Author: amateja Date: Wed Jun 24 06:45:58 2009 GMT Module: packages Tag: HEAD ---- Log message: - initial
---- Files affected: packages/perl-HTML-StripScripts: perl-HTML-StripScripts.spec (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: packages/perl-HTML-StripScripts/perl-HTML-StripScripts.spec diff -u /dev/null packages/perl-HTML-StripScripts/perl-HTML-StripScripts.spec:1.1 --- /dev/null Wed Jun 24 08:45:58 2009 +++ packages/perl-HTML-StripScripts/perl-HTML-StripScripts.spec Wed Jun 24 08:45:52 2009 @@ -0,0 +1,92 @@ +# $Revision$, $Date$ +# +# Conditional build: +%bcond_without tests # do not perform "make test" +# +%include /usr/lib/rpm/macros.perl +%define pdir HTML +%define pnam StripScripts +Summary: HTML::StripScripts - Strip scripting constructs out of HTML +Summary(pl.UTF-8): HTML::StripScripts - wyciągnij konstrukcje skryptowe poza HTML +Name: perl-HTML-StripScripts +Version: 1.04 +Release: 1 +License: GPL v1+ or Artistic +Group: Development/Languages/Perl +Source0: http://www.cpan.org/modules/by-module/HTML/%{pdir}-%{pnam}-%{version}.tar.gz +# Source0-md5: aecd01e273bddbf60dca2a923163826d +URL: http://search.cpan.org/dist/HTML-StripScripts/ +BuildRequires: perl-devel >= 1:5.8.0 +BuildRequires: rpm-perlprov >= 4.1-13 +%if %{with tests} +%endif +BuildArch: noarch +BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) + +%description +This module strips scripting constructs out of HTML, leaving as much +non-scripting markup in place as possible. This allows web +applications to display HTML originating from an untrusted source +without introducing XSS (cross site scripting) vulnerabilities. + +You will probably use HTML::StripScripts::Parser rather than using +this module directly. + +The process is based on whitelists of tags, attributes and attribute +values. This approach is the most secure against disguised scripting +constructs hidden in malicious HTML documents. + +As well as removing scripting constructs, this module ensures that +there is a matching end for each start tag, and that the tags are +properly nested. + +Previously, in order to customise the output, you needed to subclass +HTML::StripScripts and override methods. Now, most customisation can +be done through the Rules option provided to new(). (See +examples/declaration/ and examples/tags/ for cases where subclassing +is necessary.) + +%description -l pl.UTF-8 +Moduł ten wyciąga konstrukcje skryptowe poza HTML zastępując je +znacznikami nieskryptowymi w każdym możliwym miejscu. Dzięki temu +aplikacje webowe mogą wyświetlać HTML pochodzący z niezaufanego źródła +bez wprowadzania wrażliwości XSS (cross site scripting). + +%prep +%setup -q -n %{pdir}-%{pnam}-%{version} + +%build +%{__perl} Makefile.PL \ + INSTALLDIRS=vendor +%{__make} + +%{?with_tests:%{__make} test} + +%install +rm -rf $RPM_BUILD_ROOT + +%{__make} pure_install \ + DESTDIR=$RPM_BUILD_ROOT + +install -d $RPM_BUILD_ROOT%{_examplesdir}/%{name}-%{version} +cp -a examples $RPM_BUILD_ROOT%{_examplesdir}/%{name}-%{version} + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%defattr(644,root,root,755) +%doc Changes README +%{perl_vendorlib}/HTML/*.pm +%{_mandir}/man3/* +%{_examplesdir}/%{name}-%{version} + +%define date %(echo `LC_ALL="C" date +"%a %b %d %Y"`) +%changelog +* %{date} PLD Team <[email protected]> +All persons listed below can be reached at <cvs_login>@pld-linux.org + +$Log$ +Revision 1.1 2009/06/24 06:45:52 amateja +- initial + ================================================================ _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
