Sha256: 0d8abe964b327964db8cdbfc81549d4ef7e43baf96fcc2ec1672416c5469f57a

Contents?: true

Size: 635 Bytes

Versions: 4

Compression:

Stored size: 635 Bytes

Contents

# coding: utf-8
# frozen_string_literal: true
require 'set'

module Loofah
  #
  #  constants related to working around unhelpful libxml2 behavior
  #
  #  ಠ_ಠ
  #
  module LibxmlWorkarounds
    #
    #  these attributes and qualifying parent tags are determined by the code at:
    #
    #    https://git.gnome.org/browse/libxml2/tree/HTMLtree.c?h=v2.9.2#n714
    #
    #  see comments about CVE-2018-8048 within the tests for more information
    #
    BROKEN_ESCAPING_ATTRIBUTES = Set.new %w[
        href
        action
        src
        name
      ]
    BROKEN_ESCAPING_ATTRIBUTES_QUALIFYING_TAG = {"name" => "a"}
  end
end

Version data entries

4 entries across 4 versions & 4 rubygems

Version Path
argon-1.3.1 vendor/bundle/ruby/2.7.0/gems/loofah-2.4.0/lib/loofah/html5/libxml2_workarounds.rb
symbolic_enum-1.1.5 vendor/bundle/ruby/2.7.0/gems/loofah-2.4.0/lib/loofah/html5/libxml2_workarounds.rb
zuora_connect_ui-0.10.0 vendor/ruby/2.6.0/gems/loofah-2.4.0/lib/loofah/html5/libxml2_workarounds.rb
loofah-2.4.0 lib/loofah/html5/libxml2_workarounds.rb