diff --git a/CHANGELOG.md b/CHANGELOG.md index b3de2011..544e30b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,13 @@ * CSS hex values are no longer limited to lowercase hex. Previously uppercase hex were scrubbed. [#165] (Thanks, @asok!) +### Deprecations / Name Changes + +* Deprecate `Loofah::Helpers::ActionView.white_list_sanitizer`, please use `Loofah::Helpers::ActionView.safe_list_sanitizer` instead. +* Deprecate `Loofah::Helpers::ActionView::WhiteListSanitizer`, please use `Loofah::Helpers::ActionView::SafeListSanitizer` instead. +* Deprecate `Loofah::HTML5::WhiteList`, please use `Loofah::HTML5::SafeList` instead. + + ## 2.2.3 / 2018-10-30 ### Security diff --git a/Manifest.txt b/Manifest.txt index 37b67859..fc270a94 100644 --- a/Manifest.txt +++ b/Manifest.txt @@ -17,7 +17,7 @@ lib/loofah/html/document.rb lib/loofah/html/document_fragment.rb lib/loofah/html5/libxml2_workarounds.rb lib/loofah/html5/scrub.rb -lib/loofah/html5/whitelist.rb +lib/loofah/html5/safelist.rb lib/loofah/instance_methods.rb lib/loofah/metahelpers.rb lib/loofah/scrubber.rb diff --git a/README.md b/README.md index 5acecd5f..1eb9ccc7 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization (XSS prevention). It includes some -nice HTML sanitizers, which are based on HTML5lib's whitelist, so it +nice HTML sanitizers, which are based on HTML5lib's safelist, so it most likely won't make your codes less secure. (These statements have not been evaluated by Netexperts.) @@ -29,7 +29,7 @@ ActiveRecord extensions for sanitization are available in the ## Features -* Easily write custom scrubbers for HTML/XML leveraging the sweetness of Nokogiri (and HTML5lib's whitelists). +* Easily write custom scrubbers for HTML/XML leveraging the sweetness of Nokogiri (and HTML5lib's safelists). * Common HTML sanitizing tasks are built-in: * _Strip_ unsafe tags, leaving behind only the inner text. * _Prune_ unsafe tags and their subtrees, removing all traces that they ever existed. @@ -221,7 +221,7 @@ Loofah.xml_document(File.read('plague.xml')).scrub!(bring_out_your_dead) === Built-In HTML Scrubbers Loofah comes with a set of sanitizing scrubbers that use HTML5lib's -whitelist algorithm: +safelist algorithm: ``` ruby doc.scrub!(:strip) # replaces unknown/unsafe tags with their inner text diff --git a/Rakefile b/Rakefile index 900e21e1..980faca6 100644 --- a/Rakefile +++ b/Rakefile @@ -70,9 +70,9 @@ task :doc_upload_to_rubyforge => :docs do end end -desc "generate whitelists from W3C specifications" -task :generate_whitelists do - load "tasks/generate-whitelists" +desc "generate safelists from W3C specifications" +task :generate_safelists do + load "tasks/generate-safelists" end Concourse.new("loofah", fly_target: "ci") do |c| diff --git a/lib/loofah.rb b/lib/loofah.rb index 836ec760..56634188 100644 --- a/lib/loofah.rb +++ b/lib/loofah.rb @@ -5,7 +5,7 @@ require 'loofah/metahelpers' require 'loofah/elements' -require 'loofah/html5/whitelist' +require 'loofah/html5/safelist' require 'loofah/html5/libxml2_workarounds' require 'loofah/html5/scrub' diff --git