Skip to content

Allow ASCII-8BIT string for white list sanitize. #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Allow ASCII-8BIT string for white list sanitize. #33

wants to merge 1 commit into from

Conversation

JunichiIto
Copy link

Fix this issue: #30

Also related to this issue: rails/rails#18975

@JunichiIto
Copy link
Author

Anyone??

kaspth
kaspth reviewed Feb 24, 2015
View reviewed changes
lib/rails/html/sanitizer.rb
@@ -106,7 +106,8 @@ def sanitize(html, options = {})
return unless html
return html if html.empty?

loofah_fragment = Loofah.fragment(html)
encoding = html.encoding == Encoding::ASCII_8BIT ? Encoding::UTF_8 : html.encoding
loofah_fragment = Loofah.fragment(html, encoding.name)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's do it this way:

loofah_fragment = Loofah.fragment(html, pick_encoding(html))

# later in the private methods

def pick_encoding(html)
  'UTF-8' if html.encoding == Encoding::ASCII_8BIT # Nokogiri doesn't support ASCII-8BIT
end

@kaspth
Copy link
Contributor

kaspth commented Feb 24, 2015

👍, but remember to squash your commits into one.

@kaspth kaspth mentioned this pull request Feb 24, 2015
Closed
@JunichiIto JunichiIto force-pushed the format-ascii-8bit-string branch from 7ecdc5c to 94bde5e Compare February 24, 2015 20:45
@JunichiIto
Copy link
Author

@kaspth Thank you for review. I did refactoring and squashed.

@JunichiIto
Copy link
Author

I'm looking forward to getting merged... 😚

@kaspth
Copy link
Contributor

kaspth commented Mar 1, 2015

Don't get cocky, kid 😉

Especially given the concerns on the original issue here: #30 (comment). Instead we're going to warn about the mysql gem. Thanks.

@kaspth kaspth closed this Mar 1, 2015
@JunichiIto
Copy link
Author

Wait, my main RDBMS is PostgreSQL, not MySQL.

I got this result in my Rails 4.2 app without any dependencies on MySQL.

irb(main):007:0> snp=ReferenceSnp.where.not(ref_ratio: nil).first
  ReferenceSnp Load (28.7ms)  SELECT  "reference_snps".* FROM "reference_snps" WHERE ("reference_snps"."ref_ratio" IS NOT NULL)  ORDER BY "reference_snps"."id" ASC LIMIT 1
=> #<ReferenceSnp id: 201, rs_id_number: "rs16947", ref_allele: "", alt_allele: "", ref_ratio: #<BigDecimal:7f9e69002238,'0.12E0',9(18)>, alt_ratio: nil, ref_homo: nil, hetero: nil, alt_homo: nil, created_at: "2014-10-29 09:26:13", updated_at: "2015-03-02 02:45:51", gene_id: 117, note: "メモです。\r\nメモです。", chromosome: 22, position: 42523942>
irb(main):008:0> snp.ref_ratio.to_s.encoding 
=> #<Encoding:ASCII-8BIT>
irb(main):009:0> Rails::Html::WhiteListSanitizer.new.sanitize snp.ref_ratio.to_s 
output error : unknown encoding ASCII-8BIT
=> ""

The pg gem version is 018.1. What is the root cause?

@kaspth
Copy link
Contributor

kaspth commented Mar 4, 2015

We're trying to a different approach on #34, can you try that out in your app? 😄

@JunichiIto
Copy link
Author

@kaspth I confirmed #34 fixed the problem in my app. Thanks 😃

@kaspth
Copy link
Contributor

kaspth commented Mar 6, 2015

@JunichiIto thanks, it's merged and we'll ship a version shortly 😁

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JunichiIto @kaspth