naming: Rails::Html is now Rails::HTML

but Rails::Html is an alias for backwards compatibility

CHANGELOG.md

@@ -9,6 +9,11 @@
 
   *Mike Dalessio*
 
+* `Rails::Html` has been renamed to `Rails::HTML`, but this module is aliased to `Rails::Html` for
+  backwards compatibility.
+
+  *Mike Dalessio*
+
 
 ## 1.5.0 / 2023-01-20
 

lib/rails-html-sanitizer.rb

@@ -7,6 +7,10 @@
 require_relative "rails/html/scrubbers"
 require_relative "rails/html/sanitizer"
 
+module Rails
+  Html = HTML # :nodoc:
+end
+
 module ActionView
   module Helpers
     module SanitizeHelper

lib/rails/html/sanitizer.rb

@@ -1,19 +1,19 @@
 # frozen_string_literal: true
 
 module Rails
-  module Html
+  module HTML
     class Sanitizer
       class << self
         def full_sanitizer
-          Rails::Html::FullSanitizer
+          Rails::HTML::FullSanitizer
         end
 
         def link_sanitizer
-          Rails::Html::LinkSanitizer
+          Rails::HTML::LinkSanitizer
         end
 
         def safe_list_sanitizer
-          Rails::Html::SafeListSanitizer
+          Rails::HTML::SafeListSanitizer
         end
 
         def white_list_sanitizer # :nodoc:
@@ -47,7 +47,7 @@ def sanitize(html, options = {})
       end
 
       module Parser # :nodoc:
-        module Html4 # :nodoc:
+        module HTML4 # :nodoc:
           def parse_fragment(html)
             Loofah.html4_fragment(html)
           end
@@ -192,34 +192,34 @@ def serialize(fragment)
       end
     end
 
-    # === Rails::Html::FullSanitizer
+    # === Rails::HTML::FullSanitizer
     # Removes all tags but strips out scripts, forms and comments.
     #
-    # full_sanitizer = Rails::Html::FullSanitizer.new
+    # full_sanitizer = Rails::HTML::FullSanitizer.new
     # full_sanitizer.sanitize("<b>Bold</b> no more!  <a href='more.html'>See more here</a>...")
     # # => Bold no more!  See more here...
     class FullSanitizer < Sanitizer
       include Concern::ComposedSanitize
-      include Concern::Parser::Html4
+      include Concern::Parser::HTML4
       include Concern::Scrubber::Full
       include Concern::Serializer::UTF8Encode
     end
 
-    # === Rails::Html::LinkSanitizer
+    # === Rails::HTML::LinkSanitizer
     # Removes +a+ tags and +href+ attributes leaving only the link text.
     #
-    #  link_sanitizer = Rails::Html::LinkSanitizer.new
+    #  link_sanitizer = Rails::HTML::LinkSanitizer.new
     #  link_sanitizer.sanitize('<a href="example.com">Only the link text will be kept.</a>')
     #
     #  => 'Only the link text will be kept.'
     class LinkSanitizer < Sanitizer
       include Concern::ComposedSanitize
-      include Concern::Parser::Html4
+      include Concern::Parser::HTML4
       include Concern::Scrubber::Link
       include Concern::Serializer::SimpleString
     end
 
-    # === Rails::Html::SafeListSanitizer
+    # === Rails::HTML::SafeListSanitizer
     # Sanitizes html and css from an extensive safe list (see link further down).
     #
     # === Whitespace
@@ -240,14 +240,14 @@ class LinkSanitizer < Sanitizer
     # SafeListSanitizer also accepts options to configure
     # the safe list used when sanitizing html.
     # There's a class level option:
-    # Rails::Html::SafeListSanitizer.allowed_tags = %w(table tr td)
-    # Rails::Html::SafeListSanitizer.allowed_attributes = %w(id class style)
+    # Rails::HTML::SafeListSanitizer.allowed_tags = %w(table tr td)
+    # Rails::HTML::SafeListSanitizer.allowed_attributes = %w(id class style)
     #
     # Tags and attributes can also be passed to +sanitize+.
     # Passed options take precedence over the class level options.
     #
     # === Examples
-    # safe_list_sanitizer = Rails::Html::SafeListSanitizer.new
+    # safe_list_sanitizer = Rails::HTML::SafeListSanitizer.new
     #
     # Sanitize css doesn't take options
     # safe_list_sanitizer.sanitize_css('background-color: #000;')
@@ -263,7 +263,7 @@ class LinkSanitizer < Sanitizer
     # safe_list_sanitizer.sanitize(@article.body, scrubber: ArticleScrubber.new)
     class SafeListSanitizer < Sanitizer
       include Concern::ComposedSanitize
-      include Concern::Parser::Html4
+      include Concern::Parser::HTML4
       include Concern::Scrubber::SafeList
       include Concern::Serializer::UTF8Encode
     end

lib/rails/html/sanitizer/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module Rails
-  module Html
+  module HTML
     class Sanitizer
       VERSION = "1.6.0.dev"
     end

lib/rails/html/scrubbers.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
 module Rails
-  module Html
-    # === Rails::Html::PermitScrubber
+  module HTML
+    # === Rails::HTML::PermitScrubber
     #
-    # +Rails::Html::PermitScrubber+ allows you to permit only your own tags and/or attributes.
+    # +Rails::HTML::PermitScrubber+ allows you to permit only your own tags and/or attributes.
     #
-    # +Rails::Html::PermitScrubber+ can be subclassed to determine:
+    # +Rails::HTML::PermitScrubber+ can be subclassed to determine:
     # - When a node should be skipped via +skip_node?+.
     # - When a node is allowed via +allowed_node?+.
     # - When an attribute should be scrubbed via +scrub_attribute?+.
@@ -29,7 +29,7 @@ module Html
     # If set, attributes excluded will be removed.
     # If not, attributes are removed based on Loofahs +HTML5::Scrub.scrub_attributes+.
     #
-    #  class CommentScrubber < Html::PermitScrubber
+    #  class CommentScrubber < Rails::HTML::PermitScrubber
     #    def initialize
     #      super
     #      self.tags = %w(form script comment blockquote)
@@ -158,10 +158,10 @@ def scrub_attribute(node, attr_node)
         end
     end
 
