Sanitize Rdoc output

Signed-off-by: David Radcliffe <radcliffe.david@gmail.com>

Author: ivantsepp

app/helpers/rubygems_helper.rb

@@ -25,7 +25,7 @@ def simple_markup(text)
     if text =~ /^==+ [A-Z]/
       options = RDoc::Options.new
       options.pipe = true
-      RDoc::Markup.new.convert(text, RDoc::Markup::ToHtml.new(options)).html_safe
+      sanitize RDoc::Markup.new.convert(text, RDoc::Markup::ToHtml.new(options))
     else
       content_tag :p, escape_once(sanitize(text.strip)), nil, false
     end

test/unit/helpers/rubygems_helper_test.rb

@@ -144,7 +144,14 @@ class RubygemsHelperTest < ActionView::TestCase
 
     should 'work on rdoc strings' do
       text = '== FOO'
-      assert_equal "\n<h2 id=\"label-FOO\">FOO</h2>\n", simple_markup(text)
+      assert_equal "\n<h2>FOO</h2>\n", simple_markup(text)
+      assert simple_markup(text).html_safe?
+    end
+
+    should 'sanitize rdoc strings' do
+      text = "== FOO\nclick[javascript:alert('foo')]"
+      assert_equal "\n<h2>FOO</h2>\n\n<p><a>click</a></p>\n", simple_markup(text)
+
       assert simple_markup(text).html_safe?
     end
   end