udup 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/udup/main.rb +5 -1
  3. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 20ee3984f04fb5fe081bee65ec87de8a3bd438f1c11a5ce3633b19be4d19c385
4
- data.tar.gz: 50cb8645139050e85171cc9299872729e7a04d8c1f9c8f62df05832b7b920e30
3
+ metadata.gz: e296841fa56c01bcb5f7058d1f4b00044428d7fbccb6f3d8cc9985d458c3ae44
4
+ data.tar.gz: 02a5465ef4ea9d977df642260f785f2b66a8031a2cb05909fceee7a8518d6767
5
5
  SHA512:
6
- metadata.gz: 3458241d00c36a56921b5446db20277a60e7cbd78a99089ddb54934b871bed1541c268b6c8aa76f24472c1a89c9bf2042037c81368ba5bc1bad4b4bbb19ca2dd
7
- data.tar.gz: a971306b5b88ab86022555b9a93229f7d7d1ccc5c004986a28aee64d699bd580cacb167b4277fdd6ea053e8d596a5ea1940cf7c41706f0e06ed4d7a659e13fc6
6
+ metadata.gz: d97d34c0c3acb7adefed17e3fea1ed7f191958cbe7369054825e543d06687073a57a5dd1c5b3a0f8237407bb0cde063dc011145fca69e3dc7ac5f6b010898ab3
7
+ data.tar.gz: 030daa8e0c638265758637f086efbfc276b928c030977b8f1aea6498f8f6a91c8727c5d048b2181be7c36cf017e1976578bbdccddea96e24c78e8cc77ec57bde
data/lib/udup/main.rb CHANGED
@@ -9,8 +9,11 @@ class Udup
9
9
  @skip_exts = options[:skip_exts] || %w[.css .png .jpg .jpeg .svg .ico .webp .ttf .otf .woff .woff2 .gif .pdf .bmp
10
10
  .eot .mp3 .mp4 .avi]
11
11
  @content_to_skip = options[:content_to_skip] || %w[blog docs post support]
12
+ @bad_char_path = options[:bad_char_path] || %w[+ ' " ( ) \\ <]
12
13
  end
13
14
 
15
+ # filter : Filter URLS <img src=x onerror=alert(1)>
16
+ # @param [Array
14
17
  def filter(urls)
15
18
  final_urls = Set[]
16
19
 
@@ -23,6 +26,7 @@ class Udup
23
26
  next
24
27
  end
25
28
  next unless uri
29
+ next if @bad_char_path.any? { |char| uri.path.include?(char) }
26
30
 
27
31
  uri_ext = File.extname(uri.path)
28
32
  next if @skip_exts.include?(uri_ext) || human_content?(uri.path) || content_to_skip?(uri.path)
@@ -31,7 +35,7 @@ class Udup
31
35
  params = uri_params(uri.query)
32
36
 
33
37
  if @valid_urls.key?(base_url)
34
- @valid_urls[url] = { params: {} } if @valid_urls[base_url][:params].empty?
38
+ @valid_urls[uri.to_s] = { params: {} } if @valid_urls[base_url][:params].empty?
35
39
  @valid_urls[base_url][:params].merge!(params)
36
40
  else
37
41
  @valid_urls[base_url] = { params: params }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: udup
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joshua MARTINELLE
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-17 00:00:00.000000000 Z
11
+ date: 2023-01-18 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email: