diff options
| author | Juanito Fatas <juanito.fatas@shopify.com> | 2019-05-14 13:09:39 +0900 |
|---|---|---|
| committer | Kasper Timm Hansen <kaspth@gmail.com> | 2019-08-05 03:35:35 +0200 |
| commit | 52f0b050e25cac6d9571d71c9f74ea583d8aa2b0 (patch) | |
| tree | f0cb5d415575b2de0f9ee6a3ba563c9d409aab96 /actiontext/app | |
| parent | 1af44e4aeeb04a6360b5104d8ee7b4a042ef93d8 (diff) | |
| download | rails-52f0b050e25cac6d9571d71c9f74ea583d8aa2b0.tar.gz rails-52f0b050e25cac6d9571d71c9f74ea583d8aa2b0.tar.bz2 rails-52f0b050e25cac6d9571d71c9f74ea583d8aa2b0.zip | |
Update sanitizer in ActionView::Helpers::SanitizeHelper
- The sanitizer has been changed to safe_list_sanitizer.
- deprecate white_list_sanitizer
Diffstat (limited to 'actiontext/app')
| -rw-r--r-- | actiontext/app/helpers/action_text/content_helper.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actiontext/app/helpers/action_text/content_helper.rb b/actiontext/app/helpers/action_text/content_helper.rb index ed2887d865..1e05f572f7 100644 --- a/actiontext/app/helpers/action_text/content_helper.rb +++ b/actiontext/app/helpers/action_text/content_helper.rb @@ -4,7 +4,7 @@ require "rails-html-sanitizer" module ActionText module ContentHelper - mattr_accessor(:sanitizer) { Rails::Html::Sanitizer.white_list_sanitizer.new } + mattr_accessor(:sanitizer) { Rails::Html::Sanitizer.safe_list_sanitizer.new } mattr_accessor(:allowed_tags) { sanitizer.class.allowed_tags + [ ActionText::Attachment::TAG_NAME, "figure", "figcaption" ] } mattr_accessor(:allowed_attributes) { sanitizer.class.allowed_attributes + ActionText::Attachment::ATTRIBUTES } mattr_accessor(:scrubber) |