Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
4aff8238
Commit
4aff8238
authored
Feb 23, 2021
by
Mikołaj Wawrzyniak
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'fix-rubocop-offenses' into 'master'
Fix RuboCop offenses See merge request gitlab-org/gitlab!54851
parents
07c16eec
f1ecf2b7
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
17 additions
and
17 deletions
+17
-17
lib/banzai/filter/sanitization_filter.rb
lib/banzai/filter/sanitization_filter.rb
+3
-3
spec/lib/banzai/filter/sanitization_filter_spec.rb
spec/lib/banzai/filter/sanitization_filter_spec.rb
+14
-14
No files found.
lib/banzai/filter/sanitization_filter.rb
View file @
4aff8238
...
...
@@ -12,8 +12,8 @@ module Banzai
def
customize_allowlist
(
allowlist
)
# Allow table alignment; we allow specific text-align values in a
# transformer below
allowlist
[
:attributes
][
'th'
]
=
%w
(style)
allowlist
[
:attributes
][
'td'
]
=
%w
(style)
allowlist
[
:attributes
][
'th'
]
=
%w
[style]
allowlist
[
:attributes
][
'td'
]
=
%w
[style]
allowlist
[
:css
]
=
{
properties:
[
'text-align'
]
}
# Allow the 'data-sourcepos' from CommonMark on all elements
...
...
@@ -25,7 +25,7 @@ module Banzai
# Allow `id` in a and li elements for footnotes
# and remove any `id` properties not matching for footnotes
allowlist
[
:attributes
][
'a'
].
push
(
'id'
)
allowlist
[
:attributes
][
'li'
]
=
%w
(id)
allowlist
[
:attributes
][
'li'
]
=
%w
[id]
allowlist
[
:transformers
].
push
(
self
.
class
.
remove_non_footnote_ids
)
allowlist
...
...
spec/lib/banzai/filter/sanitization_filter_spec.rb
View file @
4aff8238
...
...
@@ -33,14 +33,14 @@ RSpec.describe Banzai::Filter::SanitizationFilter do
end
it
'sanitizes `class` attribute from all elements'
do
act
=
%q
{<pre class="code highlight white c"><code><span class="k">def</span></code></pre>}
exp
=
%q
{<pre><code><span class="k">def</span></code></pre>}
act
=
%q
(<pre class="code highlight white c"><code><span class="k">def</span></code></pre>)
exp
=
%q
(<pre><code><span class="k">def</span></code></pre>)
expect
(
filter
(
act
).
to_html
).
to
eq
exp
end
it
'sanitizes `class` attribute from non-highlight spans'
do
act
=
%q
{<span class="k">def</span>}
expect
(
filter
(
act
).
to_html
).
to
eq
%q
{<span>def</span>}
act
=
%q
(<span class="k">def</span>)
expect
(
filter
(
act
).
to_html
).
to
eq
%q
(<span>def</span>)
end
it
'allows `text-align` property in `style` attribute on table elements'
do
...
...
@@ -82,12 +82,12 @@ RSpec.describe Banzai::Filter::SanitizationFilter do
end
it
'allows `span` elements'
do
exp
=
act
=
%q
{<span>Hello</span>}
exp
=
act
=
%q
(<span>Hello</span>)
expect
(
filter
(
act
).
to_html
).
to
eq
exp
end
it
'allows `abbr` elements'
do
exp
=
act
=
%q
{<abbr title="HyperText Markup Language">HTML</abbr>}
exp
=
act
=
%q
(<abbr title="HyperText Markup Language">HTML</abbr>)
expect
(
filter
(
act
).
to_html
).
to
eq
exp
end
...
...
@@ -132,7 +132,7 @@ RSpec.describe Banzai::Filter::SanitizationFilter do
end
it
'allows the `data-sourcepos` attribute globally'
do
exp
=
%q
{<p data-sourcepos="1:1-1:10">foo/bar.md</p>}
exp
=
%q
(<p data-sourcepos="1:1-1:10">foo/bar.md</p>)
act
=
filter
(
exp
)
expect
(
act
.
to_html
).
to
eq
exp
...
...
@@ -140,41 +140,41 @@ RSpec.describe Banzai::Filter::SanitizationFilter do
describe
'footnotes'
do
it
'allows correct footnote id property on links'
do
exp
=
%q
{<a href="#fn1" id="fnref1">foo/bar.md</a>}
exp
=
%q
(<a href="#fn1" id="fnref1">foo/bar.md</a>)
act
=
filter
(
exp
)
expect
(
act
.
to_html
).
to
eq
exp
end
it
'allows correct footnote id property on li element'
do
exp
=
%q
{<ol><li id="fn1">footnote</li></ol>}
exp
=
%q
(<ol><li id="fn1">footnote</li></ol>)
act
=
filter
(
exp
)
expect
(
act
.
to_html
).
to
eq
exp
end
it
'removes invalid id for footnote links'
do
exp
=
%q
{<a href="#fn1">link</a>}
exp
=
%q
(<a href="#fn1">link</a>)
%w[fnrefx test xfnref1]
.
each
do
|
id
|
act
=
filter
(
%
Q{<a href="#fn1" id="
#{
id
}
">link</a>}
)
act
=
filter
(
%
(<a href="#fn1" id="#{id}">link</a>)
)
expect
(
act
.
to_html
).
to
eq
exp
end
end
it
'removes invalid id for footnote li'
do
exp
=
%q
{<ol><li>footnote</li></ol>}
exp
=
%q
(<ol><li>footnote</li></ol>)
%w[fnx test xfn1]
.
each
do
|
id
|
act
=
filter
(
%
Q{<ol><li id="
#{
id
}
">footnote</li></ol>}
)
act
=
filter
(
%
(<ol><li id="#{id}">footnote</li></ol>)
)
expect
(
act
.
to_html
).
to
eq
exp
end
end
it
'allows footnotes numbered higher than 9'
do
exp
=
%q
{<a href="#fn15" id="fnref15">link</a><ol><li id="fn15">footnote</li></ol>}
exp
=
%q
(<a href="#fn15" id="fnref15">link</a><ol><li id="fn15">footnote</li></ol>)
act
=
filter
(
exp
)
expect
(
act
.
to_html
).
to
eq
exp
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment