Sha256: f90fd2d2ffd7dd85c3bbf843907c53d58c6a8ba4c47b6b240829e762cb474e9d

Contents?: true

Size: 812 Bytes

Versions: 25

Compression:

Stored size: 812 Bytes

Contents

# coding: utf-8
# frozen_string_literal: true
require "set"

module Loofah
  #
  #  constants related to working around unhelpful libxml2 behavior
  #
  #  ಠ_ಠ
  #
  module LibxmlWorkarounds
    #
    #  these attributes and qualifying parent tags are determined by the code at:
    #
    #    https://git.gnome.org/browse/libxml2/tree/HTMLtree.c?h=v2.9.2#n714
    #
    #  see comments about CVE-2018-8048 within the tests for more information
    #
    BROKEN_ESCAPING_ATTRIBUTES = Set.new %w[
                                           href
                                           action
                                           src
                                           name
                                         ]
    BROKEN_ESCAPING_ATTRIBUTES_QUALIFYING_TAG = { "name" => "a" }
  end
end

Version data entries

25 entries across 23 versions & 4 rubygems

Version Path
loofah-2.9.0 lib/loofah/html5/libxml2_workarounds.rb
loofah-2.8.0 lib/loofah/html5/libxml2_workarounds.rb
loofah-2.7.0 lib/loofah/html5/libxml2_workarounds.rb
loofah-2.6.0 lib/loofah/html5/libxml2_workarounds.rb
loofah-2.5.0 lib/loofah/html5/libxml2_workarounds.rb