Completed integration of rails-html-sanitizer in SanitizeHelper. Deprecated protocol_separator accessors and bad_tags=.

author: Timm <kaspth@gmail.com> 2013-10-12 23:09:50 +0200
committer: Timm <kaspth@gmail.com> 2014-06-16 21:04:20 +0200
commit: 38620e1bedb2cd38188eb6d7090beab5107f7347 (patch)
tree: 2e783d42cb2ef93a9feaa87281af1405fa9599de /actionview/lib/action_view/helpers/sanitize_helper.rb
parent: 9efdffe437ef5ac7b4416a9b7ad180b1e5888e28 (diff)
download: rails-38620e1bedb2cd38188eb6d7090beab5107f7347.tar.gz
rails-38620e1bedb2cd38188eb6d7090beab5107f7347.tar.bz2
rails-38620e1bedb2cd38188eb6d7090beab5107f7347.zip
1 files changed, 19 insertions, 18 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper.rb b/actionview/lib/action_view/helpers/sanitize_helper.rb
index 4d2c6e64d9..13f946efa0 100644
--- a/actionview/lib/action_view/helpers/sanitize_helper.rb
+++ b/actionview/lib/action_view/helpers/sanitize_helper.rb
@@ -1,5 +1,6 @@
 require 'active_support/core_ext/object/try'
-require 'action_view/helpers/sanitize_helper/sanitizers'
+require 'active_support/deprecation'
+require 'rails-html-sanitizer'
 
 module ActionView
   # = Action View Sanitize Helpers
@@ -121,7 +122,7 @@ module ActionView
         attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer
 
         def sanitized_protocol_separator
-          white_list_sanitizer.protocol_separator
+          ActiveSupport::Deprecation.warn('protocol_separator has been deprecated and has no effect.')
         end
 
         def sanitized_uri_attributes
@@ -129,7 +130,7 @@ module ActionView
         end
 
         def sanitized_bad_tags
-          white_list_sanitizer.bad_tags
+          ActiveSupport::Deprecation.warn('bad_tags has been deprecated and has no effect. You can still affect the tags being sanitized using Rails::Html::WhiteListSanitizer.bad_tags= which changes the allowed_tags.')
         end
 
         def sanitized_allowed_tags
@@ -156,7 +157,7 @@ module ActionView
           white_list_sanitizer.allowed_protocols
         end
 
-        # Gets the ActionView::FullSanitizer instance used by +strip_tags+. Replace with
+        # Gets the Rails::Html::FullSanitizer instance used by +strip_tags+. Replace with
         # any object that responds to +sanitize+.
         #
         #   class Application < Rails::Application
@@ -164,10 +165,10 @@ module ActionView
         #   end
         #
         def full_sanitizer
-          @full_sanitizer ||= ActionView::FullSanitizer.new
+          @full_sanitizer ||= Rails::Html::FullSanitizer.new
         end
 
-        # Gets the ActionView::LinkSanitizer instance used by +strip_links+.
+        # Gets the Rails::Html::LinkSanitizer instance used by +strip_links+.
         # Replace with any object that responds to +sanitize+.
         #
         #   class Application < Rails::Application
@@ -175,10 +176,10 @@ module ActionView
         #   end
         #
         def link_sanitizer
-          @link_sanitizer ||= ActionView::LinkSanitizer.new
+          @link_sanitizer ||= Rails::Html::LinkSanitizer.new
         end
 
-        # Gets the ActionView::WhiteListSanitizer instance used by sanitize and +sanitize_css+.
+        # Gets the Rails::Html::WhiteListSanitizer instance used by sanitize and +sanitize_css+.
         # Replace with any object that responds to +sanitize+.
         #
         #   class Application < Rails::Application
@@ -186,12 +187,12 @@ module ActionView
         #   end
         #
         def white_list_sanitizer
-          @white_list_sanitizer ||= ActionView::WhiteListSanitizer.new
+          @white_list_sanitizer ||= Rails::Html::WhiteListSanitizer.new
         end
 
 
         def sanitized_protocol_separator=(value)
-          ActionView::WhiteListSanitizer.protocol_separator = value
+          ActiveSupport::Deprecation.warn('protocol_separator= has been deprecated and has no effect.')
         end
 
