[#8446] Re: string like istringstream (was: A bug inruby) — Kevin Smith <sent@...>
jmichel@schur.institut.math.jussieu.fr wrote:
[#8465] A newbie question (about regexp) — "Robert Gustavsson" <robertg@...>
Hi!
[#8468] Re: speedup of anagram finder — "Ben Tilly" <ben_tilly@...>
gotoken@math.sci.hokudai.ac.jp (GOTO Kentaro) wrote:
On Tue, 2 Jan 2001, Ben Tilly wrote:
[#8478] popen on .rb file in 95 — "Chris Morris" <chrismo@...>
Apparently, Win95 does not support file associations from the command line.
[#8490] Translate daemon code to Windows? — "Chris Morris" <chrismo@...>
I'm trying to get httpd and rwiki to work on 95 and both have init code to
[#8508] Re: speedup of anagram finder — "SHULTZ,BARRY (HP-Israel,ex1)" <barry_shultz@...>
> go, either. The fact is, I've spent a lot of time the past couple days
[#8513] 1.6.2 on Dec Alpha — Hugh Sasse Staff Elec Eng <hgs@...>
And on a Dec Alpha system with gcc -v giving:
On Thu, 4 Jan 2001, Mathieu Bouchard wrote:
> > > And on a Dec Alpha system with gcc -v giving:
On Sun, 7 Jan 2001, Mathieu Bouchard wrote:
> > Here it is:
[#8527] Re: 1.6.2 on Solaris2.5.1 — ts <decoux@...>
>>>>> "H" == Hugh Sasse Staff Elec Eng <hgs@dmu.ac.uk> writes:
[#8565] optparse and rdtool — Hugh Sasse Staff Elec Eng <hgs@...>
Rebuilding stuff for 1.6.2, I see that RubyUnit says it's a good idea to
>...
[#8566] Visions for 2001/1.7.x development? — Robert Feldt <feldt@...>
Hi matz and other Ruby developers,
Hi,
On Fri, 5 Jan 2001, Yukihiro Matsumoto wrote:
[#8580] bug?? — jmichel@... (Jean Michel)
I don't understand the following behaviour:
On Thu, 4 Jan 2001, Jean Michel wrote:
In message "[ruby-talk:8580] bug??"
> A number of users was confused by these behavior, thus we have already
[#8599] Character classes in Ruby regexp — "Robert Gustavsson" <robertg@...>
Hi!
[#8633] Interesting Language performance comparisons - Ruby, OCAML etc — "g forever" <g24ever@...>
[#8651] Re: Interesting Language performance comparisons - Ruby, OCAML etc — "g forever" <g24ever@...>
Good observations.
[#8723] Re: Braces and begin/end — Kevin Smith <sent@...>
Robert Gustavsson wrote:
[#8745] (start..end) where start > end — "Robert Gustavsson" <0317025435@...>
Hi!
On Sun, 7 Jan 2001, Robert Gustavsson wrote:
[#8757] Backward Range implementation — Kevin Smith <sent@...>
Here's what I came up with that seems to work. I
[#8774] No :<, :>, etc. methods for Array — "Brian F. Feldman" <green@...>
So, why not include Comparable in Array by default? It shouldn't have any
Hi,
matz@zetabits.com (Yukihiro Matsumoto) wrote:
In message "[ruby-talk:8780] Re: No :<, :>, etc. methods for Array"
gotoken@math.sci.hokudai.ac.jp (GOTO Kentaro) wrote:
Hello --
David Alan Black <dblack@candle.superlink.net> wrote:
In message "[ruby-talk:8785] Re: No :<, :>, etc. methods for Array"
> -----Original Message-----
[#8808] Dynamic Flash movies from Ruby — Dave Thomas <Dave@...>
[#8829] Sandbox (again) — wys@... (Clemens Wyss)
Hi,
On 8 Jan, Clemens Wyss wrote:
[#8844] problems with mkmf.rb — DaVinci <bombadil@...>
Hi.
