Discource-C/discourse
1
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-28 00:09:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #524 from ZogStriP/fix-opengraph-tags-not-fully-sanitized

Browse Source 
FIX: OpenGraph tags not fully sanitized
This commit is contained in:
Robin Ward 2013-03-22 06:41:34 -07:00
commit d5e03b02a3
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/summarize.rb
View File

@ -1,8 +1,9 @@
# Summarize a HTML field into regular text. Used currently # Summarize a HTML field into regular text. Used currently
# for meta tags # for meta tags
require 'sanitize'
class Summarize class Summarize
include ActionView::Helpers
def initialize(text) def initialize(text)
@text = text @text = text
@ -15,7 +16,7 @@ class Summarize
def summary def summary
return nil if @text.blank? return nil if @text.blank?
result = sanitize(@text, tags: [], attributes: []) result = Sanitize.clean(@text)
result.gsub!(/\n/, ' ') result.gsub!(/\n/, ' ')
result.strip! result.strip!

5
spec/components/summarize_spec.rb
View File

@ -15,6 +15,11 @@ describe Summarize do
Summarize.new("hello <b>robin</b>").summary.should == "hello robin" Summarize.new("hello <b>robin</b>").summary.should == "hello robin"
end end
it "removes doctype entries" do
# this is not valid html but this is just testing DOCTYPE entries
Summarize.new("<!DOCTYPE html>Discourse").summary.should == "Discourse"
end
it "strips leading and trailing space" do it "strips leading and trailing space" do
Summarize.new("\t \t hello \t ").summary.should == "hello" Summarize.new("\t \t hello \t ").summary.should == "hello"
end end