slicker 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
data/.document ADDED
@@ -0,0 +1,5 @@
1
+ lib/**/*.rb
2
+ bin/*
3
+ -
4
+ features/**/*.feature
5
+ LICENSE.txt
data/Gemfile ADDED
@@ -0,0 +1,11 @@
1
+ source "http://rubygems.org"
2
+
3
+ gem "sanitize"
4
+
5
+ group :development do
6
+ gem "minitest", ">= 0"
7
+ gem "yard", "~> 0.6.0"
8
+ gem "bundler", "~> 1.0.0"
9
+ gem "jeweler", "~> 1.6.4"
10
+ gem "simplecov"
11
+ end
data/Gemfile.lock ADDED
@@ -0,0 +1,30 @@
1
+ GEM
2
+ remote: http://rubygems.org/
3
+ specs:
4
+ git (1.2.5)
5
+ jeweler (1.6.4)
6
+ bundler (~> 1.0)
7
+ git (>= 1.2.5)
8
+ rake
9
+ minitest (3.0.1)
10
+ multi_json (1.3.6)
11
+ nokogiri (1.5.2)
12
+ rake (0.9.2.2)
13
+ sanitize (2.0.3)
14
+ nokogiri (>= 1.4.4, < 1.6)
15
+ simplecov (0.6.4)
16
+ multi_json (~> 1.0)
17
+ simplecov-html (~> 0.5.3)
18
+ simplecov-html (0.5.3)
19
+ yard (0.6.8)
20
+
21
+ PLATFORMS
22
+ ruby
23
+
24
+ DEPENDENCIES
25
+ bundler (~> 1.0.0)
26
+ jeweler (~> 1.6.4)
27
+ minitest
28
+ sanitize
29
+ simplecov
30
+ yard (~> 0.6.0)
data/LICENSE.txt ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2012 Dave Hrycyszyn
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.rdoc ADDED
@@ -0,0 +1,19 @@
1
+ = slicker
2
+
3
+ Description goes here.
4
+
5
+ == Contributing to slicker
6
+
7
+ * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
8
+ * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
9
+ * Fork the project
10
+ * Start a feature/bugfix branch
11
+ * Commit and push until you are happy with your contribution
12
+ * Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
13
+ * Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
14
+
15
+ == Copyright
16
+
17
+ Copyright (c) 2012 Dave Hrycyszyn. See LICENSE.txt for
18
+ further details.
19
+
data/Rakefile ADDED
@@ -0,0 +1,38 @@
1
+ # encoding: utf-8
2
+
3
+ require 'rubygems'
4
+ require 'bundler'
5
+ begin
6
+ Bundler.setup(:default, :development)
7
+ rescue Bundler::BundlerError => e
8
+ $stderr.puts e.message
9
+ $stderr.puts "Run `bundle install` to install missing gems"
10
+ exit e.status_code
11
+ end
12
+ require 'rake'
13
+
14
+ require 'jeweler'
15
+ Jeweler::Tasks.new do |gem|
16
+ # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
17
+ gem.name = "slicker"
18
+ gem.homepage = "http://github.com/futurechimp/slicker"
19
+ gem.license = "MIT"
20
+ gem.summary = %Q{Params sanitization for your Ruby application}
21
+ gem.description = %Q{It's raining XSS out there. Protect yourself with Slicker!}
22
+ gem.email = "dave.hrycyszyn@headlondon.com"
23
+ gem.authors = ["Dave Hrycyszyn"]
24
+ # dependencies defined in Gemfile
25
+ end
26
+ Jeweler::RubygemsDotOrgTasks.new
27
+
28
+ require 'rake/testtask'
29
+ Rake::TestTask.new(:test) do |test|
30
+ test.libs << 'lib' << 'test'
31
+ test.pattern = 'test/**/test_*.rb'
32
+ test.verbose = true
33
+ end
34
+
35
+ task :default => :test
36
+
37
+ require 'yard'
38
+ YARD::Rake::YardocTask.new
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.3.0
data/lib/slicker.rb ADDED
@@ -0,0 +1,41 @@
1
+ require 'sanitize'
2
+
3
+ class Slicker
4
+
5
+ def self.protect(params, config = {})
6
+ if params.is_a?(String)
7
+ Sanitize.clean(params, config)
8
+ elsif params.is_a?(Array)
9
+ walk_array(params, config)
10
+ elsif params.is_a?(Hash)
11
+ walk_hash(params, config)
12
+ end
13
+ end
14
+
15
+ def self.walk_hash(hash, config)
16
+ hash.keys.each do |key|
17
+ if hash[key].is_a? String
18
+ hash[key] = Sanitize.clean(hash[key], config)
19
+ elsif hash[key].is_a? Hash
20
+ hash[key] = walk_hash(hash[key], config)
21
+ elsif hash[key].is_a? Array
22
+ hash[key] = walk_array(hash[key], config)
23
+ end
24
+ end
25
+ hash
26
+ end
27
+
28
+ def self.walk_array(array, config)
29
+ array.each_with_index do |el,i|
30
+ if el.is_a? String
31
+ array[i] = Sanitize.clean(el, config)
32
+ elsif el.is_a? Hash
33
+ array[i] = walk_hash(el, config)
34
+ elsif el.is_a? Array
35
+ array[i] = walk_array(el, config)
36
+ end
37
+ end
38
+ array
39
+ end
40
+
41
+ end
data/slicker.gemspec ADDED
@@ -0,0 +1,66 @@
1
+ # Generated by jeweler
2
+ # DO NOT EDIT THIS FILE DIRECTLY
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
+ # -*- encoding: utf-8 -*-
5
+
6
+ Gem::Specification.new do |s|
7
+ s.name = "slicker"
8
+ s.version = "0.3.0"
9
+
10
+ s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
+ s.authors = ["Dave Hrycyszyn"]
12
+ s.date = "2012-06-01"
13
+ s.description = "It's raining XSS out there. Protect yourself with Slicker!"