DaVinci <bombadil@wanadoo.es> wrote:
[#8908] Re: bug?? — Aleksi Niemel<aleksi.niemela@...>
matz said:
[#8931] String confusion — Anders Bengtsson <ndrsbngtssn@...>
Hello everyone,
Hi,
On Wed, 10 Jan 2001, Yukihiro Matsumoto wrote:
On Wed, 10 Jan 2001, Yukihiro Matsumoto wrote:
Hi,
On Wed, 10 Jan 2001, Yukihiro Matsumoto wrote:
[#8953] Please remove account from files — "Thomas Daniels" <westernporter@...>
Please take my e-mail address from your files and "CANCEL" my =
On Wed, 10 Jan 2001, Thomas Daniels wrote:
At Wed, 10 Jan 2001 14:23:30 +0900,
On Wed, 10 Jan 2001, Yasushi Shoji wrote:
[#8958] Re: Genetic Programming in Ruby — "Conrad Schneiker" <schneik@...>
Robert Feldt wrote:
[#8964] GULP (working title :-) related thoughts — David Alan Black <dblack@...>
Hello --
[#8971] Re: GULP (working title :-) related thoughts — "Conrad Schneiker" <schneik@...>
Dave Thomas wrote:
I don't know if 1.6.1 has a bug that's been fixed in 1.6.2 but I have used
[#8975] Re: Modules and mixins — Kevin Smith <sent@...>
Holden Glova wrote:
Kevin Smith <sent@qualitycode.com> writes:
[#8991] Why File::Stat? — "Hal E. Fulton" <hal9000@...>
I'm assuming that Stat is embedded inside File just
[#9008] using RUnit's setup and teardown methods — wlkleb@...
can someone show me how to use (or explain to me when i should use)
[#9035] Re: Regexp for matching Ruby reg exps? — "Ben Tilly" <ben_tilly@...>
Robert Feldt <feldt@ce.chalmers.se> wrote:
[#9047] Re: time to divide -talk? (was: Please remov e account from files) — Aleksi Niemel<aleksi.niemela@...>
Yasushi Shoji:
At Thu, 11 Jan 2001 00:20:45 +0900,
[#9063] Re: pid of executed program — ts <decoux@...>
>>>>> "L" == Laurence J Lane <ljlane@debian.org> writes:
[#9070] Re: time to divide -talk? — "Conrad Schneiker" <schneik@...>
David Alan Black wrote:
[#9106] Grabbing a char from the keyboard... — "Hal E. Fulton" <hal9000@...>
How does one accept a character from the keyboard
[#9120] ruby 1.6.2 and Debian 2.2 — Bostjan JERKO <Bostjan.Jerko@...>
Hi !
[#9159] Re: GULP (working title :-) related thoughts — "Conrad Schneiker" <schneik@...>
Dwight Tuinstra wrote:
[#9163] truncation of error strings — raja@... (Raja S.)
Is there any where to prevent the truncation of messages produced during
[#9179] "|" on front of aPortName — "Hal E. Fulton" <hal9000@...>
Hi guys...
[#9187] Re: Licensing issues — Kevin Smith <sent@...>
Robert Feldt wrote:
[#9195] Re: Redefining singleton methods — ts <decoux@...>
>>>>> "H" == Horst Duch=EAne?= <iso-8859-1> writes:
> From: ts [mailto:decoux@moulon.inra.fr]
[#9199] Class from name of class — Jim Menard <jimm@...>
I have a class name in a string, and I want to create an instance of that
[#9242] polymorphism — Maurice Szmurlo <maurice@...>
hello
Yukihiro Matsumoto <matz@zetabits.com> wrote:
[#9262] Rubicon now available via CVS — Dave Thomas <Dave@...>
[#9267] Re: polymorphism — chad fowler <chadfowler@...>
> >
"chad fowler" <chadfowler@yahoo.com> wrote in message
[#9279] Can ruby replace php? — Jim Freeze <jim@...>
When I read that ruby could be used to replace PHP I got really
> When I read that ruby could be used to replace PHP I got really
[#9368] Ruby 1.6.2 compilation problems on HP-UX 11 with gcc 2.95.2 with optimizations — "HOLOWKO,LARS (A-Germany,ex1)" <lars_holowko@...>
Trying to build Ruby like this
WATANABE Tetsuya <tetsu@jpn.hp.com> writes:
[#9395] Re: Do Vector and Matrix Classes Exist for Ruby? — "Conrad Schneiker" <schneik@...>
Gotoken wrote:
[#9411] The Ruby Way — "Conrad Schneiker" <schneiker@...>
As a member of the "Big 8" newsgroups, "The Ruby Way" (of posting) is to
Well, I have to say that I agree 100% with your previous post.
