RubyGems - yaml-validator - Versions diffs - 0.1.3 → 0.1.4 - Mend

yaml-validator 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/Gemfile +1 -1
data/Gemfile.lock +18 -12
data/lib/sanitized-html-validator.rb +30 -0
data/lib/yaml-validator.rb +7 -1
data/lib/yaml-validator/version.rb +1 -1
data/spec/fixtures/sanitized_html/en.yml +4 -0
data/spec/yaml-validator_spec.rb +17 -0
data/yaml-validator.gemspec +1 -0
metadata +19 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 52b11bc6fc2895275cbaa9b598991cb46e6141e1
-  data.tar.gz: db3eeee113be83b523e616fea3d5d5613be28d6d
+  metadata.gz: 6e18403bff180fb06843d1d71c151fd38b094620
+  data.tar.gz: be16538882da43a2d6b8e6f82434b32a3ada5961
 SHA512:
-  metadata.gz: 91d4c5b1aa9fc563ea41e7a3f55d2b871c01af8bf5afa11acc70d56aac3f7c6f9f91f41b75db14c79389b6917563f7f56c140088376f11affe4122b6f0a28a4c
-  data.tar.gz: 23a18a9b2148c99decda38733b7d74763e098d7955b70c5dde3dc47815ff5aeba2b4e861c51896514cf84606ea7f4a10a88dafa5054742fe58e1f615a0d8ab69
+  metadata.gz: 8c8e85acdc2b4abdd7d521fc8fea2549ad52bc2a5f9c4e5f86ae29216eaa675f03bef16f26671ab5c69f7f26c321c8aa4285f59899d4bc94f8a173715a4e43b5
+  data.tar.gz: bc931ff8d9fd6267835a904d5baac0c5aa0f17ebd880ec7dae20f519835e0f017dc2e9d4b000f1077f1784c1772e35022756e1af27a111b6ab1bf7b114feee10

data/Gemfile CHANGED Viewed

@@ -1,3 +1,3 @@
-source :rubygems
+source 'https://rubygems.org'
 gemspec

data/Gemfile.lock CHANGED Viewed

@@ -1,25 +1,31 @@
 PATH
   remote: .
   specs:
-    yaml-validator (0.1.3)
+    yaml-validator (0.1.4)
       colorize
       rake
       rspec
+      sanitize
 GEM
-  remote: http://rubygems.org/
+  remote: https://rubygems.org/
   specs:
     colorize (0.5.8)
-    diff-lcs (1.1.3)
-    rake (10.0.4)
-    rspec (2.12.0)
-      rspec-core (~> 2.12.0)
-      rspec-expectations (~> 2.12.0)
-      rspec-mocks (~> 2.12.0)
-    rspec-core (2.12.2)
-    rspec-expectations (2.12.1)
-      diff-lcs (~> 1.1.3)
-    rspec-mocks (2.12.0)
+    diff-lcs (1.2.4)
+    mini_portile (0.5.0)
+    nokogiri (1.6.0)
+      mini_portile (~> 0.5.0)
+    rake (10.1.0)
+    rspec (2.13.0)
+      rspec-core (~> 2.13.0)
+      rspec-expectations (~> 2.13.0)
+      rspec-mocks (~> 2.13.0)
+    rspec-core (2.13.1)
+    rspec-expectations (2.13.0)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.13.1)
+    sanitize (2.0.4)
+      nokogiri (~> 1.6.0)
 PLATFORMS
   ruby

data/lib/sanitized-html-validator.rb ADDED Viewed

@@ -0,0 +1,30 @@
+require 'sanitize'
+class SanitizedHtmlValidator
+  def self.validate(language, yaml_object)
+    validate_object(language, '', yaml_object)
+  end
+  def self.validate_object(language, full_key, yaml_object)
+    return [] if yaml_object.nil?
+    errors = []
+    yaml_object.each do |key, value|
+      full_subkey = (full_key.empty?) ? key : "#{full_key}.#{key}"
+      if value.is_a? String
+        unless valid_html?(value)
+          errors << "unsanitized html in '#{language}.#{full_subkey}' (#{value})"
+        end
+      elsif value.is_a? Hash
+        errors.concat validate_object(language, full_subkey, value)
+      end
+    end
+    errors
+  end
+  def self.valid_html?(html)
+    sanitized = Sanitize.clean(html, elements: [ 'strong', 'br', 'span', 'b', 'i' ])
+    html == sanitized
+  end
+end