14
+ s.email = "dave.hrycyszyn@headlondon.com"
15
+ s.extra_rdoc_files = [
16
+ "LICENSE.txt",
17
+ "README.rdoc"
18
+ ]
19
+ s.files = [
20
+ ".document",
21
+ "Gemfile",
22
+ "Gemfile.lock",
23
+ "LICENSE.txt",
24
+ "README.rdoc",
25
+ "Rakefile",
26
+ "VERSION",
27
+ "lib/slicker.rb",
28
+ "slicker.gemspec",
29
+ "test/helper.rb",
30
+ "test/test.watchr",
31
+ "test/test_slicker.rb"
32
+ ]
33
+ s.homepage = "http://github.com/futurechimp/slicker"
34
+ s.licenses = ["MIT"]
35
+ s.require_paths = ["lib"]
36
+ s.rubygems_version = "1.8.17"
37
+ s.summary = "Params sanitization for your Ruby application"
38
+
39
+ if s.respond_to? :specification_version then
40
+ s.specification_version = 3
41
+
42
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
43
+ s.add_runtime_dependency(%q<sanitize>, [">= 0"])
44
+ s.add_development_dependency(%q<minitest>, [">= 0"])
45
+ s.add_development_dependency(%q<yard>, ["~> 0.6.0"])
46
+ s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
47
+ s.add_development_dependency(%q<jeweler>, ["~> 1.6.4"])
48
+ s.add_development_dependency(%q<simplecov>, [">= 0"])
49
+ else
50
+ s.add_dependency(%q<sanitize>, [">= 0"])
51
+ s.add_dependency(%q<minitest>, [">= 0"])
52
+ s.add_dependency(%q<yard>, ["~> 0.6.0"])
53
+ s.add_dependency(%q<bundler>, ["~> 1.0.0"])
54
+ s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
55
+ s.add_dependency(%q<simplecov>, [">= 0"])
56
+ end
57
+ else
58
+ s.add_dependency(%q<sanitize>, [">= 0"])
59
+ s.add_dependency(%q<minitest>, [">= 0"])
60
+ s.add_dependency(%q<yard>, ["~> 0.6.0"])
61
+ s.add_dependency(%q<bundler>, ["~> 1.0.0"])
62
+ s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
63
+ s.add_dependency(%q<simplecov>, [">= 0"])
64
+ end
65
+ end
66
+
data/test/helper.rb ADDED
@@ -0,0 +1,23 @@
1
+ require 'simplecov'
2
+ SimpleCov.start
3
+
4
+ require 'rubygems'
5
+ require 'bundler'
6
+ begin
7
+ Bundler.setup(:default, :development)
8
+ rescue Bundler::BundlerError => e
9
+ $stderr.puts e.message
10
+ $stderr.puts "Run `bundle install` to install missing gems"
11
+ exit e.status_code
12
+ end
13
+
14
+ require 'minitest/spec'
15
+
16
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
17
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
18
+ require 'slicker'
19
+
20
+ class MiniTest::Unit::TestCase
21
+ end
22
+
23
+ MiniTest::Unit.autorun
data/test/test.watchr ADDED
@@ -0,0 +1,5 @@
1
+ require 'autowatchr'
2
+
3
+ Autowatchr.new(self) do |config|
4
+ config.failing_only = true
5
+ end
@@ -0,0 +1,54 @@
1
+ require 'helper'
2
+
3
+ describe "Sanitizing params input" do
4
+ describe "given a string" do
5
+ before do
6
+ @params = "<a href='foo'>bar</a>"
7
+ end
8
+
9
+ it "should get rid of all html" do
10
+ assert_equal("bar", Slicker.protect(@params))
11
+ end
12
+ end
13
+
14
+ describe "given an array of strings" do
15
+ before do
16
+ @params = ["<a href='foo'>foo</a>", "<strong>bar</strong>"]
17
+ end
18
+
19
+ it "should walk the array and get rid of all html" do
20
+ assert_equal(["foo", "bar"], Slicker.protect(@params))
21
+ end
22
+ end
23
+
24
+ describe "given a hash" do
25
+ before do
26
+ @params = { :foo => "<strong>foo</strong>" }
27
+ end
28
+
29
+ it "should walk the hash and get rid of all html" do
30
+ assert_equal({ :foo => "foo" }, Slicker.protect(@params))
31
+ end
32
+ end
33
+
34
+ describe "with a more mixed data structure" do
35
+ before do
36
+ @params = {
37
+ :foo => ["<strong>foo</strong>",
38
+ :fapp => { :fapp => "<b>fapp</b>"}],
39
+ :bar => { :baz => "<strong>baz</strong>" },
40
+ :blap => [["<b>blap</b>"]]
41
+ }
