Aditya Kapoor
7ddaf10fcb
[ci skip] /javascript/ ~> JavaScript
2014-06-17 02:07:07 +05:30
Timm
6cb6290f5d
Make output_buffers used in tests be utf-8 encoded. Fixing unknown encoding ASCII-8BIT test errors.
2014-06-16 21:04:25 +02:00
Timm
bcd71b4c9a
Don't splat arguments to allowed tags or attributes.
2014-06-16 21:04:24 +02:00
Timm
e438c090ae
Change sanitizer_vendor to just be a method and reword documentation.
2014-06-16 21:04:24 +02:00
Timm
d4cd7e2a44
Revert some stuff to use the new sanitizers.
2014-06-16 21:04:24 +02:00
Timm
33019a321c
Remove html-scanner and its tests.
2014-06-16 21:04:23 +02:00
Timm
017ddc6e24
Remove deprecation notice.
2014-06-16 21:04:23 +02:00
Timm
427f3f90d4
Add a layer of indirection making sanitizers pluggable.
2014-06-16 21:04:23 +02:00
Timm
5d3a29229b
Delegate allowed tags and attributes setting to HTML::WhiteListSanitizer.
2014-06-16 21:04:22 +02:00
Timm
7587632b93
Changed configuration documentation to no longer state it replaces a Set.
2014-06-16 21:04:22 +02:00
Timm
13da2788f3
Deprecate configurations and use allowed_tags and allowed_attributes on WhiteListSanitizer.
2014-06-16 21:04:22 +02:00
Timm
2a7f13ebf8
Made deprecation messages in sanitize_helper more clear.
2014-06-16 21:04:21 +02:00
Timm
38620e1bed
Completed integration of rails-html-sanitizer in SanitizeHelper. Deprecated protocol_separator accessors and bad_tags=.
2014-06-16 21:04:20 +02:00
Timm
50347b15fe
Updated html-scanner deprecation message.
2014-06-16 21:04:20 +02:00
Timm
83f1563ee6
Support for changes in SelectorAssertions.
2014-06-16 21:04:19 +02:00
Timm
5dc57db4b5
Required rails-dom-testing in test_case.rb
2014-06-16 21:04:18 +02:00
Timm
c287572d21
Removed ActionView::Assertions. Getting ready to exchange with Rails::Dom::Testing::Assertions.
2014-06-16 21:04:17 +02:00
Timm
68e08fe8c9
Silenced deprecation warnings in the tests. Documentation uses present tense. Changed deprecation message to not use you. Also returning from rescue block in catch_invalid_selector to abort reraising the exception.
2014-06-16 21:04:16 +02:00
Timm
9ef95a7019
Added deprecation warning for invalid selectors and skipping assertions.
2014-06-16 21:04:16 +02:00
Timm
ddc24fda90
Changed PermitScrubber's direction to bottom up to align better with Loofah's strip scrubber.
2014-06-16 21:04:14 +02:00
Timm
7f9106d5d9
Now only requiring Loofah in the places where it is needed.
2014-06-16 21:04:14 +02:00
Timm
19406dad7d
Minor rewording in TargetScrubber documentation.
2014-06-16 21:04:14 +02:00
Timm
dd19557551
Stylistic improvements in ActionView::Assertions::DomAssertions.
2014-06-16 21:04:13 +02:00
Timm
0a0d151bb8
Now returning html if html is blank? in FullSanitizer and WhiteListSanitizer. This means it'll return false if called with false, however that is not a valid use case.
2014-06-16 21:04:13 +02:00
Timm
5430487d85
Stylistic improvements. Some light documentation for remove_xpaths.
2014-06-16 21:04:13 +02:00
Timm
170f414928
Removed require's for html-scanner.
2014-06-16 21:04:12 +02:00
Timm
cb865e1a7b
Removed dom_assertion method since it created bugs.
2014-06-16 21:04:12 +02:00
Timm
01e6e1d491
Fixed uninitialized constant ActionView::HTML error entered after recent git rebase.
2014-06-16 21:04:12 +02:00
Timm
7f7a1b5d6b
Removed unnecessary documentation in DomAssertions.
2014-06-16 21:04:11 +02:00
Timm
97d20b1417
Removed case statement in equal_children? used child.element? instead.
2014-06-16 21:04:11 +02:00
Timm
905d2bc605
Reworked some internal documentation for equal_attribute_nodes?.
2014-06-16 21:04:11 +02:00
Timm
d6067e8193
Changed attributes_are_equal? to equal_attribute_nodes? which takes attribute_nodes instead of nodes.
2014-06-16 21:04:10 +02:00
Timm
73c690d4fd
Removed html_strings variable, no splat operator needed.
2014-06-16 21:04:10 +02:00
Timm
bab54e4e52
Changed back to =~ or == comparison in HTMLSelector filter.
2014-06-16 21:04:10 +02:00
Timm
62171784fe
Simplified the removal of xpaths in remove_xpaths. Added more tests for remove_xpaths.
2014-06-16 21:04:10 +02:00
Timm
c1a7864930
Fixed: added apostrophe to possessive noun.
