diff options
| author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-09-03 16:59:58 -0300 |
|---|---|---|
| committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2014-09-03 16:59:58 -0300 |
| commit | 5db4e7f0ec2957f8641d5af884bd39e31d795597 (patch) | |
| tree | f2a7eaba6451aa9ef5cc648421d60f3851493997 /actionview/lib/action_view | |
| parent | 66c9d31c2b9a58db03668fb0840669e4d4374123 (diff) | |
| parent | 28eecd934b91618b1334acce859c26c1a380f51a (diff) | |
| download | rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.tar.gz rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.tar.bz2 rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.zip | |
Merge pull request #16775 from kaspth/ship-secure-sanitizer
Ship with rails-html-sanitizer instead.
Diffstat (limited to 'actionview/lib/action_view')
| -rw-r--r-- | actionview/lib/action_view/helpers/sanitize_helper.rb | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper.rb b/actionview/lib/action_view/helpers/sanitize_helper.rb index 394250f058..4f2db0a0c4 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper.rb @@ -1,6 +1,6 @@ require 'active_support/core_ext/object/try' require 'active_support/deprecation' -require 'rails-deprecated_sanitizer' +require 'rails-html-sanitizer' module ActionView # = Action View Sanitize Helpers @@ -122,14 +122,9 @@ module ActionView attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer # Vendors the full, link and white list sanitizers. - # This uses html-scanner for the HTML sanitization. - # In the next Rails version this will use Rails::Html::Sanitizer instead. - # To get this new behavior now, in your Gemfile, add: - # - # gem 'rails-html-sanitizer' - # + # Provided strictly for compabitility and can be removed in Rails 5. def sanitizer_vendor - Rails::DeprecatedSanitizer + Rails::Html::Sanitizer end def sanitized_allowed_tags |