diff options
author | Timm <kaspth@gmail.com> | 2013-09-13 15:45:44 +0200 |
---|---|---|
committer | Timm <kaspth@gmail.com> | 2014-06-16 21:04:13 +0200 |
commit | 5430487d85de3e6ac0d886e384ef039f15e64a88 (patch) | |
tree | 98ada00b57c747d7e65a42f014a571d51c558840 | |
parent | 170f414928fcd3d3e691ee67ad59798b77b6330f (diff) | |
download | rails-5430487d85de3e6ac0d886e384ef039f15e64a88.tar.gz rails-5430487d85de3e6ac0d886e384ef039f15e64a88.tar.bz2 rails-5430487d85de3e6ac0d886e384ef039f15e64a88.zip |
Stylistic improvements. Some light documentation for remove_xpaths.
-rw-r--r-- | actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb index 75ba1a7deb..f6c13885ff 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb @@ -5,12 +5,13 @@ require 'action_view/helpers/sanitize_helper/scrubbers' module ActionView XPATHS_TO_REMOVE = %w{.//script .//form comment()} - class Sanitizer - # :nodoc: + class Sanitizer # :nodoc: def sanitize(html, options = {}) raise NotImplementedError, "subclasses must implement" end + # call +remove_xpaths+ with string and get a string back + # call it with a node or nodeset and get back a node/nodeset def remove_xpaths(html, xpaths) if html.respond_to?(:xpath) html.xpath(*xpaths).remove @@ -23,7 +24,7 @@ module ActionView class FullSanitizer < Sanitizer def sanitize(html, options = {}) - return nil unless html + return unless html return html if html.empty? Loofah.fragment(html).tap do |fragment| @@ -44,15 +45,15 @@ module ActionView end class WhiteListSanitizer < Sanitizer - def initialize @permit_scrubber = PermitScrubber.new end def sanitize(html, options = {}) - return nil unless html + return unless html loofah_fragment = Loofah.fragment(html) + if scrubber = options[:scrubber] # No duck typing, Loofah ensures subclass of Loofah::Scrubber loofah_fragment.scrub!(scrubber) @@ -64,11 +65,12 @@ module ActionView remove_xpaths(loofah_fragment, XPATHS_TO_REMOVE) loofah_fragment.scrub!(:strip) end + loofah_fragment.to_s end def sanitize_css(style_string) - Loofah::HTML5::Scrub.scrub_css style_string + Loofah::HTML5::Scrub.scrub_css(style_string) end def protocol_separator |