Fix warning messages with SVG ALLOWED_ELEMENTS

Eliminates "warning: already initialized constant Gitlab::Sanitizers::SVG::ALLOWED_ELEMENTS"

Fix warning messages with SVG ALLOWED_ELEMENTS
e9ecbd3d · Stan Hu · 4607323e · e9ecbd3d · e9ecbd3d
Commit e9ecbd3d authored May 19, 2016 by Stan Hu
Show whitespace changes
Inline Side-by-side

Showing with 5 additions and 5 deletions

svg.rb lib/gitlab/sanitizers/svg.rb +3 -5

whitelist.rb lib/gitlab/sanitizers/svg/whitelist.rb +2 -0

No files found.
--- a/lib/gitlab/sanitizers/svg.rb
+++ b/lib/gitlab/sanitizers/svg.rb
-require_relative "svg/whitelist"
-
 module Gitlab
  module Sanitizers
    module SVG
@@ -12,14 +10,14 @@ module Gitlab
        DATA_ATTR_PATTERN = /\Adata-(?!xml)[a-z_][\w.\u00E0-\u00F6\u00F8-\u017F\u01DD-\u02AF-]*\z/u

        def scrub(node)
-          unless ALLOWED_ELEMENTS.include?(node.name)
+          unless Whitelist::ALLOWED_ELEMENTS.include?(node.name)
            node.unlink
          else
            node.attributes.each do |attr_name, attr|
-              valid_attributes = ALLOWED_ATTRIBUTES[node.name]
+              valid_attributes = Whitelist::ALLOWED_ATTRIBUTES[node.name]

              unless valid_attributes && valid_attributes.include?(attr_name)
-                if ALLOWED_DATA_ATTRIBUTES_IN_ELEMENTS.include?(node.name) &&
+                if Whitelist::ALLOWED_DATA_ATTRIBUTES_IN_ELEMENTS.include?(node.name) &&
                    attr_name.start_with?('data-')
                  # Arbitrary data attributes are allowed. Verify that the attribute
                  # is a valid data attribute.

--- a/lib/gitlab/sanitizers/svg/whitelist.rb
+++ b/lib/gitlab/sanitizers/svg/whitelist.rb
@@ -4,6 +4,7 @@
 module Gitlab
  module Sanitizers
    module SVG
+      class Whitelist
        ALLOWED_ELEMENTS = %w[
        a altGlyph altGlyphDef altGlyphItem animate
        animateColor animateMotion animateTransform circle clipPath color-profile
@@ -104,4 +105,5 @@ module Gitlab
        }.freeze
      end
    end
+  end
 end