r46827 - in /trunk/libhtml-stripscripts-perl: Changes META.yml StripScripts.pm debian/changelog debian/control debian/copyright t/10basic.t
jawnsy-guest at users.alioth.debian.org
jawnsy-guest at users.alioth.debian.org
Fri Nov 6 02:22:12 UTC 2009
Author: jawnsy-guest
Date: Fri Nov 6 02:22:06 2009
New Revision: 46827
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=46827
Log:
* New upstream release
* Standards-Version 3.8.3 (no changes)
* Refresh copyright information
* Add myself to Uploaders and Copyright
* Rewrote control description
Modified:
trunk/libhtml-stripscripts-perl/Changes
trunk/libhtml-stripscripts-perl/META.yml
trunk/libhtml-stripscripts-perl/StripScripts.pm
trunk/libhtml-stripscripts-perl/debian/changelog
trunk/libhtml-stripscripts-perl/debian/control
trunk/libhtml-stripscripts-perl/debian/copyright
trunk/libhtml-stripscripts-perl/t/10basic.t
Modified: trunk/libhtml-stripscripts-perl/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libhtml-stripscripts-perl/Changes?rev=46827&op=diff
==============================================================================
--- trunk/libhtml-stripscripts-perl/Changes (original)
+++ trunk/libhtml-stripscripts-perl/Changes Fri Nov 6 02:22:06 2009
@@ -1,3 +1,8 @@
+1.05 5 Nov 2009 Fixed bug where 'false' but valid content was being ignored,
+ eg "<i>0</i>" became "<i></i>"
+ See bug https://rt.cpan.org/Public/Bug/Display.html?id=51116
+ Thanks to Jim Laney for reporting it
+
1.04 16 Nov 2007 Fixed bug where mailto links not working when
AllowHref enabled. (Thanks to Menno Blom - 'b10m').
Modified: trunk/libhtml-stripscripts-perl/META.yml
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libhtml-stripscripts-perl/META.yml?rev=46827&op=diff
==============================================================================
--- trunk/libhtml-stripscripts-perl/META.yml (original)
+++ trunk/libhtml-stripscripts-perl/META.yml Fri Nov 6 02:22:06 2009
@@ -1,14 +1,14 @@
--- #YAML:1.0
name: HTML-StripScripts
-version: 1.04
+version: 1.05
abstract: Strip scripting constructs out of HTML
license: perl
-generated_by: ExtUtils::MakeMaker version 6.32
+author:
+ - Nick Cleaton <nick at cleaton.net>, Clinton Gormley <clint at traveljury.com>
+generated_by: ExtUtils::MakeMaker version 6.42
distribution_type: module
requires:
Test::More: 0
meta-spec:
- url: http://module-build.sourceforge.net/META-spec-v1.2.html
- version: 1.2
-author:
- - Nick Cleaton <nick at cleaton.net>, Clinton Gormley <clint at traveljury.com>
+ url: http://module-build.sourceforge.net/META-spec-v1.3.html
+ version: 1.3
Modified: trunk/libhtml-stripscripts-perl/StripScripts.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libhtml-stripscripts-perl/StripScripts.pm?rev=46827&op=diff
==============================================================================
--- trunk/libhtml-stripscripts-perl/StripScripts.pm (original)
+++ trunk/libhtml-stripscripts-perl/StripScripts.pm Fri Nov 6 02:22:06 2009
@@ -3,7 +3,7 @@
use warnings FATAL => 'all';
use vars qw($VERSION);
-$VERSION = '1.04';
+$VERSION = '1.05';
=head1 NAME
@@ -513,7 +513,7 @@
if ( my $required = $tag_filters->{required} ) {
foreach my $key (@$required) {
return 0
- unless length( $filtered_attr{$key} || '' );
+ unless defined $filtered_attr{$key} && length($filtered_attr{$key});
}
}
@@ -826,7 +826,7 @@
$self->output_start("<$tagname$filtered_attrs>");
}
- if ( $entry{content} ) {
+ if ( defined $entry{content} ) {
$self->{_hssStack}[0]{CONTENT} .= $entry{content};
}
Modified: trunk/libhtml-stripscripts-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libhtml-stripscripts-perl/debian/changelog?rev=46827&op=diff
==============================================================================
--- trunk/libhtml-stripscripts-perl/debian/changelog (original)
+++ trunk/libhtml-stripscripts-perl/debian/changelog Fri Nov 6 02:22:06 2009
@@ -1,3 +1,13 @@
+libhtml-stripscripts-perl (1.05-1) UNRELEASED; urgency=low
+
+ * New upstream release
+ * Standards-Version 3.8.3 (no changes)
+ * Refresh copyright information
+ * Add myself to Uploaders and Copyright
+ * Rewrote control description
+
+ -- Jonathan Yu <jawnsy at cpan.org> Thu, 05 Nov 2009 17:46:54 -0500
+
libhtml-stripscripts-perl (1.04-2) unstable; urgency=low
[ gregor herrmann ]
Modified: trunk/libhtml-stripscripts-perl/debian/control
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libhtml-stripscripts-perl/debian/control?rev=46827&op=diff
==============================================================================
--- trunk/libhtml-stripscripts-perl/debian/control (original)
+++ trunk/libhtml-stripscripts-perl/debian/control Fri Nov 6 02:22:06 2009
@@ -2,10 +2,10 @@
Section: perl
Priority: optional
Build-Depends: debhelper (>= 7)
-Build-Depends-Indep: perl (>= 5.6.10-12), libtest-pod-perl, libtest-pod-coverage-perl
+Build-Depends-Indep: perl, libtest-pod-perl, libtest-pod-coverage-perl
Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
-Uploaders: Tim Retout <tim at retout.co.uk>
-Standards-Version: 3.8.2
+Uploaders: Tim Retout <tim at retout.co.uk>, Jonathan Yu <jawnsy at cpan.org>
+Standards-Version: 3.8.3
Homepage: http://search.cpan.org/dist/HTML-StripScripts/
Vcs-Svn: svn://svn.debian.org/pkg-perl/trunk/libhtml-stripscripts-perl/
Vcs-Browser: http://svn.debian.org/viewsvn/pkg-perl/trunk/libhtml-stripscripts-perl/
@@ -13,20 +13,18 @@
Package: libhtml-stripscripts-perl
Architecture: all
Depends: ${perl:Depends}, ${misc:Depends}
-Description: Perl module to strip scripting constructs out of HTML
- HTML::StripScripts strips scripting constructs out of HTML, leaving as
- much non-scripting markup in place as possible. This allows web
- applications to display HTML originating from an untrusted source
- without introducing XSS (cross site scripting) vulnerabilities.
