deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Rough In New Sanitizer

Browse source 
Start work (which may not pan out) on a new sanitizer. Right now, it passes
all but 1 of the HTML5lib Sanitizer's unit tests. But it doesn't do much
of anything to ensure well-formedness. This is not an issue for Maruku-processed
content, but it is a concern for <nowiki> blocks.

(One solution would be to use the HTML5lib parser on <nowiki> blocks.)

In any case, this baby is 3 times as fast as the HTML5lib sanitizer.
This commit is contained in:
Jacques Distler 2008-05-20 17:02:10 -05:00
parent f8e74e53bd
commit 800880f382
15 changed files with 3657 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

12
test/unit/chunks/nowiki_test.rb
View file

@ -12,4 +12,16 @@ class NoWikiTest < Test::Unit::TestCase
)
end
def test_markdown_nowiki
match(NoWiki, 'This sentence contains <nowiki>*raw text*</nowiki>. Do not touch!',
:plain_text => '*raw text*'
)
end
def test_no_sanitize_nowiki
match(NoWiki, 'This sentence contains <nowiki>[[test]]&<a href="a&b">shebang</a> <script>alert("xss!");</script> *foo*</nowiki>. Do not touch!',
:plain_text => '[[test]]&<a href="a&b">shebang</a> <script>alert("xss!");</script> *foo*'
)
end
end