2014-06-16 21:04:09 +02:00
Timm
5169b00330
Extracted: create Regexp from match_with and use =~ to compare instead of checking .is_a? Regexp every time through the loop.
2014-06-16 21:04:09 +02:00
Timm
e600b3a341
Changed conditional check in filter. Removed weird comments.
2014-06-16 21:04:09 +02:00
Timm
4b55c0aa2e
Moved: initial assignment of @selector_is_second_argument is now in initialize.
2014-06-16 21:04:09 +02:00
Timm
cabef1415a
Changed: using duck typing instead of requiring subclasses of Node and NodeSet.
2014-06-16 21:04:08 +02:00
Timm
65ed2b6371
Renamed: HTMLSelector css_selector to selector.
2014-06-16 21:04:08 +02:00
Timm
9a536bc195
Removed unnecessary lines from HTMLSelector initialize.
2014-06-16 21:04:08 +02:00
Timm
ce4396b366
Changed: put selector extraction into selector_from, which is renamed to extract_selector.
2014-06-16 21:04:08 +02:00
Timm
20615ec7e6
Changed: HTMLSelector comparisons renamed to equality_tests.
2014-06-16 21:04:08 +02:00
Timm
71aaddbd14
Changed: removed @selected and @page variables from HTMLSelector since one method used them. Passed the values directly to there instead.
2014-06-16 21:04:07 +02:00
Timm
75789d5326
Changed: return early from compare_doms if the two doms don't have the same number of children.
2014-06-16 21:04:07 +02:00
Timm
97c5e6fa02
Changed: remove_xpaths called with String returns String, while called with Loofah fragment returns Loofah fragment. Added tests for this.
2014-06-16 21:04:07 +02:00
Timm
9dac1e8b8f
Removed duplication in assert_dom_equal and assert_dom_not_equal.
2014-06-16 21:04:06 +02:00
Timm
86c6f5b1d9
Changed wording of missing selector argument exception message in css_select.
2014-06-16 21:04:06 +02:00
Timm
bffa6469b7
Reworked root and selector conditional assignment in css_select.
2014-06-16 21:04:06 +02:00
Timm
53f25ae348
Removed :nodoc: from PermitScrubber.
2014-06-16 21:04:05 +02:00
Timm
d6a6d42e7e
Reworked documentation for PermitScrubber and TargetScrubber.
2014-06-16 21:04:05 +02:00
Timm
349230e823
Fixed: spelling error.
2014-06-16 21:04:04 +02:00
Timm
b13d22bff5
Initialized tags and attributes to nil.
2014-06-16 21:04:04 +02:00
Timm
39df4028a2
Refactored scrub to keep_node? instead of scrub_node calling it. Also added ability to stop traversing by returning STOP from scrub_node.
2014-06-16 21:04:04 +02:00
Timm
557806f402
Changed PermitScrubber to be even more extensible. Updated TargetScrubber to be compliant. Updated documentation for PermitScrubber and TargetScrubber for clarity.
2014-06-16 21:04:04 +02:00
Timm
ea57c7cc85
Changed PermitScrubbers documentation to list override points for subclasses. Renamed should_remove_attributes? to should_scrub_attributes?.
2014-06-16 21:04:03 +02:00
Timm
ac0d778fe9
Already killed off LinkScrubber. Changed it instead to be TargetScrubber, which is more general, while still allowing maximum code reuse.
2014-06-16 21:04:03 +02:00
Timm
1cdc511b90
Added LinkScrubber to remove duplication in LinkSanitizer. As such made PermitScrubber easier to subclass.
2014-06-16 21:04:03 +02:00
Timm
739ecdf753
Changed FullSanitizer sanitize to use tap method instead of temporary variable.
2014-06-16 21:04:03 +02:00
Timm
d1de087467
Extracted the common xpaths to remove into XPATHS_TO_REMOVE.
2014-06-16 21:04:03 +02:00
Timm
945e7f529e
Refactored remove_xpaths to use duck typing and read better.
2014-06-16 21:04:02 +02:00
Timm
f428aeaa19
Changed explanation for no duck typing of custom scrubbers.
2014-06-16 21:04:02 +02:00
Timm
dea8ddbca1
Removed copyright notice since we aren't relying on html-scanner anymore.
2014-06-16 21:04:01 +02:00
Timm
09454dcca9
Removed require for active_support/core_ext/object/inclusion since in? isn't used anywhere.
2014-06-16 21:04:01 +02:00
Timm
95c517b6d6
Moved Dom and Selector assertions from ActionDispatch to ActionView.
2014-06-16 21:04:01 +02:00
Kuldeep Aggarwal
4db09e6f6c
[ci skip] correct output for asset_helper methods
...
see cc255d3
2014-06-16 23:05:11 +05:30
Timm
37ac1c45a3
Replaced html-scanner with Loofah.
2014-06-15 23:41:00 +02:00
Timm
42f0198148
Updated documentation to tell that a custom scrubber takes precedence.
2014-06-15 23:40:54 +02:00
Timm
dad96eff0d
Updated the documentation to reflect the scrubber option.
2014-06-15 23:40:54 +02:00
Timm
8fdf86c5f7
Marked the private API as not needing code documentation.
