From f159c54dc8b361b05d7fec827ce176375f227a85 Mon Sep 17 00:00:00 2001 From: Ryan Grove Date: Thu, 12 Aug 2010 14:17:33 -0700 Subject: [PATCH] Increase minimum Sanitize version requirement to 1.1.0. 1.0.x versions of Sanitize require Hpricot instead of Nokogiri and have bugs that may allow non-whitelisted HTML to sneak through. --- gollum.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gollum.gemspec b/gollum.gemspec index 4ec43e08..50a7f5ca 100644 --- a/gollum.gemspec +++ b/gollum.gemspec @@ -28,7 +28,7 @@ Gem::Specification.new do |s| s.add_dependency('albino', "~> 1.0") s.add_dependency('sinatra', "~> 1.0") s.add_dependency('mustache', [">= 0.11.2", "< 1.0.0"]) - s.add_dependency('sanitize', "~> 1.0") + s.add_dependency('sanitize', "~> 1.1") s.add_dependency('nokogiri', "~> 1.4") s.add_development_dependency('shoulda')