         # Adds valid HTML attributes that the +sanitize+ helper checks for URIs.
@@ -201,7 +202,7 @@ module ActionView
         #   end
         #
         def sanitized_uri_attributes=(attributes)
-          ActionView::WhiteListSanitizer.update_uri_attributes(attributes)
+          Rails::Html::WhiteListSanitizer.update_uri_attributes(attributes)
         end
 
         # Adds to the Set of 'bad' tags for the +sanitize+ helper.
@@ -211,7 +212,7 @@ module ActionView
         #   end
         #
         def sanitized_bad_tags=(attributes)
-          ActionView::WhiteListSanitizer.bad_tags = attributes
+          Rails::Html::WhiteListSanitizer.bad_tags = attributes
         end
 
         # Adds to the Set of allowed tags for the +sanitize+ helper.
@@ -221,7 +222,7 @@ module ActionView
         #   end
         #
         def sanitized_allowed_tags=(attributes)
-          ActionView::WhiteListSanitizer.update_allowed_tags(attributes)
+          Rails::Html::WhiteListSanitizer.update_allowed_tags(attributes)
         end
 
         # Adds to the Set of allowed HTML attributes for the +sanitize+ helper.
@@ -231,7 +232,7 @@ module ActionView
         #   end
         #
         def sanitized_allowed_attributes=(attributes)
-          ActionView::WhiteListSanitizer.update_allowed_attributes(attributes)
+          Rails::Html::WhiteListSanitizer.update_allowed_attributes(attributes)
         end
 
         # Adds to the Set of allowed CSS properties for the #sanitize and +sanitize_css+ helpers.
@@ -241,7 +242,7 @@ module ActionView
         #   end
         #
         def sanitized_allowed_css_properties=(attributes)
-          ActionView::WhiteListSanitizer.update_allowed_css_properties(attributes)
+          Rails::Html::WhiteListSanitizer.update_allowed_css_properties(attributes)
         end
 
         # Adds to the Set of allowed CSS keywords for the +sanitize+ and +sanitize_css+ helpers.
@@ -251,7 +252,7 @@ module ActionView
         #   end
         #
         def sanitized_allowed_css_keywords=(attributes)
-          ActionView::WhiteListSanitizer.update_allowed_css_keywords(attributes)
+          Rails::Html::WhiteListSanitizer.update_allowed_css_keywords(attributes)
         end
 
         # Adds to the Set of allowed shorthand CSS properties for the +sanitize+ and +sanitize_css+ helpers.
@@ -261,7 +262,7 @@ module ActionView
         #   end
         #
         def sanitized_shorthand_css_properties=(attributes)
-          ActionView::WhiteListSanitizer.update_shorthand_css_properties(attributes)
+          Rails::Html::WhiteListSanitizer.update_shorthand_css_properties(attributes)
         end
 
         # Adds to the Set of allowed protocols for the +sanitize+ helper.
@@ -271,7 +272,7 @@ module ActionView
         #   end
         #
         def sanitized_allowed_protocols=(attributes)
-          ActionView::WhiteListSanitizer.update_allowed_protocols(attributes)
+          Rails::Html::WhiteListSanitizer.update_allowed_protocols(attributes)
         end
       end
     end
author	Timm <kaspth@gmail.com>	2013-10-12 23:09:50 +0200
committer	Timm <kaspth@gmail.com>	2014-06-16 21:04:20 +0200
commit	38620e1bedb2cd38188eb6d7090beab5107f7347 (patch)
tree	2e783d42cb2ef93a9feaa87281af1405fa9599de /actionview/lib/action_view/helpers/sanitize_helper.rb
parent	9efdffe437ef5ac7b4416a9b7ad180b1e5888e28 (diff)
download	rails-38620e1bedb2cd38188eb6d7090beab5107f7347.tar.gz rails-38620e1bedb2cd38188eb6d7090beab5107f7347.tar.bz2 rails-38620e1bedb2cd38188eb6d7090beab5107f7347.zip