2014-06-15 23:40:54 +02:00
Timm
6241bb8cf4
Added ability to pass a custom scrubber to sanitize. Includes test coverage.
2014-06-15 23:40:54 +02:00
Timm
c88d573739
Moved requiring of Loofah from sanitizers.rb to action_view.rb.
2014-06-15 23:40:53 +02:00
Timm
4fbec83ff4
Added ActionView::Sanitizer and moved remove_xpaths to there.
2014-06-15 23:40:17 +02:00
Timm
40bbb4914f
Added comment removal. Changed definitation of remove_xpaths to not use a splat operator.
2014-06-15 23:39:04 +02:00
Timm
68f75b9795
Extracted the xpath removals into some new API that allows users to remove xpath subtrees.
2014-06-15 23:35:27 +02:00
Timm
55b453f295
Added removal of script tags to WhiteListSanitizer.
2014-06-15 23:35:26 +02:00
Timm
5dfd394c4d
Added guard clauses to FullSanitizer.
2014-06-15 23:35:25 +02:00
Timm
91712cc11d
bad_tags include form since we remove it. Also to prevent a should_allow_form_tag test creation.
2014-06-15 23:35:25 +02:00
Timm
167e998f61
Removed the contains_bad_protocols? method as well as the tests for it. Loofah already deals with this.
2014-06-15 23:35:25 +02:00
Timm
3e4ae8e5a2
Reordered form removal with stripping.
2014-06-15 23:35:24 +02:00
Timm
2622da1758
Added PermitScrubber which allows you to permit elements for sanitization.
2014-06-15 23:35:24 +02:00
Timm
d4d13925d3
Removed duplication in the deprecated methods.
2014-06-15 23:35:24 +02:00
Aditya Kapoor
c782641002
remove unnecessary substitution for space in ActionView::Helpers#debug
2014-06-14 15:22:09 +05:30
Matthew Draper
c28e436aae
Merge pull request #15693 from pdg137/enforce_utf8
...
In actionview, eliminate calls to tag that use html_safe parameter values.
2014-06-14 06:33:21 +09:30
Paul Grayson
19af434840
In actionview, eliminate calls to tag that use html_safe parameter values. This is generally unnecessary, since tag handles string quoting, except in one case (utf8_enforcer_tag) where we want to specify the encoding ourselves.
2014-06-13 12:55:55 -07:00
Zachary Scott
1ecc0106ae
Builder source code is still available on github [ci skip]
...
This was also removed from #15542
2014-06-13 10:12:20 -07:00
Matthew Draper
6857415187
Merge pull request #15654 from pdg137/master
...
In tag helper, honor html_safe on arrays; also make safe_join more similar to Array.join
2014-06-13 08:52:44 +09:30
Paul Grayson
bcab3f20da
In tag helper, honor html_safe on array parameters; also make safe_join more similar to Array.join by first calling flatten.
2014-06-12 15:30:40 -07:00
Yves Senn
8f247871bb
Merge pull request #15590 from zuhao/refactor_actionview_register_template_handler
...
Add unregister_template_handler to prevent leaks.
Conflicts:
actionview/CHANGELOG.md
2014-06-12 14:06:59 +02:00
Zuhao Wan
a1dbb4e7e0
Add unregister_template_handler to prevent leaks.
2014-06-12 18:49:40 +08:00
Timm
c94e24fbe7
Added Loofah as a dependency in actionview.gemspec.
...
Implemented ActionView: FullSanitizer, LinkSanitizer and WhiteListSanitizer in sanitizers.rb.
Deprecated protocol_separator and bad_tags.
Added new tests in sanitizers_test.rb and reimplemented assert_dom_equal with Loofah.
2014-06-11 17:53:28 +02:00
Aditya Kapoor
9505a21f42
[ci skip] Fix doc for javascript_helper
2014-06-11 01:29:17 +05:30
Akshay Vishnoi
294ddff512
[ci skip] Add Docs for strip_insignificant_zeros option in number helpers
2014-06-10 23:07:49 +05:30
Akshay Vishnoi
9bb0f1e08a
[ci skip] Correct output and use valid options of number helpers
2014-06-10 22:16:13 +05:30
Jiri Pospisil
f62ec6cb2d
Fix cache_digest rake tasks
...
Bring cache_digests:* rake tasks up-to-date with the API changes introduced in
637bb726cac60aaa1f7e482836458aa73e17fbb7
2014-06-10 13:52:36 +02:00
Arthur Nogueira Neves
a6c8cde835
Merge pull request #15542 from Gaurav2728/gaurav-remove_shutdown_link
...
remove rubyforge.org that was shut down [ci skip]
2014-06-06 19:50:54 -05:00
Matthew Draper
fadbc7c9ee
Unwrap another html_escape
...
/cc @tenderlove
2014-06-07 10:13:00 +09:30
Aaron Patterson
17fc6f16eb
eliminate more wasteful allocations
2014-06-06 15:29:03 -07:00
Gaurav Sharma
19ef270923
remove rubyforge.org that was shut down [ci skip]
2014-06-06 22:26:56 +05:30