trenni-sanitize 0.2.0 → 0.6.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/trenni/sanitize.rb +0 -3
- data/lib/trenni/sanitize/filter.rb +12 -8
- data/lib/trenni/sanitize/fragment.rb +9 -2
- data/lib/trenni/sanitize/text.rb +17 -0
- data/lib/trenni/sanitize/version.rb +1 -1
- metadata +30 -51
- data/.gitignore +0 -19
- data/.rspec +0 -5
- data/.simplecov +0 -9
- data/.travis.yml +0 -17
- data/Gemfile +0 -16
- data/README.md +0 -134
- data/Rakefile +0 -19
- data/lib/trenni/sanitize/extensions.rb +0 -14
- data/spec/spec_helper.rb +0 -53
- data/spec/trenni/sanitize/benchmark_spec.rb +0 -36
- data/spec/trenni/sanitize/extensions_spec.rb +0 -26
- data/spec/trenni/sanitize/fragment_spec.rb +0 -66
- data/spec/trenni/sanitize/sample.html +0 -12
- data/spec/trenni/sanitize/text_spec.rb +0 -0
- data/trenni-sanitize.gemspec +0 -25
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: dde3cfd019e5d0032580e229311ea3c7f61d7c06eff3f925f9e675854987be46
|
4
|
+
data.tar.gz: e30d0b421328ab5b6d324a087a42fa82147c069af24800829969b8e810122908
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8e2b9bf2f46cef2279ca08297317939cd53e98ed1a39b703f4e2d4d6cfe0afbce838bbeed7ad83f497666e2277f9cdbbd242232ac2d7a2d4e66a434b7b2935fc
|
7
|
+
data.tar.gz: 853edec88367727c751000d0aca1ec1c1b63497b6d21077a7fcba2b5378f507b48dd60c1edce04dba784d427e487933b558736873bd5958886efc15fb1eb0c27
|
data/lib/trenni/sanitize.rb
CHANGED
@@ -64,7 +64,11 @@ module Trenni
|
|
64
64
|
end
|
65
65
|
|
66
66
|
def [] key
|
67
|
-
self.tag
|
67
|
+
self.tag&.attributes[key]
|
68
|
+
end
|
69
|
+
|
70
|
+
def limit_attributes(keys)
|
71
|
+
self.tag&.attributes&.select!{|key, value| keys.include?(key)}
|
68
72
|
end
|
69
73
|
end
|
70
74
|
|
@@ -116,11 +120,11 @@ module Trenni
|
|
116
120
|
|
117
121
|
@current = Node.new(name, tag, current.skip)
|
118
122
|
end
|
119
|
-
|
123
|
+
|
120
124
|
def attribute(key, value)
|
121
125
|
@current.tag.attributes[key] = value
|
122
126
|
end
|
123
|
-
|
127
|
+
|
124
128
|
def open_tag_end(self_closing)
