twitter-text 1.1.7 → 1.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Rakefile +3 -1
- data/lib/regex.rb +3 -2
- data/lib/twitter-text.rb +8 -1
- data/spec/autolinking_spec.rb +8 -0
- metadata +4 -11
data/Rakefile
CHANGED
|
@@ -3,13 +3,15 @@ require 'rake/gempackagetask'
|
|
|
3
3
|
require 'rake/rdoctask'
|
|
4
4
|
require 'rubygems/specification'
|
|
5
5
|
require 'date'
|
|
6
|
+
|
|
7
|
+
gem 'rspec'
|
|
6
8
|
require 'spec/rake/spectask'
|
|
7
9
|
require 'spec/rake/verify_rcov'
|
|
8
10
|
require 'digest'
|
|
9
11
|
|
|
10
12
|
spec = Gem::Specification.new do |s|
|
|
11
13
|
s.name = "twitter-text"
|
|
12
|
-
s.version = "1.1.
|
|
14
|
+
s.version = "1.1.8"
|
|
13
15
|
s.authors = ["Matt Sanford", "Patrick Ewing", "Ben Cherry", "Britt Selvitelle", "Raffi Krikorian"]
|
|
14
16
|
s.email = ["matt@twitter.com", "patrick.henry.ewing@gmail.com", "bcherry@gmail.com", "bs@brittspace.com", "raffi@twitter.com"]
|
|
15
17
|
s.homepage = "http://twitter.com"
|
data/lib/regex.rb
CHANGED
|
@@ -35,7 +35,8 @@ module Twitter
|
|
|
35
35
|
if major.to_i >= 1 && minor.to_i >= 9
|
|
36
36
|
REGEXEN[:list_name] = /[a-zA-Z][a-zA-Z0-9_\-\u0080-\u00ff]{0,24}/
|
|
37
37
|
else
|
|
38
|
-
|
|
38
|
+
# This line barfs at compile time in Ruby 1.9.
|
|
39
|
+
REGEXEN[:list_name] = eval("/[a-zA-Z][a-zA-Z0-9_\\-\x80-\xff]{0,24}/")
|
|
39
40
|
end
|
|
40
41
|
|
|
41
42
|
# Latin accented characters (subtracted 0xD7 from the range, it's a confusable multiplication sign. Looks like "x")
|
|
@@ -60,7 +61,7 @@ module Twitter
|
|
|
60
61
|
# Allow @ in a url, but only in the middle. Catch things like http://example.com/@user
|
|
61
62
|
REGEXEN[:valid_url_path_chars] = /(?:
|
|
62
63
|
#{REGEXEN[:wikipedia_disambiguation]}|
|
|
63
|
-
|
|
64
|
+
@#{REGEXEN[:valid_general_url_path_chars]}+\/|
|
|
64
65
|
[\.\,]?#{REGEXEN[:valid_general_url_path_chars]}
|
|
65
66
|
)/ix
|
|
66
67
|
# Valid end-of-path chracters (so /foo. does not gobble the period).
|
data/lib/twitter-text.rb
CHANGED
|
@@ -1,8 +1,15 @@
|
|
|
1
|
-
|
|
1
|
+
|
|
2
|
+
major, minor, patch = RUBY_VERSION.split('.')
|
|
3
|
+
|
|
4
|
+
if major == 1 && minor < 9
|
|
5
|
+
# Ruby 1.8 KCODE check. Not needed on 1.9 and later.
|
|
6
|
+
raise("twitter-text requires the $KCODE variable be set to 'UTF8' or 'u'") unless ['u','UTF8'].include?($KCODE)
|
|
7
|
+
end
|
|
2
8
|
|
|
3
9
|
require 'rubygems'
|
|
4
10
|
|
|
5
11
|
# Needed for auto-linking
|
|
12
|
+
gem 'actionpack'
|
|
6
13
|
require 'action_view'
|
|
7
14
|
|
|
8
15
|
require File.join(File.dirname(__FILE__), 'regex')
|
data/spec/autolinking_spec.rb
CHANGED
|
@@ -474,6 +474,14 @@ describe Twitter::Autolink do
|
|
|
474
474
|
end
|
|
475
475
|
end
|
|
476
476
|
|
|
477
|
+
context "with a @ in a URL" do
|
|
478
|
+
def original_text; 'http://x.xx/@"style="color:pink"onmouseover=alert(1)//'; end
|
|
479
|
+
|
|
480
|
+
it "should not allow XSS follwing @" do
|
|
481
|
+
@autolinked_text.should have_autolinked_url('http://x.xx/')
|
|
482
|
+
end
|
|
483
|
+
end
|
|
484
|
+
|
|
477
485
|
end
|
|
478
486
|
|
|
479
487
|
describe "Autolink all" do
|
metadata
CHANGED
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: twitter-text
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash: 29
|
|
5
4
|
prerelease: false
|
|
6
5
|
segments:
|
|
7
6
|
- 1
|
|
8
7
|
- 1
|
|
9
|
-
-
|
|
10
|
-
version: 1.1.
|
|
8
|
+
- 8
|
|
9
|
+
version: 1.1.8
|
|
11
10
|
platform: ruby
|
|
12
11
|
authors:
|
|
13
12
|
- Matt Sanford
|
|
@@ -19,18 +18,16 @@ autorequire: ""
|
|
|
19
18
|
bindir: bin
|
|
20
19
|
cert_chain: []
|
|
21
20
|
|
|
22
|
-
date: 2010-08-
|
|
21
|
+
date: 2010-08-23 00:00:00 -07:00
|
|
23
22
|
default_executable:
|
|
24
23
|
dependencies:
|
|
25
24
|
- !ruby/object:Gem::Dependency
|
|
26
25
|
name: actionpack
|
|
27
26
|
prerelease: false
|
|
28
27
|
requirement: &id001 !ruby/object:Gem::Requirement
|
|
29
|
-
none: false
|
|
30
28
|
requirements:
|
|
31
29
|
- - ">="
|
|
32
30
|
- !ruby/object:Gem::Version
|
|
33
|
-
hash: 3
|
|
34
31
|
segments:
|
|
35
32
|
- 0
|
|
36
33
|
version: "0"
|
|
@@ -79,27 +76,23 @@ rdoc_options: []
|
|
|
79
76
|
require_paths:
|
|
80
77
|
- lib
|
|
81
78
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
82
|
-
none: false
|
|
83
79
|
requirements:
|
|
84
80
|
- - ">="
|
|
85
81
|
- !ruby/object:Gem::Version
|
|
86
|
-
hash: 3
|
|
87
82
|
segments:
|
|
88
83
|
- 0
|
|
89
84
|
version: "0"
|
|
90
85
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
91
|
-
none: false
|
|
92
86
|
requirements:
|
|
93
87
|
- - ">="
|
|
94
88
|
- !ruby/object:Gem::Version
|
|
95
|
-
hash: 3
|
|
96
89
|
segments:
|
|
97
90
|
- 0
|
|
98
91
|
version: "0"
|
|
99
92
|
requirements: []
|
|
100
93
|
|
|
101
94
|
rubyforge_project:
|
|
102
|
-
rubygems_version: 1.3.
|
|
95
|
+
rubygems_version: 1.3.6
|
|
103
96
|
signing_key:
|
|
104
97
|
specification_version: 3
|
|
105
98
|
summary: Twitter text handling library
|