Merge branch 'fix/memory-leak-sanitization-filter' into 'master'

Fix a memory leak in HTML::Pipeline::SanitizationFilter::WHITELIST See merge request !6456

Merge branch 'fix/memory-leak-sanitization-filter' into 'master'
640ab307 · Yorick Peterse · bc132ba3 · ca823aba · 640ab307 · 640ab307
Commit 640ab307 authored Sep 23, 2016 by Yorick Peterse
Hide whitespace changes
Inline Side-by-side

Showing with 33 additions and 32 deletions

CHANGELOG CHANGELOG +1 -0

sanitization_filter.rb lib/banzai/filter/sanitization_filter.rb +32 -32

No files found.
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,7 @@ v 8.13.0 (unreleased)
  - Speed-up group milestones show page
 v 8.12.1 (unreleased)
+  - Fix a memory leak in HTML::Pipeline::SanitizationFilter::WHITELIST
 v 8.12.0
  - Update the rouge gem to 2.0.6, which adds highlighting support for JSX, Prometheus, and others. !6251

--- a/lib/banzai/filter/sanitization_filter.rb
+++ b/lib/banzai/filter/sanitization_filter.rb
@@ -7,7 +7,7 @@ module Banzai
      UNSAFE_PROTOCOLS = %w(data javascript vbscript).freeze
      def whitelist
-        whitelist = super.dup
+        whitelist = super
        customize_whitelist(whitelist)
@@ -42,58 +42,58 @@ module Banzai
        # Allow any protocol in `a` elements...
        whitelist[:protocols].delete('a')
-        whitelist[:transformers] = whitelist[:transformers].dup
        # ...but then remove links with unsafe protocols
-        whitelist[:transformers].push(remove_unsafe_links)
+        whitelist[:transformers].push(self.class.remove_unsafe_links)
        # Remove `rel` attribute from `a` elements
-        whitelist[:transformers].push(remove_rel)
+        whitelist[:transformers].push(self.class.remove_rel)
        # Remove `class` attribute from non-highlight spans
-        whitelist[:transformers].push(clean_spans)
+        whitelist[:transformers].push(self.class.clean_spans)
        whitelist
      end
-      def remove_unsafe_links
+      class << self
-        lambda do |env|
+        def remove_unsafe_links
-          node = env[:node]
+          lambda do |env|
+            node = env[:node]
-          return unless node.name == 'a'
+            return unless node.name == 'a'
-          return unless node.has_attribute?('href')
+            return unless node.has_attribute?('href')
-          begin
+            begin
-            uri = Addressable::URI.parse(node['href'])
+              uri = Addressable::URI.parse(node['href'])
-            uri.scheme = uri.scheme.strip.downcase if uri.scheme
+              uri.scheme = uri.scheme.strip.downcase if uri.scheme
-            node.remove_attribute('href') if UNSAFE_PROTOCOLS.include?(uri.scheme)
+              node.remove_attribute('href') if UNSAFE_PROTOCOLS.include?(uri.scheme)
-          rescue Addressable::URI::InvalidURIError
+            rescue Addressable::URI::InvalidURIError
-            node.remove_attribute('href')
+              node.remove_attribute('href')
+            end
          end
        end
-      end
-      def remove_rel
+        def remove_rel
-        lambda do |env|
+          lambda do |env|
-          if env[:node_name] == 'a'
+            if env[:node_name] == 'a'
-            env[:node].remove_attribute('rel')
+              env[:node].remove_attribute('rel')
+            end
          end
        end
-      end
-      def clean_spans
+        def clean_spans
-        lambda do |env|
+          lambda do |env|
-          node = env[:node]
+            node = env[:node]
-          return unless node.name == 'span'
+            return unless node.name == 'span'
-          return unless node.has_attribute?('class')
+            return unless node.has_attribute?('class')
-          unless has_ancestor?(node, 'pre')
+            unless node.ancestors.any? { |n| n.name.casecmp('pre').zero? }
-            node.remove_attribute('class')
+              node.remove_attribute('class')
-          end
+            end
-          { node_whitelist: [node] }
+            { node_whitelist: [node] }
+          end
        end
      end
    end