|
125
129
|
if self_closing
|
126
130
|
@current.tag.closed = true
|
@@ -135,7 +139,7 @@ module Trenni
|
|
135
139
|
# If the tag was self-closing, it's no longer current at this point, we are back in the context of the parent tag.
|
136
140
|
@current = self.top if self_closing
|
137
141
|
end
|
138
|
-
|
142
|
+
|
139
143
|
def close_tag(name, offset = nil)
|
140
144
|
while node = @stack.pop
|
141
145
|
node.tag.write_closing_tag(@output) unless node.skip? TAG
|
@@ -153,19 +157,19 @@ module Trenni
|
|
153
157
|
def doctype(string)
|
154
158
|
@output << string unless current.skip? DOCTYPE
|
155
159
|
end
|
156
|
-
|
160
|
+
|
157
161
|
def comment(string)
|
158
162
|
@output << string unless current.skip? COMMENT
|
159
163
|
end
|
160
|
-
|
164
|
+
|
161
165
|
def instruction(string)
|
162
166
|
@output << string unless current.skip? INSTRUCTION
|
163
167
|
end
|
164
|
-
|
168
|
+
|
165
169
|
def cdata(string)
|
166
170
|
@output << string unless current.skip? CDATA
|
167
171
|
end
|
168
|
-
|
172
|
+
|
169
173
|
def text(string)
|
170
174
|
Markup.append(@output, string) unless current.skip? TEXT
|
171
175
|
end
|
@@ -20,10 +20,12 @@
|
|
20
20
|
|
21
21
|
require_relative 'filter'
|
22
22
|
|
23
|
+
require 'set'
|
24
|
+
|
23
25
|
module Trenni
|
24
26
|
module Sanitize
|
25
27
|
class Fragment < Filter
|
26
|
-
STANDARD_ATTRIBUTES = ['class', 'style'].freeze
|
28
|
+
STANDARD_ATTRIBUTES = Set.new(['class', 'style']).freeze
|
27
29
|
|
28
30
|
ALLOWED_TAGS = {
|
29
31
|
'div' => STANDARD_ATTRIBUTES,
|
@@ -34,6 +36,11 @@ module Trenni
|
|
34
36
|
'em' => STANDARD_ATTRIBUTES,
|
35
37
|
'strong' => STANDARD_ATTRIBUTES,
|
36
38
|
'ul' => STANDARD_ATTRIBUTES,
|
39
|
+
'ol' => STANDARD_ATTRIBUTES,
|
40
|
+
'li' => STANDARD_ATTRIBUTES,
|
41
|
+
'dl' => STANDARD_ATTRIBUTES,
|
42
|
+
'dt' => STANDARD_ATTRIBUTES,
|
43
|
+
'dd' => STANDARD_ATTRIBUTES,
|
37
44
|
'strike' => STANDARD_ATTRIBUTES,
|
38
45
|
'h1' => STANDARD_ATTRIBUTES,
|
39
46
|
'h2' => STANDARD_ATTRIBUTES,
|
@@ -49,7 +56,7 @@ module Trenni
|
|
49
56
|
|
50
57
|
def filter(node)
|
51
58
|
if attributes = ALLOWED_TAGS[node.name]
|
52
|
-
node.
|
59
|
+
node.limit_attributes(attributes)
|
53
60
|
|
54
61
|
node.accept!
|
55
62
|
else
|
data/lib/trenni/sanitize/text.rb
CHANGED
@@ -23,7 +23,16 @@ require_relative 'filter'
|
|
23
23
|
module Trenni
|
24
24
|
module Sanitize
|
25
25
|
class Text < Filter
|
26
|
+
CLOSING = {
|
27
|
+
"p" => "\n\n",
|
28
|
+
"div" => "\n\n",
|
29
|
+
}
|
30
|
+
|
26
31
|
def filter(node)
|
32
|
+
if node.name == "br"
|
33
|
+
text("\n\n")
|
34
|
+
end
|
35
|
+
|
27
36
|
if node.name == 'script'
|
28
37
|
node.skip!(ALL) # Skip everything including content.
|
29
38
|
else
|
@@ -31,6 +40,14 @@ module Trenni
|
|
31
40
|
end
|
32
41
|
end
|
33
42
|
|
43
|
+
def close_tag(name, offset = nil)
|
44
|
+
super
|
45
|
+
|
46
|
+
if value = CLOSING[name]
|
47
|
+
text(value)
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
34
51
|
def doctype(string)
|
35
52
|
end
|
36
53
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trenni-sanitize
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Samuel Williams
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-11-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: trenni
|
@@ -16,110 +16,89 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 3.5
|
19
|
+
version: '3.5'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 3.5
|
26
|
+
version: '3.5'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: bundler
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- - "
|
31
|
+
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
33
|
+
version: '0'
|
34
34
|
type: :development
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- - "
|
38
|
+