data/lib/yaml-validator.rb CHANGED Viewed

@@ -2,6 +2,7 @@ require 'yaml'
 require 'yaml-validator/version'
 require_relative './helpers'
 require_relative './pluralization-validator'
+require_relative './sanitized-html-validator'
 class YamlValidator
@@ -56,6 +57,7 @@ class YamlValidator
     if @options[:show_missing]
       errors.concat find_missing_translations(yaml_object)
       errors.concat find_missing_pluralizations(filename, yaml_object)
+      errors.concat find_unsanitized_html(filename, yaml_object)
     end
     errors.map { |err| "#{filename}: #{err}" }
@@ -182,6 +184,10 @@ class YamlValidator
   def identify_variables(string)
     string.scan(/%\{([^}]+)\}/).map(&:first)
   end
+  def find_unsanitized_html(filename, yaml_object)
+    language = File.basename(filename, '.*')
+    SanitizedHtmlValidator.validate(language, yaml_object)
+  end
 end

data/lib/yaml-validator/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 class YamlValidator
-  VERSION = "0.1.3"
+  VERSION = "0.1.4"
 end

data/spec/fixtures/sanitized_html/en.yml ADDED Viewed

@@ -0,0 +1,4 @@
+en:
+  valid: 'this is a <strong>valid</strong><br>value'
+  invalid1: 'this is an <a href="spam.com">invalid</a> value'
+  invalid2: 'this is an <strong onclick="spam.com">invalid</strong> value'

data/spec/yaml-validator_spec.rb CHANGED Viewed

@@ -235,4 +235,21 @@ describe YamlValidator do
     end
   end
+  describe "#sanitized_html" do
+    it "returns the non-sanitized values" do
+      validator = YamlValidator.new('spec/fixtures/sanitized_html')
+      filename = 'spec/fixtures/sanitized_html/en.yml'
+      yaml_object = YAML.load_file(filename)['en']
+      yaml_object = Helpers.normalize_yaml(yaml_object)
+      errors = validator.find_unsanitized_html(filename, yaml_object)
+      errors.should == [
+        "unsanitized html in 'en.invalid1' (this is an <a href=\"spam.com\">invalid</a> value)",
+        "unsanitized html in 'en.invalid2' (this is an <strong onclick=\"spam.com\">invalid</strong> value)"
+      ]
+    end
+  end
 end

data/yaml-validator.gemspec CHANGED Viewed

@@ -20,4 +20,5 @@ Gem::Specification.new do |gem|
   gem.add_dependency('rake')
   gem.add_dependency('rspec')
   gem.add_dependency('colorize')
+  gem.add_dependency('sanitize')
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: yaml-validator
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - David Elentok
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-04-29 00:00:00.000000000 Z
+date: 2013-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -52,6 +52,20 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: sanitize
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: YAML locales validator
 email:
 - 3david@gmail.com
@@ -69,6 +83,7 @@ files:
 - bin/yaml-validator
 - lib/helpers.rb
 - lib/pluralization-validator.rb
+- lib/sanitized-html-validator.rb
 - lib/yaml-validator.rb
 - lib/yaml-validator/version.rb
 - pkg/yaml-validator-0.0.1.gem
@@ -81,6 +96,7 @@ files:
 - spec/fixtures/missing_translations/he.yml
 - spec/fixtures/numbered_keys/en.yml
 - spec/fixtures/numbered_keys/he.yml
+- spec/fixtures/sanitized_html/en.yml
 - spec/fixtures/weird_pluralizations/en.yml
 - spec/fixtures/weird_pluralizations/ru.yml
 - spec/fixtures/wrong_root/en.yml
@@ -122,6 +138,7 @@ test_files:
 - spec/fixtures/missing_translations/he.yml
 - spec/fixtures/numbered_keys/en.yml
 - spec/fixtures/numbered_keys/he.yml
+- spec/fixtures/sanitized_html/en.yml
 - spec/fixtures/weird_pluralizations/en.yml
 - spec/fixtures/weird_pluralizations/ru.yml
 - spec/fixtures/wrong_root/en.yml