url_to_media_tag 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/Readme.md +10 -0
  2. data/VERSION +1 -1
  3. data/lib/url_to_media_tag.rb +7 -1
  4. data/spec/spec_helper.rb +12 -1
  5. data/spec/url_to_media_tag_spec.rb +13 -0
  6. data/url_to_media_tag.gemspec +1 -1
  7. metadata +3 -3
data/Readme.md CHANGED
@@ -15,10 +15,20 @@ Or
15
15
 
16
16
  Usage
17
17
  =====
18
+ ### Convert
19
+
18
20
  UrlToMediaTag.convert('http://www.youtube.com/watch?v=kW-dS4otEZU') # -> <iframe ...>
19
21
  UrlToMediaTag.convert(url, :width => 480, :height => 320) # -> <iframe ...>
20
22
  UrlToMediaTag.convert('no-url') # -> nil
21
23
 
24
+ ### Find
25
+
26
+ urls = text.scan(%r{https?://[^\s]*})
27
+
28
+ ### Replace
29
+
30
+ text_with_embed = text.gsub(%r{https?://[^\s]*}){|url| UrlToMediaTag.convert(url) }
31
+
22
32
  Alternative
23
33
  ===========
24
34
  - [auto_html](https://github.com/dejan/auto_html) If you want more fancy stuff like auto-linking + strip-tags + active-record-integration (and more dependencies / C-extensions)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.0
1
+ 0.1.1
data/lib/url_to_media_tag.rb CHANGED
@@ -9,7 +9,10 @@ module UrlToMediaTag
9
9
  def self.convert(url, options={})
10
10
  options = DEFAULTS.merge(options)
11
11
 
12
- case url
12
+ # prevent any kind of html or xss
13
+ return if url.include?('>') or url.include?('<')
14
+
15
+ result = case url
13
16
 
14
17
  # youtube
15
18
  when /http:\/\/(www.)?youtube\.com\/watch\?v=([A-Za-z0-9._%-]*)(\&\S+)?|http:\/\/(www.)?youtu\.be\/([A-Za-z0-9._%-]*)?/
@@ -33,5 +36,8 @@ module UrlToMediaTag
33
36
 
34
37
  %{<iframe src="http://player.vimeo.com/video/#{vimeo_id}#{query_string}" width="#{width}" height="#{height}" frameborder="#{frameborder}"></iframe>}
35
38
  end
39
+
40
+ result = result.html_safe if result.respond_to?(:html_safe)
41
+ result
36
42
  end
37
43
  end
data/spec/spec_helper.rb CHANGED
@@ -1,2 +1,13 @@
1
1
  $LOAD_PATH.unshift 'lib'
2
- require 'url_to_media_tag'
2
+ require 'url_to_media_tag'
3
+
4
+ class String
5
+ def html_safe
6
+ @html_safe = true
7
+ self
8
+ end
9
+
10
+ def html_safe?
11
+ @html_safe
12
+ end
13
+ end
data/spec/url_to_media_tag_spec.rb CHANGED
@@ -15,5 +15,18 @@ describe UrlToMediaTag do
15
15
  expected = "<iframe src=\"http://player.vimeo.com/video/26881896?title=0&byline=0&portrait=0\" width=\"640\" height=\"480\" frameborder=\"0\"></iframe>"
16
16
  UrlToMediaTag.convert('http://vimeo.com/26881896').should == expected
17
17
  end
18
+
19
+ it "does not convert unknown" do
20
+ UrlToMediaTag.convert('xxx').should == nil
21
+ end
22
+
23
+ it "marks output as html_safe" do
24
+ UrlToMediaTag.convert('http://vimeo.com/26881896').html_safe?.should == true
25
+ end
26
+
27
+ it "prevents xss" do
28
+ UrlToMediaTag.convert('http://vimeo.com/26881896<').should == nil
29
+ UrlToMediaTag.convert('http://vimeo.com/26881896>').should == nil
30
+ end
18
31
  end
19
32
  end
data/url_to_media_tag.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{url_to_media_tag}
8
- s.version = "0.1.0"
8
+ s.version = "0.1.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Michael Grosser"]
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: url_to_media_tag
3
3
  version: !ruby/object:Gem::Version
4
- hash: 27
4
+ hash: 25
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 1
9
- - 0
10
- version: 0.1.0
9
+ - 1
10
+ version: 0.1.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Michael Grosser