- - ">="
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
40
|
+
version: '0'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
|
-
name:
|
42
|
+
name: covered
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
|
-
- - "
|
45
|
+
- - ">="
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: '
|
47
|
+
version: '0'
|
48
48
|
type: :development
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
|
-
- - "
|
52
|
+
- - ">="
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: '
|
54
|
+
version: '0'
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
|
-
name:
|
56
|
+
name: rspec
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
|
-
- - "
|
59
|
+
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
61
|
+
version: '3.4'
|
62
62
|
type: :development
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
|
-
- - "
|
66
|
+
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '
|
69
|
-
description:
|
68
|
+
version: '3.4'
|
69
|
+
description:
|
70
70
|
email:
|
71
|
-
- samuel.williams@oriontransfer.co.nz
|
72
71
|
executables: []
|
73
72
|
extensions: []
|
74
73
|
extra_rdoc_files: []
|
75
74
|
files:
|
76
|
-
- ".gitignore"
|
77
|
-
- ".rspec"
|
78
|
-
- ".simplecov"
|
79
|
-
- ".travis.yml"
|
80
|
-
- Gemfile
|
81
|
-
- README.md
|
82
|
-
- Rakefile
|
83
75
|
- lib/trenni/sanitize.rb
|
84
|
-
- lib/trenni/sanitize/extensions.rb
|
85
76
|
- lib/trenni/sanitize/filter.rb
|
86
77
|
- lib/trenni/sanitize/fragment.rb
|
87
78
|
- lib/trenni/sanitize/text.rb
|
88
79
|
- lib/trenni/sanitize/version.rb
|
89
|
-
- spec/spec_helper.rb
|
90
|
-
- spec/trenni/sanitize/benchmark_spec.rb
|
91
|
-
- spec/trenni/sanitize/extensions_spec.rb
|
92
|
-
- spec/trenni/sanitize/fragment_spec.rb
|
93
|
-
- spec/trenni/sanitize/sample.html
|
94
|
-
- spec/trenni/sanitize/text_spec.rb
|
95
|
-
- trenni-sanitize.gemspec
|
96
80
|
homepage: https://github.com/ioquatix/trenni-sanitize
|
97
|
-
licenses:
|
98
|
-
|
99
|
-
|
81
|
+
licenses:
|
82
|
+
- MIT
|
83
|
+
metadata:
|
84
|
+
funding_uri: https://github.com/sponsors/ioquatix/
|
85
|
+
post_install_message:
|
100
86
|
rdoc_options: []
|
101
87
|
require_paths:
|
102
88
|
- lib
|
103
89
|
required_ruby_version: !ruby/object:Gem::Requirement
|
104
90
|
requirements:
|
105
|
-
- - "
|
91
|
+
- - ">="
|
106
92
|
- !ruby/object:Gem::Version
|
107
|
-
version: '2.
|
93
|
+
version: '2.5'
|
108
94
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
109
95
|
requirements:
|
110
96
|
- - ">="
|
111
97
|
- !ruby/object:Gem::Version
|
112
98
|
version: '0'
|
113
99
|
requirements: []
|
114
|
-
|
115
|
-
|
116
|
-
signing_key:
|
100
|
+
rubygems_version: 3.1.2
|
101
|
+
signing_key:
|
117
102
|
specification_version: 4
|
118
103
|
summary: Sanitize markdown according to a set of rules.
|
119
|
-
test_files:
|
120
|
-
- spec/spec_helper.rb
|
121
|
-
- spec/trenni/sanitize/benchmark_spec.rb
|
122
|
-
- spec/trenni/sanitize/extensions_spec.rb
|
123
|
-
- spec/trenni/sanitize/fragment_spec.rb
|
124
|
-
- spec/trenni/sanitize/sample.html
|
125
|
-
- spec/trenni/sanitize/text_spec.rb
|
104
|
+
test_files: []
|
data/.gitignore
DELETED
data/.rspec
DELETED
data/.simplecov
DELETED
data/.travis.yml
DELETED
data/Gemfile
DELETED
@@ -1,16 +0,0 @@
|
|
1
|
-
source 'https://rubygems.org'
|
2
|
-
|
3
|
-
# Specify your gem's dependencies in trenni.gemspec
|
4
|
-
gemspec
|
5
|
-
|
6
|
-
group :development do
|
7
|
-
gem 'pry'
|
8
|
-
end
|
9
|
-
|
10
|
-
group :test do
|
11
|
-
gem 'ruby-prof', platforms: [:mri]
|
12
|
-
gem "benchmark-ips"
|
13
|
-
|
14
|
-
# For comparisons:
|
15
|
-
gem "sanitize"
|
16
|
-
end
|
data/README.md
DELETED
@@ -1,134 +0,0 @@
|
|
1
|
-
# trenni-sanitize::Sanitize
|
2
|
-
|
3
|
-
Sanitize markup by adding, changing or removing tags.
