commit rubygem-rails-html-sanitizer for openSUSE:Factory

h_root Wed, 18 Mar 2015 05:05:25 -0700

Hello community,

here is the log from the commit of package rubygem-rails-html-sanitizer for 
openSUSE:Factory checked in at 2015-03-18 13:05:00
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-rails-html-sanitizer (Old)
 and      /work/SRC/openSUSE:Factory/.rubygem-rails-html-sanitizer.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "rubygem-rails-html-sanitizer"

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/rubygem-rails-html-sanitizer/rubygem-rails-html-sanitizer.changes
        2015-02-18 12:08:35.000000000 +0100
+++ 
/work/SRC/openSUSE:Factory/.rubygem-rails-html-sanitizer.new/rubygem-rails-html-sanitizer.changes
   2015-03-18 13:05:01.000000000 +0100
@@ -1,0 +2,5 @@
+Mon Mar 16 06:51:40 UTC 2015 - co...@suse.com
+
+- updated to version 1.0.2, no changelog
+
+-------------------------------------------------------------------

Old:
----
  rails-html-sanitizer-1.0.1.gem

New:
----
  rails-html-sanitizer-1.0.2.gem

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rubygem-rails-html-sanitizer.spec ++++++
--- /var/tmp/diff_new_pack.qkUR7q/_old  2015-03-18 13:05:02.000000000 +0100
+++ /var/tmp/diff_new_pack.qkUR7q/_new  2015-03-18 13:05:02.000000000 +0100
@@ -24,7 +24,7 @@
 #
 
 Name:           rubygem-rails-html-sanitizer
-Version:        1.0.1
+Version:        1.0.2
 Release:        0
 %define mod_name rails-html-sanitizer
 %define mod_full_name %{mod_name}-%{version}
@@ -40,12 +40,12 @@
 Url:            https://github.com/rafaelfranca/rails-html-sanitizer
 Source:         http://rubygems.org/gems/%{mod_full_name}.gem
 Source1:        gem2rpm.yml
-Summary:        This gem is responsible to sanitize HTML fragments in Rails
+Summary:        HTML sanitization to Rails applications (part of Rails)
 License:        MIT
 Group:          Development/Languages/Ruby
 
 %description
-HTML sanitization to Rails applications.
+HTML sanitization for Rails applications.
 
 %prep
 

++++++ gem2rpm.yml ++++++
--- /var/tmp/diff_new_pack.qkUR7q/_old  2015-03-18 13:05:02.000000000 +0100
+++ /var/tmp/diff_new_pack.qkUR7q/_new  2015-03-18 13:05:02.000000000 +0100
@@ -1,74 +1,5 @@
 # ---
-# ## used by gem2rpm
 :summary: HTML sanitization to Rails applications (part of Rails)
-# ## used by gem2rpm
-# :description: |-
-#   this is a custom description
-#
-#   it can be multiline
-# ## used by gem2rpm
-# :license: MIT or Ruby
-# ## used by gem2rpm and gem_packages
-# :version_suffix: -x_y
-# ## used by gem2rpm and gem_packages
-# :disable_docs: true
-# ## used by gem2rpm
-# :disable_automatic_rdoc_dep: true
-# ## used by gem2rpm
-# :preamble: |-
-#   BuildRequires: foobar
-#   Requires: foobar
-# ## used by gem2rpm
-# :patches:
-#   foo.patch: -p1
-#   bar.patch:
-# ## used by gem2rpm
-# :sources:
-# - foo.desktop
-# - bar.desktop
-# :gem_install_args: '....'
-# ## used by gem2rpm
-# :pre_install: |-
-#   %if 0%{?use_system_libev}
-#   export USE_VENDORED_LIBEV="no"
-#   %endif
-# ## used by gem2rpm
-# :post_install: |-
-#   # delete custom files here or do other fancy stuff
-#   install -D -m 0644 %{S:1} %{buildroot}%{_bindir}/gem2rpm-opensuse
-# ## used by gem2rpm
-# :testsuite_command: |-
-#   (pushd %{buildroot}%{gem_base}/gems/%{mod_full_name} && rake test)
-# ## used by gem2rpm
-# :filelist: |-
-#   /usr/bin/gem2rpm-opensuse
-# ## used by gem2rpm
-# :scripts:
-#   :post: |-
-#     /bin/echo foo
-# ## used by gem_packages
-# :main:
-#   :preamble: |-
-#     Requires: util-linux
-#     Recommends: pwgen
-#   :filelist: |-
-#     /usr/bin/gem2rpm-opensuse
-# ## used by gem_packages
-# :custom:
-#   apache:
-#     :preamble: |-
-#       Requires: .....
-#     :filelist: |-
-#       /etc/apache2/conf.d/passenger.conf
-#     :summary: Custom summary is optional
-#     :description: |-
-#       Custom description is optional
-#
-#       bar
-#     :post: |-
-#       /bin/echo foo
-#
----
 :preamble: |-
   %if 0%{?suse_version} == 1110
   %define rb_build_versions ruby21

++++++ rails-html-sanitizer-1.0.1.gem -> rails-html-sanitizer-1.0.2.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md       2014-09-25 18:06:54.000000000 +0200
+++ new/README.md       2015-03-10 21:28:27.000000000 +0100
@@ -1,9 +1,9 @@
 # Rails Html Sanitizers
 
-In Rails 5 this gem will be responsible for sanitizing HTML fragments in Rails 
applications,
-i.e. in the `sanitize`, `sanitize_css`, `strip_tags` and `strip_links` methods.
+In Rails 4.2 and above this gem will be responsible for sanitizing HTML 
fragments in Rails
+applications, i.e. in the `sanitize`, `sanitize_css`, `strip_tags` and 
`strip_links` methods.
 