a/lib/loofah/helpers.rb b/lib/loofah/helpers.rb index 9f346951..4cdfa3a3 100644 --- a/lib/loofah/helpers.rb +++ b/lib/loofah/helpers.rb @@ -46,8 +46,13 @@ def full_sanitizer @full_sanitizer ||= ::Loofah::Helpers::ActionView::FullSanitizer.new end + def safe_list_sanitizer + @safe_list_sanitizer ||= ::Loofah::Helpers::ActionView::SafeListSanitizer.new + end + def white_list_sanitizer - @white_list_sanitizer ||= ::Loofah::Helpers::ActionView::WhiteListSanitizer.new + warn "warning: white_list_sanitizer is deprecated, please use safe_list_sanitizer instead." + safe_list_sanitizer end end @@ -73,13 +78,13 @@ def sanitize html, *args # # To use by default, call this in an application initializer: # - # ActionView::Helpers::SanitizeHelper.white_list_sanitizer = ::Loofah::Helpers::ActionView::WhiteListSanitizer.new + # ActionView::Helpers::SanitizeHelper.safe_list_sanitizer = ::Loofah::Helpers::ActionView::SafeListSanitizer.new # # Or, to generally opt-in to Loofah's view sanitizers: # # Loofah::Helpers::ActionView.set_as_default_sanitizer # - class WhiteListSanitizer + class SafeListSanitizer def sanitize html, *args Loofah::Helpers.sanitize html end @@ -88,6 +93,11 @@ def sanitize_css style_string, *args Loofah::Helpers.sanitize_css style_string end end + + WhiteListSanitizer = SafeListSanitizer + if Object.respond_to?(:deprecate_constant) + deprecate_constant :WhiteListSanitizer + end end end end diff --git a/lib/loofah/html5/whitelist.rb b/lib/loofah/html5/safelist.rb similarity index 99% rename from lib/loofah/html5/whitelist.rb rename to lib/loofah/html5/safelist.rb index a7bc3bb8..f7d38f26 100644 --- a/lib/loofah/html5/whitelist.rb +++ b/lib/loofah/html5/safelist.rb @@ -3,7 +3,7 @@ module Loofah module HTML5 # :nodoc: # - # HTML whitelist lifted from HTML5lib sanitizer code: + # HTML safelist lifted from HTML5lib sanitizer code: # # http://code.google.com/p/html5lib/ # @@ -44,7 +44,7 @@ module HTML5 # :nodoc: # DEALINGS IN THE SOFTWARE. # # - module WhiteList + module SafeList ACCEPTABLE_ELEMENTS = Set.new([ "a", @@ -790,6 +790,11 @@ module WhiteList ALLOWED_ELEMENTS_WITH_LIBXML2 = ALLOWED_ELEMENTS + TAGS_SAFE_WITH_LIBXML2 end - ::Loofah::MetaHelpers.add_downcased_set_members_to_all_set_constants ::Loofah::HTML5::WhiteList + WhiteList = SafeList + if Object.respond_to?(:deprecate_constant) + deprecate_constant :WhiteList + end + + ::Loofah::MetaHelpers.add_downcased_set_members_to_all_set_constants ::Loofah::HTML5::SafeList end end diff --git a/lib/loofah/html5/scrub.rb b/lib/loofah/html5/scrub.rb index 97f3bbcc..0dc51328 100644 --- a/lib/loofah/html5/scrub.rb +++ b/lib/loofah/html5/scrub.rb @@ -12,7 +12,7 @@ module Scrub class << self def allowed_element? element_name - ::Loofah::HTML5::WhiteList::ALLOWED_ELEMENTS_WITH_LIBXML2.include? element_name + ::Loofah::HTML5::SafeList::ALLOWED_ELEMENTS_WITH_LIBXML2.include? element_name end # alternative implementation of the html5lib attribute scrubbing algorithm @@ -28,31 +28,31 @@ def scrub_attributes node next end - unless WhiteList::ALLOWED_ATTRIBUTES.include?(attr_name) + unless SafeList::ALLOWED_ATTRIBUTES.include?(attr_name) attr_node.remove next end - if WhiteList::ATTR_VAL_IS_URI.include?(attr_name) + if SafeList::ATTR_VAL_IS_URI.include?(attr_name) # this block lifted nearly verbatim from HTML5 sanitization val_unescaped = CGI.unescapeHTML(attr_node.value).gsub(CONTROL_CHARACTERS,'').downcase - if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ && ! WhiteList::ALLOWED_PROTOCOLS.include?(val_unescaped.split(WhiteList::PROTOCOL_SEPARATOR)[0]) + if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ && ! SafeList::ALLOWED_PROTOCOLS.include?(val_unescaped.split(SafeList::PROTOCOL_SEPARATOR)[0]) attr_node.remove next - elsif val_unescaped.split(WhiteList::PROTOCOL_SEPARATOR)[0] == 'data' + elsif val_unescaped.split(SafeList::PROTOCOL_SEPARATOR)[0] == 'data' # permit only allowed data mediatypes - mediatype = val_unescaped.split(WhiteList::PROTOCOL_SEPARATOR)[1] + mediatype = val_unescaped.split(SafeList::PROTOCOL_SEPARATOR)[1] mediatype, _ = mediatype.split(';')[0..1] if mediatype - if mediatype && !WhiteList::ALLOWED_URI_DATA_MEDIATYPES.include?(mediatype) + if mediatype && !SafeList::ALLOWED_URI_DATA_MEDIATYPES.include?(mediatype) attr_node.remove next end end end - if WhiteList::SVG_ATTR_VAL_ALLOWS_REF.include?(attr_name) + if SafeList::SVG_ATTR_VAL_ALLOWS_REF.include?(attr_name) attr_node.value = attr_node.value.gsub(/url\s*\(\s*[^#\s][^)]+?\)/m, ' ') if attr_node.value end - if WhiteList::SVG_ALLOW_LOCAL_HREF.include?(node.name) && attr_name == 'xlink:href' && attr_node.value =~ /^\s*[^#\s].*/m + if SafeList::SVG_ALLOW_LOCAL_HREF.include?(node.name) && attr_name == 'xlink:href' && attr_node.value =~ /^\s*[^#\s].*/m attr_node.remove next end @@ -79,14 +79,14 @@ def scrub_css style style_tree.each do |node| next unless node[:node] == :property next if node[:children].any? do |child| - [:url, :bad_url].include?(child[:node]) || (child[:node] == :function && !WhiteList::ALLOWED_CSS_FUNCTIONS.include?(child[:name].downcase)) + [:url, :bad_url].include?(child[:node]) || (child[:node] == :function && !SafeList::ALLOWED_CSS_FUNCTIONS.include?(child[:name].downcase)) end name = node[:name].downcase - if WhiteList::ALLOWED_CSS_PROPERTIES.include?(name) || WhiteList::ALLOWED_SVG_PROPERTIES.include?(name) + if SafeList::ALLOWED_CSS_PROPERTIES.include?(name) || SafeList::ALLOWED_SVG_PROPERTIES.include?(name) sanitized_tree << node << CRASS_SEMICOLON - elsif WhiteList::SHORTHAND_CSS_PROPERTIES.include?(name.split('-').first) + elsif SafeList::SHORTHAND_CSS_PROPERTIES.include?(name.split('-').first) value = node[:value].split.map do |keyword| - if WhiteList::ALLOWED_CSS_KEYWORDS.include?(keyword) || keyword =~ CSS_KEYWORDISH + if SafeList::ALLOWED_CSS_KEYWORDS.include?