|
4
|
-
|
5
|
-
[![Build Status](https://secure.travis-ci.org/ioquatix/trenni-sanitize.svg)](http://travis-ci.org/ioquatix/trenni-sanitize)
|
6
|
-
[![Code Climate](https://codeclimate.com/github/ioquatix/trenni-sanitize.svg)](https://codeclimate.com/github/ioquatix/trenni-sanitize)
|
7
|
-
[![Coverage Status](https://coveralls.io/repos/ioquatix/trenni-sanitize/badge.svg)](https://coveralls.io/r/ioquatix/trenni-sanitize)
|
8
|
-
|
9
|
-
## Motivation
|
10
|
-
|
11
|
-
I use the [sanitize] gem and generally it's great. However, it's performance can be an issue and additionally, it doesn't preserve tag namespaces when parsing fragments due to how Nokogiri works internally.
|
12
|
-
|
13
|
-
[sanitize]: https://github.com/rgrove/sanitize/
|
14
|
-
|
15
|
-
## Is it fast?
|
16
|
-
|
17
|
-
In my informal testing, this gem is about ~50x faster than the [sanitize] gem when generating plain text.
|
18
|
-
|
19
|
-
Warming up --------------------------------------
|
20
|
-
Sanitize 96.000 i/100ms
|
21
|
-
Trenni::Sanitize 4.447k i/100ms
|
22
|
-
Calculating -------------------------------------
|
23
|
-
Sanitize 958.020 (± 4.5%) i/s - 4.800k in 5.020564s
|
24
|
-
Trenni::Sanitize 44.718k (± 4.2%) i/s - 226.797k in 5.080756s
|
25
|
-
|
26
|
-
Comparison:
|
27
|
-
Trenni::Sanitize: 44718.1 i/s
|
28
|
-
Sanitize: 958.0 i/s - 46.68x slower
|
29
|
-
|
30
|
-
## Installation
|
31
|
-
|
32
|
-
Add this line to your application's Gemfile:
|
33
|
-
|
34
|
-
gem 'trenni-sanitize'
|
35
|
-
|
36
|
-
And then execute:
|
37
|
-
|
38
|
-
$ bundle
|
39
|
-
|
40
|
-
Or install it yourself as:
|
41
|
-
|
42
|
-
$ gem install trenni-sanitize
|
43
|
-
|
44
|
-
## Usage
|
45
|
-
|
46
|
-
`Trenni::Sanitize::Delegate` is a stream-based processor. That means it parses the incoming markup and makes decisions about what to keep and what to discard during parsing.
|
47
|
-
|
48
|
-
### Extracting Text
|
49
|
-
|
50
|
-
You can extract text using something similar to the following parser delegate:
|
51
|
-
|
52
|
-
```ruby
|
53
|
-
class Text < Trenni::Sanitize::Filter
|
54
|
-
def filter(node)
|
55
|
-
skip!(TAG)
|
56
|
-
end
|
57
|
-
|
58
|
-
def doctype(string)
|
59
|
-
end
|
60
|
-
|
61
|
-
def instruction(string)
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
text = Text.parse("<p>Hello World</p>").output
|
66
|
-
# => "Hello World"
|
67
|
-
```
|
68
|
-
|
69
|
-
### Extracting Safe Markup
|
70
|
-
|
71
|
-
Here is a simple filter that only allows a limited set of tags:
|
72
|
-
|
73
|
-
```ruby
|
74
|
-
class Fragment < Trenni::Sanitize::Filter
|
75
|
-
STANDARD_ATTRIBUTES = ['class'].freeze
|
76
|
-
|
77
|
-
ALLOWED_TAGS = {
|
78
|
-
'em' => [],
|
79
|
-
'strong' => [],
|
80
|
-
'p' => [],
|
81
|
-
'img' => [] + ['src', 'alt', 'width', 'height'],
|
82
|
-
'a' => ['href', 'target']
|
83
|
-
}.freeze
|
84
|
-
|
85
|
-
def filter(node)
|
86
|
-
if attributes = ALLOWED_TAGS[node.name]
|
87
|
-
node.tag.attributes.slice!(attributes)
|
88
|
-
else
|
89
|
-
# Skip the tag, and all contents
|
90
|
-
skip!(ALL)
|
91
|
-
end
|
92
|
-
end
|
93
|
-
|
94
|
-
def doctype(string)
|
95
|
-
end
|
96
|
-
|
97
|
-
def instruction(string)
|
98
|
-
end
|
99
|
-
end
|
100
|
-
```
|
101
|
-
|
102
|
-
As you can see, while [sanitize] is driven by configuration, `Trenni::Sanitize::Filter` is driven by code.
