sutty-liquid 0.11.12 → 0.12.0rc0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/jekyll/filters/strings.rb +54 -0
- metadata +18 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9a115b92ca64ac9e835375765973be8644207695da46a8eb542780365f963081
|
|
4
|
+
data.tar.gz: 5ed09726684f3a905e11afc6dd82b822dfe8cba9ba50eb1a5b5677e348c36c94
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a135688c8a8bba5d0742e4c7536b44eb6db8a0c24ed0123394dfa257835d854f25fdccc5c668c7710c3fac4a5fa09bbbd4878476dd361f58c82abd89b8e56abd
|
|
7
|
+
data.tar.gz: a2d4bf13672469e9f4e39598c2f103163a89e8673a58e5a866108c241aac367a36a8dea657f2e1392d0f2711caed43cff9264e163b25890acaed265bcb1ff1a3
|
|
@@ -75,6 +75,60 @@ module Jekyll
|
|
|
75
75
|
|
|
76
76
|
Addressable::URI.encode_component input.to_s, Addressable::URI::CharacterClasses::UNRESERVED
|
|
77
77
|
end
|
|
78
|
+
|
|
79
|
+
|
|
80
|
+
# Sanitizes HTML. By default follows Sutty CMS allowlist.
|
|
81
|
+
#
|
|
82
|
+
# @todo Benchmark Jekyll cache, because it'll need to hash all params
|
|
83
|
+
# @param input [String]
|
|
84
|
+
# @param tags [String,Array<String>] Allowed elements. Can be a comma-separated string
|
|
85
|
+
# @param attrs [String,Array<String>] Allowed attributes. Can be a comma-separated string
|
|
86
|
+
def sanitize_html(input, tags = nil, attrs = nil)
|
|
87
|
+
tags = list_to_array(tags, ALLOWED_TAGS)
|
|
88
|
+
attrs = list_to_array(attrs, ALLOWED_ATTRIBUTES)
|
|
89
|
+
|
|
90
|
+
sanitizer.sanitize(input.to_s.tr("\r", '').unicode_normalize, tags: tags, attributes: attrs).strip
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
ALLOWED_ATTRIBUTES = %w[style href src alt controls data-align data-multimedia data-multimedia-inner id name rel target referrerpolicy class colspan rowspan role data-turbo start type reversed].freeze
|
|
94
|
+
ALLOWED_TAGS = %w[strong em del u mark p h1 h2 h3 h4 h5 h6 ul ol li img iframe audio video div figure blockquote figcaption a sub sup small table thead tbody tfoot tr th td br code].freeze
|
|
95
|
+
|
|
96
|
+
private
|
|
97
|
+
|
|
98
|
+
# Turn values to arrays or return a default array if empty. Use a
|
|
99
|
+
# class-level cache because we'll probably parse tags and
|
|
100
|
+
# attributes many times.
|
|
101
|
+
#
|
|
102
|
+
# @param input [String,Array<String>]
|
|
103
|
+
# @param default [Array<String>]
|
|
104
|
+
# @return [Array<String>]
|
|
105
|
+
def list_to_array(input, default)
|
|
106
|
+
@@list_to_array ||= {}
|
|
107
|
+
@@list_to_array[input] ||=
|
|
108
|
+
begin
|
|
109
|
+
array =
|
|
110
|
+
case input
|
|
111
|
+
when Array then input
|
|
112
|
+
else input.to_s.split(',').map(&:strip)
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
if array.empty?
|
|
116
|
+
default
|
|
117
|
+
else
|
|
118
|
+
array
|
|
119
|
+
end
|
|
120
|
+
end
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
def sanitizer
|
|
124
|
+
@@sanitizer ||=
|
|
125
|
+
begin
|
|
126
|
+
require 'rails/html/sanitizer'
|
|
127
|
+
require 'rails/html/scrubbers'
|
|
128
|
+
|
|
129
|
+
Rails::HTML5::Sanitizer.safe_list_sanitizer.new
|
|
130
|
+
end
|
|
131
|
+
end
|
|
78
132
|
end
|
|
79
133
|
end
|
|
80
134
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sutty-liquid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.12.0rc0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- f
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-07-
|
|
11
|
+
date: 2024-07-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: fast_blank
|
|
@@ -38,6 +38,20 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '4'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: rails-html-sanitizer
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - "~>"
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: 1.6.0
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - "~>"
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: 1.6.0
|
|
41
55
|
- !ruby/object:Gem::Dependency
|
|
42
56
|
name: minitest
|
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -176,9 +190,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
176
190
|
version: 2.7.0
|
|
177
191
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
178
192
|
requirements:
|
|
179
|
-
- - "
|
|
193
|
+
- - ">"
|
|
180
194
|
- !ruby/object:Gem::Version
|
|
181
|
-
version:
|
|
195
|
+
version: 1.3.1
|
|
182
196
|
requirements: []
|
|
183
197
|
rubygems_version: 3.3.26
|
|
184
198
|
signing_key:
|