(keyword) || keyword =~ CSS_KEYWORDISH keyword end end.compact diff --git a/lib/loofah/scrubbers.rb b/lib/loofah/scrubbers.rb index 982c5938..c6cba196 100644 --- a/lib/loofah/scrubbers.rb +++ b/lib/loofah/scrubbers.rb @@ -1,7 +1,7 @@ module Loofah # # Loofah provides some built-in scrubbers for sanitizing with - # HTML5lib's whitelist and for accomplishing some common + # HTML5lib's safelist and for accomplishing some common # transformation tasks. # # diff --git a/loofah.gemspec b/loofah.gemspec index 30293993..2a093cd4 100644 --- a/loofah.gemspec +++ b/loofah.gemspec @@ -9,10 +9,10 @@ Gem::Specification.new do |s| s.require_paths = ["lib".freeze] s.authors = ["Mike Dalessio".freeze, "Bryan Helmkamp".freeze] s.date = "2018-02-12" - s.description = "Loofah is a general library for manipulating and transforming HTML/XML\ndocuments and fragments. It's built on top of Nokogiri and libxml2, so\nit's fast and has a nice API.\n\nLoofah excels at HTML sanitization (XSS prevention). It includes some\nnice HTML sanitizers, which are based on HTML5lib's whitelist, so it\nmost likely won't make your codes less secure. (These statements have\nnot been evaluated by Netexperts.)\n\nActiveRecord extensions for sanitization are available in the\n[`loofah-activerecord` gem](https://github.com/flavorjones/loofah-activerecord).".freeze + s.description = "Loofah is a general library for manipulating and transforming HTML/XML\ndocuments and fragments. It's built on top of Nokogiri and libxml2, so\nit's fast and has a nice API.\n\nLoofah excels at HTML sanitization (XSS prevention). It includes some\nnice HTML sanitizers, which are based on HTML5lib's safelist, so it\nmost likely won't make your codes less secure. (These statements have\nnot been evaluated by Netexperts.)\n\nActiveRecord extensions for sanitization are available in the\n[`loofah-activerecord` gem](https://github.com/flavorjones/loofah-activerecord).".freeze s.email = ["mike.dalessio@gmail.com".freeze, "bryan@brynary.com".freeze] s.extra_rdoc_files = ["CHANGELOG.md".freeze, "MIT-LICENSE.txt".freeze, "Manifest.txt".freeze, "README.md".freeze, "CHANGELOG.md".freeze, "README.md".freeze] - s.files = [".gemtest".freeze, "CHANGELOG.md".freeze, "Gemfile".freeze, "MIT-LICENSE.txt".freeze, "Manifest.txt".freeze, "README.md".freeze, "Rakefile".freeze, "benchmark/benchmark.rb".freeze, "benchmark/fragment.html".freeze, "benchmark/helper.rb".freeze, "benchmark/www.slashdot.com.html".freeze, "lib/loofah.rb".freeze, "lib/loofah/elements.rb".freeze, "lib/loofah/helpers.rb".freeze, "lib/loofah/html/document.rb".freeze, "lib/loofah/html/document_fragment.rb".freeze, "lib/loofah/html5/scrub.rb".freeze, "lib/loofah/html5/whitelist.rb".freeze, "lib/loofah/instance_methods.rb".freeze, "lib/loofah/metahelpers.rb".freeze, "lib/loofah/scrubber.rb".freeze, "lib/loofah/scrubbers.rb".freeze, "lib/loofah/xml/document.rb".freeze, "lib/loofah/xml/document_fragment.rb".freeze, "test/assets/testdata_sanitizer_tests1.dat".freeze, "test/helper.rb".freeze, "test/html5/test_sanitizer.rb".freeze, "test/integration/test_ad_hoc.rb".freeze, "test/integration/test_helpers.rb".freeze, "test/integration/test_html.rb".freeze, "test/integration/test_scrubbers.rb".freeze, "test/integration/test_xml.rb".freeze, "test/unit/test_api.rb".freeze, "test/unit/test_encoding.rb".freeze, "test/unit/test_helpers.rb".freeze, "test/unit/test_scrubber.rb".freeze, "test/unit/test_scrubbers.rb".freeze] + s.files = [".gemtest".freeze, "CHANGELOG.md".freeze, "Gemfile".freeze, "MIT-LICENSE.txt".freeze, "Manifest.txt".freeze, "README.md".freeze, "Rakefile".freeze, "benchmark/benchmark.rb".freeze, "benchmark/fragment.html".freeze, "benchmark/helper.rb".freeze, "benchmark/www.slashdot.com.html".freeze, "lib/loofah.rb".freeze, "lib/loofah/elements.rb".freeze, "lib/loofah/helpers.rb".freeze, "lib/loofah/html/document.rb".freeze, "lib/loofah/html/document_fragment.rb".freeze, "lib/loofah/html5/scrub.rb".freeze, "lib/loofah/html5/safelist.rb".freeze, "lib/loofah/instance_methods.rb".freeze, "lib/loofah/metahelpers.rb".freeze, "lib/loofah/scrubber.rb".freeze, "lib/loofah/scrubbers.rb".freeze, "lib/loofah/xml/document.rb".freeze, "lib/loofah/xml/document_fragment.rb".freeze, "test/assets/testdata_sanitizer_tests1.dat".freeze, "test/helper.rb".freeze, "test/html5/test_sanitizer.rb".freeze, "test/integration/test_ad_hoc.rb".freeze, "test/integration/test_helpers.rb".freeze, "test/integration/test_html.rb".freeze, "test/integration/test_scrubbers.rb".freeze, "test/integration/test_xml.rb".freeze, "test/unit/test_api.rb".freeze, "test/unit/test_encoding.rb".freeze, "test/unit/test_helpers.rb".freeze, "test/unit/test_scrubber.rb".freeze, "test/unit/test_scrubbers.rb".freeze] s.homepage = "https://github.com/flavorjones/loofah".freeze s.licenses = ["MIT".freeze] s.rdoc_options = ["--main".freeze, "README.md".freeze] diff --git a/tasks/generate-allowlists b/tasks/generate-safelists similarity index 62% rename from tasks/generate-allowlists rename to tasks/generate-safelists index cd2b13a0..4f67258d 100755 --- a/tasks/generate-allowlists +++ b/tasks/generate-safelists @@ -28,12 +28,12 @@ dompurify_metadata.each { |k, v| puts "#{k}: #{v.keys}" } require "loofah" pairs = { - "html:tags" => [Loofah::HTML5::WhiteList::ACCEPTABLE_ELEMENTS, dompurify_metadata["tags"]["html"]], - "mathml:tags" => [Loofah::HTML5::WhiteList::MATHML_ELEMENTS, dompurify_metadata["tags"]["mathMl"]], - "svg:tags" => [Loofah::HTML5::WhiteList::SVG_ELEMENTS, dompurify_metadata["tags"]["svg"]], - "html:attrs" => [Loofah::HTML5::WhiteList::ACCEPTABLE_ATTRIBUTES, dompurify_metadata["attrs"]["html"]], - "mathml:attrs" => [Loofah::HTML5::WhiteList::MATHML_ATTRIBUTES, dompurify_metadata["attrs"]["mathMl"]], - "svg:attrs" => [Loofah::HTML5::WhiteList::SVG_ATTRIBUTES, dompurify_metadata["attrs"]["svg"]], + "html:tags" => [Loofah::HTML5::SafeList::ACCEPTABLE_ELEMENTS, dompurify_metadata["tags"]["html"]], + "mathml:tags" => [Loofah::HTML5::SafeList::MATHML_ELEMENTS, dompurify_metadata["tags"]["mathMl"]], + "svg:tags" => [Loofah::HTML5::SafeList::SVG_ELEMENTS, dompurify_metadata["tags"]["svg"]], + "html:attrs" => [Loofah::HTML5::SafeList::ACCEPTABLE_ATTRIBUTES, dompurify_metadata["attrs"]["html"]], + "mathml:attrs" => [Loofah::HTML5::SafeList::MATHML_ATTRIBUTES, dompurify_metadata["attrs"]["mathMl"]], + "svg:attrs" => [Loofah::HTML5::SafeList::SVG_ATTRIBUTES, dompurify_metadata["attrs"]["svg"]], } pairs.each do |name, v| @@ -53,4 +53,4 @@ pairs.each do |name, v| puts end -# TODO actually