From 479d8fb4a40db6947670fd6b1386cb3e2d612883 Mon Sep 17 00:00:00 2001
From: printercu <printercu@gmail.com>
Date: Thu, 27 Sep 2018 17:13:35 +0300
Subject: [PATCH 1/3] Single regexp for strip_html

---
 lib/liquid/standardfilters.rb | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/liquid/standardfilters.rb b/lib/liquid/standardfilters.rb
index c5dbcb8..3d939ae 100644
--- a/lib/liquid/standardfilters.rb
+++ b/lib/liquid/standardfilters.rb
@@ -11,6 +11,12 @@ module Liquid
       "'".freeze => '&#39;'.freeze
     }
     HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+));)/
+    STRIP_HTML = Regexp.union(
+      /<script.*?<\/script>/m,
+      /<!--.*?-->/m,
+      /<style.*?<\/style>/m,
+      /<.*?>/m,
+    )
 
     # Return the size of an array or of an string
     def size(input)
@@ -102,8 +108,7 @@ module Liquid
     end
 
     def strip_html(input)
-      empty = ''.freeze
-      input.to_s.gsub(/<script.*?<\/script>/m, empty).gsub(/<!--.*?-->/m, empty).gsub(/<style.*?<\/style>/m, empty).gsub(/<.*?>/m, empty)
+      input.to_s.gsub(STRIP_HTML, ''.freeze)
     end
 
     # Remove all newlines from the string

From 89c1ba2b0e3f55b3cb1b1b5759c5db58e87effa6 Mon Sep 17 00:00:00 2001
From: printercu <printercu@gmail.com>
Date: Thu, 27 Sep 2018 17:24:01 +0300
Subject: [PATCH 2/3] Fix rubocop warning

---
 lib/liquid/standardfilters.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/liquid/standardfilters.rb b/lib/liquid/standardfilters.rb
index 3d939ae..d7e2dbb 100644
--- a/lib/liquid/standardfilters.rb
+++ b/lib/liquid/standardfilters.rb
@@ -15,7 +15,7 @@ module Liquid
       /<script.*?<\/script>/m,
       /<!--.*?-->/m,
       /<style.*?<\/style>/m,
-      /<.*?>/m,
+      /<.*?>/m
     )
 
     # Return the size of an array or of an string

From ed73794f82b6a7fc529c7bd85761c225e7bc5a09 Mon Sep 17 00:00:00 2001
From: Justin Li <git@justinli.net>
Date: Fri, 22 Feb 2019 12:53:54 -0500
Subject: [PATCH 3/3] Preserve existing strip_html behaviour for weird inputs

---
 lib/liquid/standardfilters.rb            | 11 +++++++----
 test/integration/standard_filter_test.rb |  3 +++
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/lib/liquid/standardfilters.rb b/lib/liquid/standardfilters.rb
index d7e2dbb..af9b30b 100644
--- a/lib/liquid/standardfilters.rb
+++ b/lib/liquid/standardfilters.rb
@@ -11,12 +11,12 @@ module Liquid
       "'".freeze => '&#39;'.freeze
     }
     HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+));)/
-    STRIP_HTML = Regexp.union(
+    STRIP_HTML_BLOCKS = Regexp.union(
       /<script.*?<\/script>/m,
       /<!--.*?-->/m,
-      /<style.*?<\/style>/m,
-      /<.*?>/m
+      /<style.*?<\/style>/m
     )
+    STRIP_HTML_TAGS = /<.*?>/m
 
     # Return the size of an array or of an string
     def size(input)
@@ -108,7 +108,10 @@ module Liquid
     end
 
     def strip_html(input)
-      input.to_s.gsub(STRIP_HTML, ''.freeze)
+      empty = ''.freeze
+      result = input.to_s.gsub(STRIP_HTML_BLOCKS, empty)
+      result.gsub!(STRIP_HTML_TAGS, empty)
+      result
     end
 
     # Remove all newlines from the string
diff --git a/test/integration/standard_filter_test.rb b/test/integration/standard_filter_test.rb
index d39472e..d7a575e 100644
--- a/test/integration/standard_filter_test.rb
+++ b/test/integration/standard_filter_test.rb
@@ -177,6 +177,9 @@ class StandardFiltersTest < Minitest::Test
     assert_equal 'test', @filters.strip_html("<div\nclass='multiline'>test</div>")
     assert_equal 'test', @filters.strip_html("<!-- foo bar \n test -->test")
     assert_equal '', @filters.strip_html(nil)
+
+    # Quirk of the existing implementation
+    assert_equal 'foo;', @filters.strip_html("<<<script </script>script>foo;</script>")
   end
 
   def test_join