|
103
|
-
|
104
|
-
## Contributing
|
105
|
-
|
106
|
-
1. Fork it
|
107
|
-
2. Create your feature branch (`git checkout -b my-new-feature`)
|
108
|
-
3. Commit your changes (`git commit -am 'Add some feature'`)
|
109
|
-
4. Push to the branch (`git push origin my-new-feature`)
|
110
|
-
5. Create new Pull Request
|
111
|
-
|
112
|
-
## License
|
113
|
-
|
114
|
-
Released under the MIT license.
|
115
|
-
|
116
|
-
Copyright, 2018, by [Samuel G. D. Williams](http://www.codeotaku.com/samuel-williams).
|
117
|
-
|
118
|
-
Permission is hereby granted, free of charge, to any person obtaining a copy
|
119
|
-
of this software and associated documentation files (the "Software"), to deal
|
120
|
-
in the Software without restriction, including without limitation the rights
|
121
|
-
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
122
|
-
copies of the Software, and to permit persons to whom the Software is
|
123
|
-
furnished to do so, subject to the following conditions:
|
124
|
-
|
125
|
-
The above copyright notice and this permission notice shall be included in
|
126
|
-
all copies or substantial portions of the Software.
|
127
|
-
|
128
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
129
|
-
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
130
|
-
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
131
|
-
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
132
|
-
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
133
|
-
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
134
|
-
THE SOFTWARE.
|
data/Rakefile
DELETED
@@ -1,19 +0,0 @@
|
|
1
|
-
require "bundler/gem_tasks"
|
2
|
-
require "rspec/core/rake_task"
|
3
|
-
|
4
|
-
# Load all rake tasks:
|
5
|
-
import(*Dir.glob('tasks/**/*.rake'))
|
6
|
-
|
7
|
-
RSpec::Core::RakeTask.new(:test)
|
8
|
-
|
9
|
-
task :environment do
|
10
|
-
$LOAD_PATH.unshift File.expand_path('lib', __dir__)
|
11
|
-
end
|
12
|
-
|
13
|
-
task :console => :environment do
|
14
|
-
require 'pry'
|
15
|
-
|
16
|
-
Pry.start
|
17
|
-
end
|
18
|
-
|
19
|
-
task :default => :test
|
data/spec/spec_helper.rb
DELETED
@@ -1,53 +0,0 @@
|
|
1
|
-
|
2
|
-
if ENV['COVERAGE']
|
3
|
-
begin
|
4
|
-
require 'simplecov'
|
5
|
-
|
6
|
-
SimpleCov.start do
|
7
|
-
add_filter "/spec/"
|
8
|
-
end
|
9
|
-
|
10
|
-
if ENV['TRAVIS']
|
11
|
-
require 'coveralls'
|
12
|
-
Coveralls.wear!
|
13
|
-
end
|
14
|
-
rescue LoadError
|
15
|
-
warn "Could not load simplecov: #{$!}"
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
require "bundler/setup"
|
20
|
-
require "trenni/sanitize"
|
21
|
-
|
22
|
-
begin
|
23
|
-
require 'ruby-prof'
|
24
|
-
|
25
|
-
RSpec.shared_context "profile" do
|
26
|
-
before(:all) do
|
27
|
-
RubyProf.start
|
28
|
-
end
|
29
|
-
|
30
|
-
after(:all) do
|
31
|
-
result = RubyProf.stop
|
32
|
-
|
33
|
-
# Print a flat profile to text
|
34
|
-
printer = RubyProf::FlatPrinter.new(result)
|
35
|
-
printer.print(STDOUT)
|
36
|
-
end
|
37
|
-
end
|
38
|
-
rescue LoadError
|
39
|
-
RSpec.shared_context "profile" do
|
40
|
-
before(:all) do
|
41
|
-
puts "Profiling not supported on this platform."