generate whitelists +# TODO actually generate safelists diff --git a/test/html5/test_sanitizer.rb b/test/html5/test_sanitizer.rb index c581eec9..72068afd 100755 --- a/test/html5/test_sanitizer.rb +++ b/test/html5/test_sanitizer.rb @@ -37,7 +37,7 @@ def assert_completes_in_reasonable_time &block assert_in_delta t0, Time.now, 0.1 # arbitrary seconds end - (HTML5::WhiteList::ALLOWED_ELEMENTS).each do |tag_name| + (HTML5::SafeList::ALLOWED_ELEMENTS).each do |tag_name| define_method "test_should_allow_#{tag_name}_tag" do input = "<#{tag_name} title='1'>foo bar baz" htmloutput = "<#{tag_name.downcase} title='1'>foo <bad>bar</bad> baz" @@ -58,7 +58,7 @@ def assert_completes_in_reasonable_time &block htmloutput = "foo <bad>bar</bad> baz" xhtmloutput = htmloutput rexmloutput = "foo <bad>bar</bad> baz" - elsif HTML5::WhiteList::VOID_ELEMENTS.include?(tag_name) + elsif HTML5::SafeList::VOID_ELEMENTS.include?(tag_name) htmloutput = "<#{tag_name} title='1'>foo <bad>bar</bad> baz" xhtmloutput = htmloutput htmloutput += '
' if tag_name == 'br' @@ -71,7 +71,7 @@ def assert_completes_in_reasonable_time &block ## ## libxml2 downcases elements, so this is moot. ## - # HTML5::WhiteList::ALLOWED_ELEMENTS.each do |tag_name| + # HTML5::SafeList::ALLOWED_ELEMENTS.each do |tag_name| # define_method "test_should_forbid_#{tag_name.upcase}_tag" do # input = "<#{tag_name.upcase} title='1'>foo bar baz" # output = "<#{tag_name.upcase} title=\"1\">foo <bad>bar</bad> baz</#{tag_name.upcase}>" @@ -79,7 +79,7 @@ def assert_completes_in_reasonable_time &block # end # end - HTML5::WhiteList::ALLOWED_ATTRIBUTES.each do |attribute_name| + HTML5::SafeList::ALLOWED_ATTRIBUTES.each do |attribute_name| next if attribute_name == 'style' define_method "test_should_allow_#{attribute_name}_attribute" do input = "

foo bar baz

" @@ -120,7 +120,7 @@ def test_should_allow_contenteditable ## ## libxml2 downcases attributes, so this is moot. ## - # HTML5::WhiteList::ALLOWED_ATTRIBUTES.each do |attribute_name| + # HTML5::SafeList::ALLOWED_ATTRIBUTES.each do |attribute_name| # define_method "test_should_forbid_#{attribute_name.upcase}_attribute" do # input = "

foo bar baz

" # output = "

foo <bad>bar</bad> baz

" @@ -128,7 +128,7 @@ def test_should_allow_contenteditable # end # end - HTML5::WhiteList::ALLOWED_PROTOCOLS.each do |protocol| + HTML5::SafeList::ALLOWED_PROTOCOLS.each do |protocol| define_method "test_should_allow_#{protocol}_uris" do input = %(foo) output = "foo" @@ -136,7 +136,7 @@ def test_should_allow_contenteditable end end - HTML5::WhiteList::ALLOWED_PROTOCOLS.each do |protocol| + HTML5::SafeList::ALLOWED_PROTOCOLS.each do |protocol| define_method "test_should_allow_uppercase_#{protocol}_uris" do input = %(foo) output = "foo" @@ -144,7 +144,7 @@ def test_should_allow_contenteditable end end - HTML5::WhiteList::ALLOWED_URI_DATA_MEDIATYPES.each do |data_uri_type| + HTML5::SafeList::ALLOWED_URI_DATA_MEDIATYPES.each do |data_uri_type| define_method "test_should_allow_data_#{data_uri_type}_uris" do input = %(foo) output = "foo" @@ -156,7 +156,7 @@ def test_should_allow_contenteditable end end - HTML5::WhiteList::ALLOWED_URI_DATA_MEDIATYPES.each do |data_uri_type| + HTML5::SafeList::ALLOWED_URI_DATA_MEDIATYPES.each do |data_uri_type| define_method "test_should_allow_uppercase_data_#{data_uri_type}_uris" do input = %(foo) output = "foo" @@ -179,8 +179,8 @@ def test_should_disallow_other_uri_mediatypes end - HTML5::WhiteList::SVG_ALLOW_LOCAL_HREF.each do |tag_name| - next unless HTML5::WhiteList::ALLOWED_ELEMENTS.include?