----- Original Message -----
----- Original Message -----
[#9427] Ruby CVS repositories are ready now — "Akinori MUSHA" <knu@...>
Hello,
[#9434] Re: 101 Misconceptions About Dynamic... — MICHAEL.W.WILSON@...
Subject:
[#9439] array.each_index_but_last ? — Hugh Sasse Staff Elec Eng <hgs@...>
What is the idiomatic Ruby way to go through all the elements of an array,
[#9462] Re: reading an entire file as a string — ts <decoux@...>
>>>>> "R" == Raja S <raja@cs.indiana.edu> writes:
ts <decoux@moulon.inra.fr> writes:
raja@cs.indiana.edu (Raja S.) writes:
Hi,
Mathieu Bouchard <matju@cam.org> writes:
> > File.open(path) {|f| f.read(*args) }
Hi,
[#9496] Re: Subprocess — Bostjan JERKO <Bostjan.Jerko@...>
Yeah and what if I want to run it on M$ ?
[#9521] Larry Wall INterview — ianm74@...
Larry was interviewed at the Perl/Ruby conference in Koyoto:
Larry Wall's interview is how I found out
>>>>> On Fri, 9 Feb 2001 00:40:02 +0900,
Does someone have a code snippet that they can point me to that allows
[#9598] Re: 101 Misconceptions About Dynamic Languages — "Christian" <christians@...>
I've really backed myself into a corner here. Witness my Houdini act.
[#9610] Re: 101 Misconceptions About Dynamic Languages — "Ben Tilly" <ben_tilly@...>
"Christian" <christians@syd.microforte.com.au> wrote:
[#9616] Re: 101 Misconceptions About Dynamic Languages — "Ben Tilly" <ben_tilly@...>
Peter Wood <peter.wood@worldonline.dk> wrote:
[#9619] Ruby mode for emacs — "R. Mark Volkmann" <volkmann2@...>
Is anyone successfully using Ruby mode for emacs under Windows 2000?
[#9682] Re: 101 Misconceptions About Dynamic Languages — "Ben Tilly" <ben_tilly@...>
"Christian" <christians@syd.microforte.com.au> wrote:
[#9709] Re: Ruby, FOX, and widely available C++ implementations (Was: Re: 101 Misconceptions About Dynamic Languages) — "Conrad Schneiker" <schneik@...>
Patrick Logan wrote:
[#9718] Can someone tell the the scoop on Mac ports — Dave Thomas <Dave@...>
[#9728] Re: Ruby vs. Python and Euphoria: sieve benc hmark — Aleksi Niemel<aleksi.niemela@...>
> Kenneth Rhodes writes:
[#9730] require loop — Ted Meng <ted_meng@...>
Hi,
[#9741] Re: Possible bug in Tempfile/Fork interaction — "Ben Tilly" <ben_tilly@...>
Martin G Dixon <mgdixon@ichips.intel.com> wrote:
[#9761] Re: 101 Misconceptions About Dynamic Languages — ts <decoux@...>
>>>>> "C" == Christoph Rippel <crippel@primenet.com> writes:
[#9781] Re: socket.rb? firewalls? — MICHAEL.W.WILSON@...
|--------+----------------------->
[#9792] Ruby 162 installer available — Dave Thomas <Dave@...>
[#9800] IOWA M.L. — Jilani Khaldi <jilanik@...>
Hi,
[#9824] Re: IOWA M.L. — chad fowler <chadfowler@...>
Avi Bryant <avi@beta4.com> writes:
[#9834] Problem with ruby-libglade 1.1 — schuerig@... (Michael Schuerig)
[#9843] The Ruby Programming Language — TAKAHASHI Masayoshi <maki@...>
Hi,
[#9847] Linux Expo Paris 1/31-2/2 — matz@... (Yukihiro Matsumoto)
Hi,
[#9904] Re: Learning Ruby — "Conrad Schneiker" <schneik@...>
Jim Freeze wrote:
[#9908] First quines in ruby? — "Conrad Schneiker" <schneik@...>
On Wed, 19 Jul 2000 Hal Fulton wrote:
[#9919] ANN: AspectR 0.2 — Robert Feldt <feldt@...>
Hi,
[#9930] a newbie ? — "Ralf" <Ralf.Jantschek@...>
Hello,
[#9949] Re: which ruby ...? — "Conrad Schneiker" <schneik@...>
Kent Dahl wrote:
[#9958] Re: Vim syntax files again. — "Conrad Schneiker" <schneik@...>
Hugh Sasse wrote:
On Sat, 27 Jan 2001, Conrad Schneiker wrote:
On Mon, 29 Jan 2001 19:36:49 +0900, Hugh Sasse Staff Elec Eng wrote:
On Mon, 29 Jan 2001, hipster wrote:
On Mon, 29 Jan 2001, Hugh Sasse Staff Elec Eng wrote:
[#9959] Dynamically instantiating a class (with a string) — ptkwt@...2.teleport.com (Phil Tomson)
I know I could (and probably should) do this with some kind of a factory
[#9975] line continuation — "David Ruby" <ruby_david@...>
can a ruby statement break into multiple lines?