|
42
|
-
end
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
RSpec.configure do |config|
|
47
|
-
# Enable flags like --only-failures and --next-failure
|
48
|
-
config.example_status_persistence_file_path = ".rspec_status"
|
49
|
-
|
50
|
-
config.expect_with :rspec do |c|
|
51
|
-
c.syntax = :expect
|
52
|
-
end
|
53
|
-
end
|
@@ -1,36 +0,0 @@
|
|
1
|
-
|
2
|
-
require 'sanitize'
|
3
|
-
require 'benchmark/ips'
|
4
|
-
|
5
|
-
require 'trenni/sanitize/text'
|
6
|
-
|
7
|
-
RSpec.describe Trenni::Sanitize do
|
8
|
-
let(:buffer) {Trenni::Buffer.load_file(File.join(__dir__, "sample.html"))}
|
9
|
-
|
10
|
-
it "should be faster than alternatives" do
|
11
|
-
config = Sanitize::Config.freeze_config(
|
12
|
-
:elements => %w[b i em strong ul li strike h1 h2 h3 h4 h5 h6 p img image a],
|
13
|
-
:attributes => {
|
14
|
-
'img' => %w[src alt width],
|
15
|
-
'a' => %w[href]
|
16
|
-
},
|
17
|
-
)
|
18
|
-
|
19
|
-
text = buffer.read
|
20
|
-
|
21
|
-
puts Sanitize.fragment(text).inspect
|
22
|
-
puts Trenni::Sanitize::Text.parse(buffer).output.inspect
|
23
|
-
|
24
|
-
Benchmark.ips do |x|
|
25
|
-
x.report("Sanitize") do
|
26
|
-
Sanitize.fragment text
|
27
|
-
end
|
28
|
-
|
29
|
-
x.report("Trenni::Sanitize") do
|
30
|
-
Trenni::Sanitize::Text.parse(buffer)
|
31
|
-
end
|
32
|
-
|
33
|
-
x.compare!
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
@@ -1,26 +0,0 @@
|
|
1
|
-
|
2
|
-
require 'trenni/sanitize/extensions'
|
3
|
-
|
4
|
-
RSpec.describe Hash do
|
5
|
-
let(:hash) {{x: 10, y: 20, z: 30}}
|
6
|
-
|
7
|
-
it "can slice the hash" do
|
8
|
-
result = hash.slice(:x)
|
9
|
-
|
10
|
-
expect(hash.size).to be == 3
|
11
|
-
expect(result.size).to be == 1
|
12
|
-
|
13
|
-
expect(result[:x]).to be == 10
|
14
|
-
expect(result[:y]).to be_nil
|
15
|
-
expect(result[:z]).to be_nil
|
16
|
-
end
|
17
|
-
|
18
|
-
it "can slice! the hash in-place" do
|
19
|
-
hash.slice!(:x)
