string_tools 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -1
- data/lib/string_tools/version.rb +1 -1
- data/lib/string_tools.rb +19 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 210c99c75f04b03ef26c76343f29b29b6325c94d270904a276df3c50e438ef52
|
|
4
|
+
data.tar.gz: 9a89a82fc8d20d222e67e44bb786941d860341e707bc5945d8867394fc8447e6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c25cd4f6a32ea07a771a8e59e17a3e28e370441065d592989754d5b67b0f79a9a429a8bc79b231aa23b7f7b20b3a76b2461a610d3a410f7f64401b8a6bb49634
|
|
7
|
+
data.tar.gz: 140e95adee684c86f90e31a3780e4eca0c9110891160278412b5038ed30b533ebb2f1ca3cf2a45981d93632259ba55b98df8a8ef8b16edb1938541e6169b1dca
|
data/CHANGELOG.md
CHANGED
|
@@ -1,4 +1,11 @@
|
|
|
1
|
-
# v1.
|
|
1
|
+
# v1.1.0
|
|
2
|
+
|
|
3
|
+
* 2023-10-16 [8ccb54a](../../commit/8ccb54a) - __(ArtemBorodinEvgenyevich)__ Release v1.1.0
|
|
4
|
+
* 2023-08-29 [bed389b](../../commit/bed389b) - __(Terentev Aleksey)__ feat: sanitize links in alt of img tag
|
|
5
|
+
https://jira.railsc.ru/browse/PC4-29908
|
|
6
|
+
|
|
7
|
+
* 2023-08-11 [7848491](../../commit/7848491) - __(Terentev Aleksey)__ feat: add options for sanitize outer links in css
|
|
8
|
+
https://jira.railsc.ru/browse/PC4-29908
|
|
2
9
|
|
|
3
10
|
* 2023-06-15 [503fce2](../../commit/503fce2) - __(Andrew N. Shalaev)__ Release v1.0.0
|
|
4
11
|
* 2023-06-15 [8e9fa48](../../commit/8e9fa48) - __(Andrew N. Shalaev)__ fix: convert to_utf8 correctly, without hidding errors
|
|
@@ -96,6 +103,13 @@ https://jira.railsc.ru/browse/PC4-16353
|
|
|
96
103
|
# v3.0.1
|
|
97
104
|
|
|
98
105
|
|
|
106
|
+
# v1.0.0
|
|
107
|
+
|
|
108
|
+
* 2023-06-15 [8e9fa48](../../commit/8e9fa48) - __(Andrew N. Shalaev)__ fix: convert to_utf8 correctly, without hidding errors
|
|
109
|
+
https://jira.railsc.ru/browse/BPC-22244
|
|
110
|
+
|
|
111
|
+
* 2023-06-15 [9bc5cf5](../../commit/9bc5cf5) - __(Andrew N. Shalaev)__ fix: up test env
|
|
112
|
+
|
|
99
113
|
# v0.16.0
|
|
100
114
|
|
|
101
115
|
* 2021-07-16 [5784a91](../../commit/5784a91) - __(Andrew N. Shalaev)__ feature: add support for ruby v2.4
|
data/lib/string_tools/version.rb
CHANGED
data/lib/string_tools.rb
CHANGED
|
@@ -155,6 +155,11 @@ module StringTools
|
|
|
155
155
|
|
|
156
156
|
TAGS_WITHOUT_ATTRIBUTES = %w(b strong i em sup sub ul ol li blockquote br tr u caption thead s).freeze
|
|
157
157
|
|
|
158
|
+
# Public: Sanitize string
|
|
159
|
+
# str - String for sanitize
|
|
160
|
+
# attrs - Hash, custom attributes, defaults empty hash
|
|
161
|
+
# remove_contents - Set of string, tags to be removed
|
|
162
|
+
# protocols - Array of string, protocols using in css properties urls
|
|
158
163
|
def sanitize(str, attrs = {})
|
|
159
164
|
# для корректного обрезания utf строчек режем через mb_chars
|
|
160
165
|
# для защиты от перегрузки парсера пропускаем максимум 1 мегабайт текста
|
|
@@ -162,6 +167,9 @@ module StringTools
|
|
|
162
167
|
# длина по символам с перестраховкой, т.к. латинские символы(теги, например) занимают 1 байт
|
|
163
168
|
str = str.mb_chars.slice(0..(2**19)).to_s
|
|
164
169
|
|
|
170
|
+
remove_contents = attrs.delete(:remove_contents)
|
|
171
|
+
protocols = attrs.delete(:protocols) || []
|
|
172
|
+
|
|
165
173
|
# Мерджим добавочные теги и атрибуты
|
|
166
174
|
attributes = TAGS_WITH_ATTRIBUTES.merge(attrs)
|
|
167
175
|
elements = attributes.keys | TAGS_WITHOUT_ATTRIBUTES
|
|
@@ -173,8 +181,8 @@ module StringTools
|
|
|
173
181
|
str,
|
|
174
182
|
:attributes => attributes,
|
|
175
183
|
:elements => elements,
|
|
176
|
-
:css => {:properties => Sanitize::Config::RELAXED[:css][:properties]},
|
|
177
|
-
:remove_contents =>
|
|
184
|
+
:css => {:properties => Sanitize::Config::RELAXED[:css][:properties], protocols: protocols},
|
|
185
|
+
:remove_contents => remove_contents || Set['style', 'script'],
|
|
178
186
|
:allow_comments => false,
|
|
179
187
|
:transformers => transformers
|
|
180
188
|
)
|
|
@@ -191,6 +199,7 @@ module StringTools
|
|
|
191
199
|
normalize_link node, 'href'
|
|
192
200
|
when 'img'
|
|
193
201
|
normalize_link node, 'src'
|
|
202
|
+
remove_links node, 'alt'
|
|
194
203
|
end
|
|
195
204
|
end
|
|
196
205
|
|
|
@@ -202,6 +211,14 @@ module StringTools
|
|
|
202
211
|
rescue Addressable::URI::InvalidURIError
|
|
203
212
|
node.swap node.children
|
|
204
213
|
end
|
|
214
|
+
|
|
215
|
+
def remove_links(node, attr_name)
|
|
216
|
+
return unless node[attr_name]
|
|
217
|
+
|
|
218
|
+
node[attr_name] = node[attr_name].gsub(URI::DEFAULT_PARSER.make_regexp, '').squish
|
|
219
|
+
|
|
220
|
+
node.remove_attribute(attr_name) if node[attr_name].empty?
|
|
221
|
+
end
|
|
205
222
|
end
|
|
206
223
|
|
|
207
224
|
class IframeNormalizer
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: string_tools
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sergey D.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-10-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: actionpack
|