yaml-validator 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/Gemfile.lock +18 -12
  4. data/lib/sanitized-html-validator.rb +30 -0
  5. data/lib/yaml-validator.rb +7 -1
  6. data/lib/yaml-validator/version.rb +1 -1
  7. data/spec/fixtures/sanitized_html/en.yml +4 -0
  8. data/spec/yaml-validator_spec.rb +17 -0
  9. data/yaml-validator.gemspec +1 -0
  10. metadata +19 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 52b11bc6fc2895275cbaa9b598991cb46e6141e1
4
- data.tar.gz: db3eeee113be83b523e616fea3d5d5613be28d6d
3
+ metadata.gz: 6e18403bff180fb06843d1d71c151fd38b094620
4
+ data.tar.gz: be16538882da43a2d6b8e6f82434b32a3ada5961
5
5
  SHA512:
6
- metadata.gz: 91d4c5b1aa9fc563ea41e7a3f55d2b871c01af8bf5afa11acc70d56aac3f7c6f9f91f41b75db14c79389b6917563f7f56c140088376f11affe4122b6f0a28a4c
7
- data.tar.gz: 23a18a9b2148c99decda38733b7d74763e098d7955b70c5dde3dc47815ff5aeba2b4e861c51896514cf84606ea7f4a10a88dafa5054742fe58e1f615a0d8ab69
6
+ metadata.gz: 8c8e85acdc2b4abdd7d521fc8fea2549ad52bc2a5f9c4e5f86ae29216eaa675f03bef16f26671ab5c69f7f26c321c8aa4285f59899d4bc94f8a173715a4e43b5
7
+ data.tar.gz: bc931ff8d9fd6267835a904d5baac0c5aa0f17ebd880ec7dae20f519835e0f017dc2e9d4b000f1077f1784c1772e35022756e1af27a111b6ab1bf7b114feee10
data/Gemfile CHANGED
@@ -1,3 +1,3 @@
1
- source :rubygems
1
+ source 'https://rubygems.org'
2
2
 
3
3
  gemspec
data/Gemfile.lock CHANGED
@@ -1,25 +1,31 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- yaml-validator (0.1.3)
4
+ yaml-validator (0.1.4)
5
5
  colorize
6
6
  rake
7
7
  rspec
8
+ sanitize
8
9
 
9
10
  GEM
10
- remote: http://rubygems.org/
11
+ remote: https://rubygems.org/
11
12
  specs:
12
13
  colorize (0.5.8)
13
- diff-lcs (1.1.3)
14
- rake (10.0.4)
15
- rspec (2.12.0)
16
- rspec-core (~> 2.12.0)
17
- rspec-expectations (~> 2.12.0)
18
- rspec-mocks (~> 2.12.0)
19
- rspec-core (2.12.2)
20
- rspec-expectations (2.12.1)
21
- diff-lcs (~> 1.1.3)
22
- rspec-mocks (2.12.0)
14
+ diff-lcs (1.2.4)
15
+ mini_portile (0.5.0)
16
+ nokogiri (1.6.0)
17
+ mini_portile (~> 0.5.0)
18
+ rake (10.1.0)
19
+ rspec (2.13.0)
20
+ rspec-core (~> 2.13.0)
21
+ rspec-expectations (~> 2.13.0)
22
+ rspec-mocks (~> 2.13.0)
23
+ rspec-core (2.13.1)
24
+ rspec-expectations (2.13.0)
25
+ diff-lcs (>= 1.1.3, < 2.0)
26
+ rspec-mocks (2.13.1)
27
+ sanitize (2.0.4)
28
+ nokogiri (~> 1.6.0)
23
29
 
24
30
  PLATFORMS
25
31
  ruby
data/lib/sanitized-html-validator.rb ADDED
@@ -0,0 +1,30 @@
1
+ require 'sanitize'
2
+
3
+ class SanitizedHtmlValidator
4
+ def self.validate(language, yaml_object)
5
+ validate_object(language, '', yaml_object)
6
+ end
7
+
8
+ def self.validate_object(language, full_key, yaml_object)
9
+ return [] if yaml_object.nil?
10
+
11
+ errors = []
12
+ yaml_object.each do |key, value|
13
+ full_subkey = (full_key.empty?) ? key : "#{full_key}.#{key}"
14
+
15
+ if value.is_a? String
16
+ unless valid_html?(value)
17
+ errors << "unsanitized html in '#{language}.#{full_subkey}' (#{value})"
18
+ end
19
+ elsif value.is_a? Hash
20
+ errors.concat validate_object(language, full_subkey, value)
21
+ end
22
+ end
23
+ errors
24
+ end
25
+
26
+ def self.valid_html?(html)
27
+ sanitized = Sanitize.clean(html, elements: [ 'strong', 'br', 'span', 'b', 'i' ])
28
+ html == sanitized
29
+ end
30
+ end
data/lib/yaml-validator.rb CHANGED
@@ -2,6 +2,7 @@ require 'yaml'
2
2
  require 'yaml-validator/version'
3
3
  require_relative './helpers'
4
4
  require_relative './pluralization-validator'
5
+ require_relative './sanitized-html-validator'
5
6
 