-Include it in your Gemfile now to test for any incompatibilities and enjoy a 
safer and cleaner future.
+Rails Html Sanitizer is only intended to be used with Rails applications. If 
you need similar functionality in non Rails apps consider using 
[Loofah](https://github.com/flavorjones/loofah) directly (that's what handles 
sanitization under the hood).
 
 ## Installation
 
Files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rails/html/sanitizer/version.rb 
new/lib/rails/html/sanitizer/version.rb
--- old/lib/rails/html/sanitizer/version.rb     2014-09-25 18:06:54.000000000 
+0200
+++ new/lib/rails/html/sanitizer/version.rb     2015-03-10 21:28:27.000000000 
+0100
@@ -1,7 +1,7 @@
 module Rails
   module Html
     class Sanitizer
-      VERSION = "1.0.1"
+      VERSION = "1.0.2"
     end
   end
 end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rails/html/sanitizer.rb 
new/lib/rails/html/sanitizer.rb
--- old/lib/rails/html/sanitizer.rb     2014-09-25 18:06:54.000000000 +0200
+++ new/lib/rails/html/sanitizer.rb     2015-03-10 21:28:27.000000000 +0100
@@ -28,7 +28,7 @@
 
         Loofah.fragment(html).tap do |fragment|
           remove_xpaths(fragment, XPATHS_TO_REMOVE)
-        end.text
+        end.text(options)
       end
     end
 
@@ -120,7 +120,7 @@
           loofah_fragment.scrub!(:strip)
         end
 
-        loofah_fragment.to_s
+        properly_encode(loofah_fragment, encoding: 'UTF-8')
       end
 
       def sanitize_css(style_string)
@@ -136,6 +136,10 @@
       def allowed_attributes(options)
         options[:attributes] || self.class.allowed_attributes
       end
+
+      def properly_encode(fragment, options)
+        fragment.xml? ? fragment.to_xml(options) : fragment.to_html(options)
+      end
     end
   end
 end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata        2014-09-25 18:06:54.000000000 +0200
+++ new/metadata        2015-03-10 21:28:27.000000000 +0100
@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails-html-sanitizer
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - Rafael Mendonça França
@@ -9,7 +9,7 @@
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-09-25 00:00:00.000000000 Z
+date: 2015-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: loofah
@@ -81,7 +81,7 @@
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: HTML sanitization to Rails applications
+description: HTML sanitization for Rails applications
 email:
 - rafaelmfra...@gmail.com
 - kas...@gmail.com
@@ -118,7 +118,7 @@
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.1
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: This gem is responsible to sanitize HTML fragments in Rails 
applications.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/test/sanitizer_test.rb new/test/sanitizer_test.rb
--- old/test/sanitizer_test.rb  2014-09-25 18:06:54.000000000 +0200
+++ new/test/sanitizer_test.rb  2015-03-10 21:28:27.000000000 +0100
@@ -104,6 +104,11 @@
     assert_equal "Frozen string with no tags", full_sanitize("Frozen string 
with no tags".freeze)
   end
 
+  def test_full_sanitize_allows_turning_off_encoding_special_chars
+    assert_equal '&amp;', full_sanitize('&')
+    assert_equal '&', full_sanitize('&', encode_special_chars: false)
+  end
+
   def test_strip_links_with_tags_in_tags
     expected = "a href='hello'&gt;all <b>day</b> long/a&gt;"
     input = "<<a>a href='hello'>all <b>day</b> long<</A>/a>"
@@ -173,7 +178,7 @@
   end
 
   def test_should_allow_anchors
-    assert_sanitized %(<a href="foo" onclick="bar"><script>baz</script></a>), 
%(<a href=\"foo\">baz</a>)
+    assert_sanitized %(<a href="foo" onclick="bar"><script>baz</script></a>), 
%(<a href=\"foo\"></a>)
   end
 
   def test_video_poster_sanitization
@@ -441,6 +446,13 @@
     assert_sanitized %(<a href="http&#x3A;//legit">), %(<a 
href="http://legit";>)
   end
 
+  def test_sanitize_ascii_8bit_string
+    white_list_sanitize('<a>hello</a>'.encode('ASCII-8BIT')).tap do |sanitized|
+      assert_equal '<a>hello</a>', sanitized
+      assert_equal Encoding::UTF_8, sanitized.encoding
+    end
+  end
+
 protected
 
   def xpath_sanitize(input, options = {})
@@ -472,7 +484,7 @@
   end
 
   def scope_allowed_tags(tags)
-    Rails::Html::WhiteListSanitizer.allowed_tags = %w(u)
+    Rails::Html::WhiteListSanitizer.allowed_tags = tags
     yield Rails::Html::WhiteListSanitizer.new
 
   ensure

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit rubygem-rails-html-sanitizer for openSUSE:Factory

Reply via email to