On Sat, 27 Jan 2001, David Ruby wrote:
>A statement break into mutliple lines if it is not complete,
<ale@crimson.propagation.net> wrote:
On Sun, 28 Jan 2001, Brian F. Feldman wrote:
Hi --
[#9980] Ruby refs on Slashdot — "Conrad Schneiker" <schneiker@...>
FYI. See the original for much better formatting and to see the links.
Hello --
[#9986] system command on Windows(Arrgghhh!) — ptkwt@...2.teleport.com (Phil Tomson)
[#10010] Re: exercise training program in ruby — MICHAEL.W.WILSON@...
|--------+----------------------->
[#10050] Arity of methods without having instance? — Robert Feldt <feldt@...>
Hi,
[#10076] RECEIVED: Re: REQUEST TO REMOVE SEQUENC... — MICHAEL.W.WILSON@...
Subject:
[#10123] RSVP (Ruby SerVer Pages -sort of :-) — "Pe, Botp" <botp@...>
Hi ALL:
[#10128] Ruby for DOS — Dave Thomas <Dave@...>
[#10136] Array's undocumented features — Mathieu Bouchard <matju@...>
[#10141] ArrayMixin 0.2 — Mathieu Bouchard <matju@...>
[#10142] DateTime class for Ruby? — Michael Neumann <neumann@...>
Hi,
[#10153] Re: DateTime class for Ruby? — "Ben Tilly" <ben_tilly@...>
andy@toolshed.com (Andrew Hunt) wrote:
[ruby-talk:9278] break my would-be safe code!
Hello --
There's been altogether too little hacking on this
list recently. So grab your pickaxes!
First of all... I *know* that it is considered horrible ever
to write anything in the realm of Web programming that
reinvents, fails to use existing modules, dares to presume
that it might work, etc. Pointers to existing code that
actually does what I'm trying to do are welcome, but don't
worry about enlightening me in the abstract. I'm on the
case :-)
The idea is:
Given a string, do one of two things to it:
1. kill all SGML/HTML-style tags, by turning <,> into
<, >
2. kill all such tags except those specifically
designated as OK.
The idea, of course, is to render arbitrary text input
tag-safe. (I know this isn't the only security gap imaginable,
but it's what this exercise is trying to do.)
Here's the current code, and a test (where the 'this' tag
is OK and all others are not). The question is... can we
break this code and sneak horrible/destructive things into
the input?
module TagKiller
def kill_tags(text)
text .
gsub('>', '>') .
gsub('<', '<')
end
def kill_except(text, tags=[])
tagRE = '(<\s*/?\s*([^>/\s]+)[^>]*/?>)'
text.gsub "#{tagRE}" do |match|
tag = $2.downcase.strip
if tags.include? tag
match
else
kill_tags(match)
end
end
end
end
include TagKiller
$text = <<-EOM
<this is a tag> content </this> here's something afterward
<here is> a bad tag </here>
<this good tag starts on
one line> and ends here </this>
<this/>
EOM
print kill_except($text, %w{this} )
__END__
Output:
<this is a tag> content </this> here's something afterward
<here is> a bad tag </here>
<this good tag starts on
one line> and ends here </this>
<this/>
David
--
David Alan Black
home: dblack@candle.superlink.net
work: blackdav@shu.edu
Web: http://pirate.shu.edu/~blackdav