|
20
|
-
|
21
|
-
expect(hash.size).to be == 1
|
22
|
-
expect(hash[:x]).to be == 10
|
23
|
-
expect(hash[:y]).to be_nil
|
24
|
-
expect(hash[:z]).to be_nil
|
25
|
-
end
|
26
|
-
end
|
@@ -1,66 +0,0 @@
|
|
1
|
-
# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
|
2
|
-
#
|
3
|
-
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
-
# of this software and associated documentation files (the "Software"), to deal
|
5
|
-
# in the Software without restriction, including without limitation the rights
|
6
|
-
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
-
# copies of the Software, and to permit persons to whom the Software is
|
8
|
-
# furnished to do so, subject to the following conditions:
|
9
|
-
#
|
10
|
-
# The above copyright notice and this permission notice shall be included in
|
11
|
-
# all copies or substantial portions of the Software.
|
12
|
-
#
|
13
|
-
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
-
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
-
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
-
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
-
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
-
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
-
# THE SOFTWARE.
|
20
|
-
|
21
|
-
require 'trenni/sanitize/fragment'
|
22
|
-
|
23
|
-
RSpec.describe Trenni::Sanitize::Fragment do
|
24
|
-
it "should filter out script tags" do
|
25
|
-
fragment = described_class.parse("<p onclick='malicious()'>Hello World</p><script>doot()</script>")
|
26
|
-
|
27
|
-
expect(fragment.output).to be == "<p>Hello World</p>"
|
28
|
-
end
|
29
|
-
|
30
|
-
it "should filter out nested script tags" do
|
31
|
-
fragment = described_class.parse("<div><p>Hello World</p><script>doot()</script></div>")
|
32
|
-
|
33
|
-
expect(fragment.output).to be == "<div><p>Hello World</p></div>"
|
34
|
-
end
|
35
|
-
|
36
|
-
it "should filter out tags" do
|
37
|
-
fragment = described_class.parse("<p onclick='malicious()'>Hello World</p><script>script</script>")
|
38
|
-
|
39
|
-
expect(fragment.output).to be == "<p>Hello World</p>"
|
40
|
-
end
|
41
|
-
|
42
|
-
it "should ignore unbalanced closing tags" do
|
43
|
-
fragment = described_class.parse("<p>Hello World</a></p>")
|
44
|
-
|
45
|
-
expect(fragment.output).to be == "<p>Hello World</p>"
|
46
|
-
end
|
47
|
-
|
48
|
-
it "should include trailing text" do
|
49
|
-
fragment = described_class.parse("Hello<script/>World")
|
50
|
-
|
51
|
-
expect(fragment.output).to be == "HelloWorld"
|
52
|
-
end
|
53
|
-
|
54
|
-
it "should escape text" do
|
55
|
-
fragment = described_class.parse("x&y")
|
56
|
-
|
57
|
-
expect(fragment.output).to be == "x&y"
|
58
|
-
end
|
59
|
-
|
60
|
-
it "should include nested img" do
|
61
|
-
fragment = described_class.parse("<table><img src='foo'/></table>")
|
62
|
-
|
63
|
-
expect(fragment.output).to be == "<img src=\"foo\"/>"
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
@@ -1,12 +0,0 @@
|
|
1
|
-
<hr>
|
2
|
-
<a href="http://somegreatsite.com">Link Name</a>
|
3
|
-
is a link to another nifty site
|
4
|
-
<h1>This is a Header</h1>
|
5
|
-
<h1>This is a Medium Header</h2>
|
6
|
-
Send me mail at <a href="mailto:support@yourcompany.com">
|
7
|
-
support@yourcompany.com</a>.
|
8
|
-
<hr>
|
9
|
-
<p>This is a new paragraph!</p>
|
10
|
-
<p><b>This is a new paragraph!</b></p>
|
11
|
-
<br/><b><i>This is a new sentence without a paragraph break, in bold italics.</i></b>
|
12
|
-
<hr>
|
File without changes
|
data/trenni-sanitize.gemspec
DELETED
@@ -1,25 +0,0 @@
|
|
1
|
-
|
2
|
-
require_relative 'lib/trenni/sanitize/version'
|
3
|
-
|
4
|
-
Gem::Specification.new do |spec|
|
5
|
-
spec.name = "trenni-sanitize"
|
6
|
-
spec.platform = Gem::Platform::RUBY
|
7
|
-
spec.version = Trenni::Sanitize::VERSION
|
8
|
-
spec.authors = ["Samuel Williams"]
|
9
|
-
spec.email = ["samuel.williams@oriontransfer.co.nz"]
|
10
|
-
spec.summary = %q{Sanitize markdown according to a set of rules.}
|
11
|
-
spec.homepage = "https://github.com/ioquatix/trenni-sanitize"
|
12
|
-
|
13
|
-
spec.files = `git ls-files`.split($/)
|
14
|
-
spec.executables = spec.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
15
|
-
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
16
|
-
spec.require_paths = ["lib"]
|
17
|
-
|
18
|
-
spec.required_ruby_version = '~> 2.1'
|
19
|
-
|
20
|
-
spec.add_dependency "trenni", '~> 3.5.0'
|
21
|
-
|
22
|
-
spec.add_development_dependency "bundler", "~> 1.3"
|
23
|
-
spec.add_development_dependency "rspec", "~> 3.4"
|
24
|
-
spec.add_development_dependency "rake"
|
25
|
-
end
|