6
7
  class YamlValidator
7
8
 
@@ -56,6 +57,7 @@ class YamlValidator
56
57
  if @options[:show_missing]
57
58
  errors.concat find_missing_translations(yaml_object)
58
59
  errors.concat find_missing_pluralizations(filename, yaml_object)
60
+ errors.concat find_unsanitized_html(filename, yaml_object)
59
61
  end
60
62
 
61
63
  errors.map { |err| "#{filename}: #{err}" }
@@ -182,6 +184,10 @@ class YamlValidator
182
184
  def identify_variables(string)
183
185
  string.scan(/%\{([^}]+)\}/).map(&:first)
184
186
  end
185
-
187
+
188
+ def find_unsanitized_html(filename, yaml_object)
189
+ language = File.basename(filename, '.*')
190
+ SanitizedHtmlValidator.validate(language, yaml_object)
191
+ end
186
192
  end
187
193
 
data/lib/yaml-validator/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  class YamlValidator
2
- VERSION = "0.1.3"
2
+ VERSION = "0.1.4"
3
3
  end
data/spec/fixtures/sanitized_html/en.yml ADDED
@@ -0,0 +1,4 @@
1
+ en:
2
+ valid: 'this is a <strong>valid</strong><br>value'
3
+ invalid1: 'this is an <a href="spam.com">invalid</a> value'
4
+ invalid2: 'this is an <strong onclick="spam.com">invalid</strong> value'
data/spec/yaml-validator_spec.rb CHANGED
@@ -235,4 +235,21 @@ describe YamlValidator do
235
235
  end
236
236
 
237
237
  end
238
+
239
+ describe "#sanitized_html" do
240
+ it "returns the non-sanitized values" do
241
+ validator = YamlValidator.new('spec/fixtures/sanitized_html')
242
+
243
+ filename = 'spec/fixtures/sanitized_html/en.yml'
244
+ yaml_object = YAML.load_file(filename)['en']
245
+ yaml_object = Helpers.normalize_yaml(yaml_object)
246
+
247
+ errors = validator.find_unsanitized_html(filename, yaml_object)
248
+ errors.should == [
249
+ "unsanitized html in 'en.invalid1' (this is an <a href=\"spam.com\">invalid</a> value)",
250
+ "unsanitized html in 'en.invalid2' (this is an <strong onclick=\"spam.com\">invalid</strong> value)"
251
+ ]
252
+ end
253
+ end
254
+
238
255
  end
data/yaml-validator.gemspec CHANGED
@@ -20,4 +20,5 @@ Gem::Specification.new do |gem|
20
20
  gem.add_dependency('rake')
21
21
  gem.add_dependency('rspec')
22
22
  gem.add_dependency('colorize')
23
+ gem.add_dependency('sanitize')
23
24
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yaml-validator
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Elentok
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-04-29 00:00:00.000000000 Z
11
+ date: 2013-06-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -52,6 +52,20 @@ dependencies:
52
52
  - - '>='
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: sanitize
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - '>='
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
55
69
  description: YAML locales validator
56
70
  email:
57
71
  - 3david@gmail.com
@@ -69,6 +83,7 @@ files:
69
83
  - bin/yaml-validator
70
84
  - lib/helpers.rb
71
85
  - lib/pluralization-validator.rb
86
+ - lib/sanitized-html-validator.rb
72
87
  - lib/yaml-validator.rb
73
88
  - lib/yaml-validator/version.rb
74
89
  - pkg/yaml-validator-0.0.1.gem
@@ -81,6 +96,7 @@ files:
81
96
  - spec/fixtures/missing_translations/he.yml
82
97
  - spec/fixtures/numbered_keys/en.yml
83
98
  - spec/fixtures/numbered_keys/he.yml
99
+ - spec/fixtures/sanitized_html/en.yml
84
100
  - spec/fixtures/weird_pluralizations/en.yml
85
101
  - spec/fixtures/weird_pluralizations/ru.yml
86
102
  - spec/fixtures/wrong_root/en.yml
@@ -122,6 +138,7 @@ test_files:
122
138
  - spec/fixtures/missing_translations/he.yml
123
139
  - spec/fixtures/numbered_keys/en.yml
124
140
  - spec/fixtures/numbered_keys/he.yml
141
+ - spec/fixtures/sanitized_html/en.yml
125
142
  - spec/fixtures/weird_pluralizations/en.yml
126
143
  - spec/fixtures/weird_pluralizations/ru.yml
127
144
  - spec/fixtures/wrong_root/en.yml