Strip contents of <script> tags. Fixes feedbin/support#49.

Author: benubois

lib/html/pipeline/sanitization_filter.rb

@@ -35,6 +35,7 @@ class SanitizationFilter < Filter
           div ins del sup sub p ol ul table blockquote dl dt dd
           kbd q samp var hr ruby rt rp li tr td th
         ),
+        :remove_contents => ['script'],
         :attributes => {
           'a' => ['href'],
           'img' => ['src'],

test/html/pipeline/sanitization_filter_test.rb

@@ -44,4 +44,9 @@ def test_github_specific_protocols_are_not_removed
     stuff = '<a href="github-windows://spillthelog">Spill this yo</a> and so on'
     assert_equal stuff, SanitizationFilter.call(stuff).to_s
   end
+
+  def test_script_contents_are_removed
+    orig = '<script>JavaScript!</script>'
+    assert_equal "", SanitizationFilter.call(orig).to_s
+  end
 end