diff options
author | Timm <kaspth@gmail.com> | 2013-07-04 16:55:42 +0200 |
---|---|---|
committer | Timm <kaspth@gmail.com> | 2014-06-15 23:35:25 +0200 |
commit | 91712cc11ded5c5f042784e098a10e1dca82e0d5 (patch) | |
tree | 936af3e1897a373d7525a46229d8298d65b37d35 /actionview/lib/action_view/helpers/sanitize_helper | |
parent | d3d979e4647162d32512484c675da6a0ae0b95fe (diff) | |
download | rails-91712cc11ded5c5f042784e098a10e1dca82e0d5.tar.gz rails-91712cc11ded5c5f042784e098a10e1dca82e0d5.tar.bz2 rails-91712cc11ded5c5f042784e098a10e1dca82e0d5.zip |
bad_tags include form since we remove it. Also to prevent a should_allow_form_tag test creation.
Diffstat (limited to 'actionview/lib/action_view/helpers/sanitize_helper')
-rw-r--r-- | actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb index 0bc4be6558..335280c718 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb @@ -99,7 +99,7 @@ module ActionView self.allowed_tags = Loofah::HTML5::WhiteList::ALLOWED_ELEMENTS - self.bad_tags = Set.new %w(script) + self.bad_tags = Set.new %w(script form) self.allowed_attributes = Loofah::HTML5::WhiteList::ALLOWED_ATTRIBUTES |