-    # === Rails::Html::TargetScrubber
+    # === Rails::HTML::TargetScrubber
     #
-    # Where +Rails::Html::PermitScrubber+ picks out tags and attributes to permit in
-    # sanitization, +Rails::Html::TargetScrubber+ targets them for removal.
+    # Where +Rails::HTML::PermitScrubber+ picks out tags and attributes to permit in
+    # sanitization, +Rails::HTML::TargetScrubber+ targets them for removal.
     #
     # +tags=+
     # If set, elements included will be stripped.
@@ -178,9 +178,9 @@ def scrub_attribute?(name)
       end
     end
 
-    # === Rails::Html::TextOnlyScrubber
+    # === Rails::HTML::TextOnlyScrubber
     #
-    # +Rails::Html::TextOnlyScrubber+ allows you to permit text nodes.
+    # +Rails::HTML::TextOnlyScrubber+ allows you to permit text nodes.
     #
     # Unallowed elements will be stripped, i.e. element is removed but its subtree kept.
     class TextOnlyScrubber < Loofah::Scrubber

rails-html-sanitizer.gemspec

@@ -5,7 +5,7 @@ require_relative "lib/rails/html/sanitizer/version"
 
 Gem::Specification.new do |spec|
   spec.name          = "rails-html-sanitizer"
-  spec.version       = Rails::Html::Sanitizer::VERSION
+  spec.version       = Rails::HTML::Sanitizer::VERSION
   spec.authors       = ["Rafael Mendonça França", "Kasper Timm Hansen"]
   spec.email         = ["rafaelmfranca@gmail.com", "kaspth@gmail.com"]
   spec.description   = "HTML sanitization for Rails applications"

test/rails_api_test.rb

@@ -4,6 +4,19 @@
 require "rails-html-sanitizer"
 
 class RailsApiTest < Minitest::Test
+  def test_html_module_name_alias
+    assert_equal(Rails::Html, Rails::HTML)
+    assert_equal("Rails::HTML", Rails::Html.name)
+    assert_equal("Rails::HTML", Rails::HTML.name)
+  end
+
+  def test_html_scrubber_class_names
+    assert(Rails::Html::PermitScrubber)
+    assert(Rails::Html::TargetScrubber)
+    assert(Rails::Html::TextOnlyScrubber)
+    assert(Rails::Html::Sanitizer)
+  end
+
   def test_full_sanitizer_returns_a_full_sanitizer
     assert_equal(Rails::Html::FullSanitizer, Rails::Html::Sanitizer.full_sanitizer)
   end

test/scrubbers_test.rb

@@ -34,7 +34,7 @@ def assert_scrub_returns(return_value, text)
 
 class PermitScrubberTest < ScrubberTest
   def setup
-    @scrubber = Rails::Html::PermitScrubber.new
+    @scrubber = Rails::HTML::PermitScrubber.new
   end
 
   def test_responds_to_scrub
@@ -80,7 +80,7 @@ def test_leaves_only_supplied_tags
   end
 
   def test_prunes_tags
-    @scrubber = Rails::Html::PermitScrubber.new(prune: true)
+    @scrubber = Rails::HTML::PermitScrubber.new(prune: true)
     @scrubber.tags = %w(tag)
     html = "<tag>leave me <span>now</span></tag>"
     assert_scrubbed html, "<tag>leave me </tag>"
@@ -150,7 +150,7 @@ def test_attributes_accessor_validation
 
 class TargetScrubberTest < ScrubberTest
   def setup
-    @scrubber = Rails::Html::TargetScrubber.new
+    @scrubber = Rails::HTML::TargetScrubber.new
   end
 
   def test_targeting_tags_removes_only_them
@@ -179,7 +179,7 @@ def test_targeting_tags_and_attributes_removes_only_them
   end
 
   def test_prunes_tags
-    @scrubber = Rails::Html::TargetScrubber.new(prune: true)
+    @scrubber = Rails::HTML::TargetScrubber.new(prune: true)
     @scrubber.tags = %w(span)
     html = "<tag>leave me <span>now</span></tag>"
     assert_scrubbed html, "<tag>leave me </tag>"
@@ -188,7 +188,7 @@ def test_prunes_tags
 
 class TextOnlyScrubberTest < ScrubberTest
   def setup
-    @scrubber = Rails::Html::TextOnlyScrubber.new
+    @scrubber = Rails::HTML::TextOnlyScrubber.new
   end
 
   def test_removes_all_tags_and_keep_the_content
@@ -201,7 +201,7 @@ def test_skips_text_nodes
 end
 
 class ReturningStopFromScrubNodeTest < ScrubberTest
-  class ScrubStopper < Rails::Html::PermitScrubber
+  class ScrubStopper < Rails::HTML::PermitScrubber
     def scrub_node(node)
       Loofah::Scrubber::STOP
     end