+Description: module for removing scripts from HTML
+ HTML::StripScripts is a Perl module for neutralizes scripting constructs in
+ HTML, leaving as much non-scripting markup in place as possible. This allows
+ web applications to display HTML originating from an untrusted source without
+ introducing cross-site scripting (XSS) vulnerabilities.
.
- You will probably use HTML::StripScripts::Parser rather than using
- this module directly - see the libhtml-stripscripts-parser-perl
- package.
+ The process is based on whitelists of tags, attributes and attribute values.
+ This approach is the most secure against disguised scripting constructs hidden
+ in malicious HTML documents.
.
- The process is based on whitelists of tags, attributes and attribute
- values. This approach is the most secure against disguised scripting
- constructs hidden in malicious HTML documents.
+ As well as removing scripting constructs, this module ensures that there is a
+ matching end for each start tag, and that the tags are properly nested.
.
- As well as removing scripting constructs, this module ensures that
- there is a matching end for each start tag, and that the tags are
- properly nested.
+ You will probably use HTML::StripScripts::Parser rather than using this module
+ directly (see libhtml-stripscripts-parser-perl).
Modified: trunk/libhtml-stripscripts-perl/debian/copyright
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libhtml-stripscripts-perl/debian/copyright?rev=46827&op=diff
==============================================================================
--- trunk/libhtml-stripscripts-perl/debian/copyright (original)
+++ trunk/libhtml-stripscripts-perl/debian/copyright Fri Nov 6 02:22:06 2009
@@ -1,25 +1,30 @@
Format-Specification:
- http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=226
-Upstream-Name: HTML-StripScripts
+ http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=196
Upstream-Maintainer: Clinton Gormley <clint at traveljury.com>
Upstream-Source: http://search.cpan.org/dist/HTML-StripScripts/
+Upstream-Name: HTML-StripScripts
Files: *
-Copyright: Copyright (C) 2003 Nick Cleaton. All Rights Reserved.
-Copyright: Copyright (C) 2007 Clinton Gormley. All Rights Reserved.
-License: GPL-1+ | Artistic
- This module is free software; you can redistribute it and/or modify it under
- the same terms as Perl itself.
- .
- Perl is distributed under the GNU General Public License, either version 1 or
- (at your option) any later version, and the Artistic License.
- .
- On Debian systems, the complete text of the GNU General Public License can be
- found in /usr/share/common-licenses/GPL and the Artistic License in
- /usr/share/common-licenses/Artistic.
+Copyright: 2007, Clinton Gormley <clint at traveljury.com>
+ 2003, Nick Cleaton <nick at cleaton.net>
+License-Alias: Perl
+License: Artistic | GPL-1+
Files: debian/*
-Copyright: Copyright (C) 2008, 2009 Tim Retout <tim at retout.co.uk>
- 2008, gregor herrmann <gregoa at debian.org>
- 2008, Nathan Handler <nhandler at ubuntu.com>
-License: GPL-1+ | Artistic
+Copyright: 2009, Jonathan Yu <jawnsy at cpan.org>
+ 2008-2009, Tim Retout <tim at retout.co.uk>
+License: Artistic | GPL-1+
+
+License: Artistic
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the Artistic License, which comes with Perl.
+ On Debian GNU/Linux systems, the complete text of the Artistic License
+ can be found in `/usr/share/common-licenses/Artistic'
+
+License: GPL-1+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 1, or (at your option)
+ any later version.
+ On Debian GNU/Linux systems, the complete text of the GNU General
+ Public License can be found in `/usr/share/common-licenses/GPL'
Modified: trunk/libhtml-stripscripts-perl/t/10basic.t
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libhtml-stripscripts-perl/t/10basic.t?rev=46827&op=diff
==============================================================================
--- trunk/libhtml-stripscripts-perl/t/10basic.t (original)
+++ trunk/libhtml-stripscripts-perl/t/10basic.t Fri Nov 6 02:22:06 2009
@@ -1,6 +1,6 @@
use strict;
-use Test::More tests => 8;
+use Test::More tests => 9;
BEGIN { $^W = 1 }
@@ -41,3 +41,9 @@
$f->input_end_document;
is( $f->filtered_document, '<img alt="foo foo" />foo', 'img alt' );
+$f->input_start_document;
+$f->input_start('<i>');
+$f->input_text('0');
+$f->input_end('</i>');
+$f->input_end_document;
+is ($f->filtered_document,'<i>0</i>', 'false but valid content');
More information about the Pkg-perl-cvs-commits
mailing list