker 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +19 -1
- data/VERSION +1 -1
- data/slicker.gemspec +1 -1
- metadata +14 -14
data/README.rdoc
CHANGED
|
@@ -1,6 +1,24 @@
|
|
|
1
1
|
= slicker
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
It's raining XSS out there. Time for a slicker!
|
|
4
|
+
|
|
5
|
+
Simple XSS protection was a feature of some early Rails plugins, notably WhiteList and sanitize_params, which defended your application at the front door - the params hash, where you probably get most of your input.
|
|
6
|
+
|
|
7
|
+
This is a port of the basic sanitize_params strategy into gem format, and with no dependency on Rails - it will also work in Sinatra, Padrino, or a straight Ruby application.
|
|
8
|
+
|
|
9
|
+
== Usage
|
|
10
|
+
|
|
11
|
+
Using it is pretty simple. In its most basic form:
|
|
12
|
+
|
|
13
|
+
Slicker.protect(params)
|
|
14
|
+
|
|
15
|
+
Drop that in your ApplicationController (for Rails) or your app.rb file (Sinatra or Padrino), and you're done: all HTML will be stripped from all params hitting your application.
|
|
16
|
+
|
|
17
|
+
Slicker depends on sanitize, so you can also pass a Sanitize config through, and strip only some tags:
|
|
18
|
+
|
|
19
|
+
Slicker.protect(params, Sanitize::Config::BASIC)
|
|
20
|
+
|
|
21
|
+
See the Sanitize[https://github.com/rgrove/sanitize] documentation for more information on what you can pass.
|
|
4
22
|
|
|
5
23
|
== Contributing to slicker
|
|
6
24
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.3.
|
|
1
|
+
0.3.1
|
data/slicker.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: slicker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -13,7 +13,7 @@ date: 2012-06-01 00:00:00.000000000Z
|
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: sanitize
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &2165846820 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: '0'
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *2165846820
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: minitest
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &2165845380 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,10 +32,10 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *2165845380
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: yard
|
|
38
|
-
requirement: &
|
|
38
|
+
requirement: &2165842880 !ruby/object:Gem::Requirement
|
|
39
39
|
none: false
|
|
40
40
|
requirements:
|
|
41
41
|
- - ~>
|
|
@@ -43,10 +43,10 @@ dependencies:
|
|
|
43
43
|
version: 0.6.0
|
|
44
44
|
type: :development
|
|
45
45
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
46
|
+
version_requirements: *2165842880
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: bundler
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &2165840660 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ~>
|
|
@@ -54,10 +54,10 @@ dependencies:
|
|
|
54
54
|
version: 1.0.0
|
|
55
55
|
type: :development
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *2165840660
|
|
58
58
|
- !ruby/object:Gem::Dependency
|
|
59
59
|
name: jeweler
|
|
60
|
-
requirement: &
|
|
60
|
+
requirement: &2165834660 !ruby/object:Gem::Requirement
|
|
61
61
|
none: false
|
|
62
62
|
requirements:
|
|
63
63
|
- - ~>
|
|
@@ -65,10 +65,10 @@ dependencies:
|
|
|
65
65
|
version: 1.6.4
|
|
66
66
|
type: :development
|
|
67
67
|
prerelease: false
|
|
68
|
-
version_requirements: *
|
|
68
|
+
version_requirements: *2165834660
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: simplecov
|
|
71
|
-
requirement: &
|
|
71
|
+
requirement: &2165833580 !ruby/object:Gem::Requirement
|
|
72
72
|
none: false
|
|
73
73
|
requirements:
|
|
74
74
|
- - ! '>='
|
|
@@ -76,7 +76,7 @@ dependencies:
|
|
|
76
76
|
version: '0'
|
|
77
77
|
type: :development
|
|
78
78
|
prerelease: false
|
|
79
|
-
version_requirements: *
|
|
79
|
+
version_requirements: *2165833580
|
|
80
80
|
description: It's raining XSS out there. Protect yourself with Slicker!
|
|
81
81
|
email: dave.hrycyszyn@headlondon.com
|
|
82
82
|
executables: []
|
|
@@ -112,7 +112,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
112
112
|
version: '0'
|
|
113
113
|
segments:
|
|
114
114
|
- 0
|
|
115
|
-
hash:
|
|
115
|
+
hash: 2286563819459080529
|
|
116
116
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
117
117
|
none: false
|
|
118
118
|
requirements:
|