diff options
| author | Willian Gustavo Veiga <beberveiga@gmail.com> | 2018-10-02 12:55:36 -0300 |
|---|---|---|
| committer | Willian Gustavo Veiga <beberveiga@gmail.com> | 2018-10-02 12:57:37 -0300 |
| commit | 2d4df1349efdf8dd2c8cc4503fd5a871b0066500 (patch) | |
| tree | 9f71a297cf1bb30f1d59039997a60f97357d0782 /actionview/lib/action_view/helpers/sanitize_helper.rb | |
| parent | 00c50c2b5966fa1d719c8a58564811c672a0e8c6 (diff) | |
| parent | cf608ee34dd833b0357ef4eefa692db33242d2aa (diff) | |
| download | rails-2d4df1349efdf8dd2c8cc4503fd5a871b0066500.tar.gz rails-2d4df1349efdf8dd2c8cc4503fd5a871b0066500.tar.bz2 rails-2d4df1349efdf8dd2c8cc4503fd5a871b0066500.zip | |
Merge branch 'master' into feature/reselect-method
Diffstat (limited to 'actionview/lib/action_view/helpers/sanitize_helper.rb')
| -rw-r--r-- | actionview/lib/action_view/helpers/sanitize_helper.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper.rb b/actionview/lib/action_view/helpers/sanitize_helper.rb index cb0c99c4cf..f4fa133f55 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper.rb @@ -10,7 +10,7 @@ module ActionView # These helper methods extend Action View making them callable within your template files. module SanitizeHelper extend ActiveSupport::Concern - # Sanitizes HTML input, stripping all tags and attributes that aren't whitelisted. + # Sanitizes HTML input, stripping all but known-safe tags and attributes. # # It also strips href/src attributes with unsafe protocols like # <tt>javascript:</tt>, while also protecting against attempts to use Unicode, @@ -40,7 +40,7 @@ module ActionView # # <%= sanitize @comment.body %> # - # Providing custom whitelisted tags and attributes: + # Providing custom lists of permitted tags and attributes: # # <%= sanitize @comment.body, tags: %w(strong em a), attributes: %w(href) %> # |