42
+ end
43
+
44
+ it "should still get rid of all html" do
45
+ assert_equal(
46
+ { :foo => ["foo",
47
+ :fapp => { :fapp => "fapp" }],
48
+ :bar => { :baz => "baz" },
49
+ :blap => [["blap"]]
50
+ }, Slicker.protect(@params))
51
+ end
52
+ end
53
+
54
+ end
metadata ADDED
@@ -0,0 +1,128 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: slicker
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.3.0
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Dave Hrycyszyn
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2012-06-01 00:00:00.000000000Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: sanitize
16
+ requirement: &2178222400 !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ! '>='
20
+ - !ruby/object:Gem::Version
21
+ version: '0'
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: *2178222400
25
+ - !ruby/object:Gem::Dependency
26
+ name: minitest
27
+ requirement: &2178221900 !ruby/object:Gem::Requirement
28
+ none: false
29
+ requirements:
30
+ - - ! '>='
31
+ - !ruby/object:Gem::Version
32
+ version: '0'
33
+ type: :development
34
+ prerelease: false
35
+ version_requirements: *2178221900
36
+ - !ruby/object:Gem::Dependency
37
+ name: yard
38
+ requirement: &2178221360 !ruby/object:Gem::Requirement
39
+ none: false
40
+ requirements:
41
+ - - ~>
42
+ - !ruby/object:Gem::Version
43
+ version: 0.6.0
44
+ type: :development
45
+ prerelease: false
46
+ version_requirements: *2178221360
47
+ - !ruby/object:Gem::Dependency
48
+ name: bundler
49
+ requirement: &2178220820 !ruby/object:Gem::Requirement
50
+ none: false
51
+ requirements:
52
+ - - ~>
53
+ - !ruby/object:Gem::Version
54
+ version: 1.0.0
55
+ type: :development
56
+ prerelease: false
57
+ version_requirements: *2178220820
58
+ - !ruby/object:Gem::Dependency
59
+ name: jeweler
60
+ requirement: &2178209960 !ruby/object:Gem::Requirement
61
+ none: false
62
+ requirements:
63
+ - - ~>
64
+ - !ruby/object:Gem::Version
65
+ version: 1.6.4
66
+ type: :development
67
+ prerelease: false
68
+ version_requirements: *2178209960
69
+ - !ruby/object:Gem::Dependency
70
+ name: simplecov
71
+ requirement: &2178209160 !ruby/object:Gem::Requirement
72
+ none: false
73
+ requirements:
74
+ - - ! '>='
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ type: :development
78
+ prerelease: false
79
+ version_requirements: *2178209160
80
+ description: It's raining XSS out there. Protect yourself with Slicker!
81
+ email: dave.hrycyszyn@headlondon.com
82
+ executables: []
83
+ extensions: []
84
+ extra_rdoc_files:
85
+ - LICENSE.txt
86
+ - README.rdoc
87
+ files:
88
+ - .document
89
+ - Gemfile
90
+ - Gemfile.lock
91
+ - LICENSE.txt
92
+ - README.rdoc
93
+ - Rakefile
94
+ - VERSION
95
+ - lib/slicker.rb
96
+ - slicker.gemspec
97
+ - test/helper.rb
98
+ - test/test.watchr
99
+ - test/test_slicker.rb
100
+ homepage: http://github.com/futurechimp/slicker
101
+ licenses:
102
+ - MIT
103
+ post_install_message:
104
+ rdoc_options: []
105
+ require_paths:
106
+ - lib
107
+ required_ruby_version: !ruby/object:Gem::Requirement
108
+ none: false
109
+ requirements:
110
+ - - ! '>='
111
+ - !ruby/object:Gem::Version
112
+ version: '0'
113
+ segments:
114
+ - 0
115
+ hash: 181377676426236826
116
+ required_rubygems_version: !ruby/object:Gem::Requirement
117
+ none: false
118
+ requirements:
119
+ - - ! '>='
120
+ - !ruby/object:Gem::Version
121
+ version: '0'
122
+ requirements: []
123
+ rubyforge_project:
124
+ rubygems_version: 1.8.17
125
+ signing_key:
126
+ specification_version: 3
127
+ summary: Params sanitization for your Ruby application
128
+ test_files: []