(tag_name) + HTML5::SafeList::SVG_ALLOW_LOCAL_HREF.each do |tag_name| + next unless HTML5::SafeList::ALLOWED_ELEMENTS.include?(tag_name) define_method "test_#{tag_name}_should_allow_local_href" do input = %(<#{tag_name} xlink:href="#foo"/>) output = "<#{tag_name.downcase} xlink:href='#foo'>" @@ -256,7 +256,7 @@ def test_figure_element_is_valid end ## added because we don't have any coverage above on SVG_ATTR_VAL_ALLOWS_REF - HTML5::WhiteList::SVG_ATTR_VAL_ALLOWS_REF.each do |attr_name| + HTML5::SafeList::SVG_ATTR_VAL_ALLOWS_REF.each do |attr_name| define_method "test_should_allow_uri_refs_in_svg_attribute_#{attr_name}" do input = "" output = "" @@ -294,7 +294,7 @@ def test_css_high_precision_value_shorthand_css_properties assert_match %r/0.3333333334em/, sane.inner_html end - def test_css_function_sanitization_leaves_whitelisted_functions_calc + def test_css_function_sanitization_leaves_safelisted_functions_calc html = "" sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :strip).to_html) assert_match %r/calc\(5%\)/, sane.inner_html @@ -304,13 +304,13 @@ def test_css_function_sanitization_leaves_whitelisted_functions_calc assert_match %r/calc\(5%\)/, sane.inner_html end - def test_css_function_sanitization_leaves_whitelisted_functions_rgb + def test_css_function_sanitization_leaves_safelisted_functions_rgb html = '' sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :strip).to_html) assert_match %r/rgb\(255, 0, 0\)/, sane.inner_html end - def test_css_function_sanitization_leaves_whitelisted_list_style_type + def test_css_function_sanitization_leaves_safelisted_list_style_type html = "
    " sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :strip).to_html) assert_match %r/list-style-type:lower-greek/, sane.inner_html diff --git a/test/unit/test_helpers.rb b/test/unit/test_helpers.rb index 4db87010..c4bb3098 100644 --- a/test/unit/test_helpers.rb +++ b/test/unit/test_helpers.rb @@ -44,17 +44,17 @@ class UnitTestHelpers < Loofah::TestCase end end - describe "WhiteListSanitizer#sanitize" do + describe "SafeListSanitizer#sanitize" do it "calls .sanitize" do mock(Loofah::Helpers).sanitize("foobar") - Loofah::Helpers::ActionView::WhiteListSanitizer.new.sanitize "foobar" + Loofah::Helpers::ActionView::SafeListSanitizer.new.sanitize "foobar" end end - describe "WhiteListSanitizer#sanitize_css" do + describe "SafeListSanitizer#sanitize_css" do it "calls .sanitize_css" do mock(Loofah::Helpers).sanitize_css("foobar") - Loofah::Helpers::ActionView::WhiteListSanitizer.new.sanitize_css "foobar" + Loofah::Helpers::ActionView::SafeListSanitizer.new.sanitize_css "foobar" end end end