diff options
| author | Timm <kaspth@gmail.com> | 2013-08-09 23:45:40 +0200 |
|---|---|---|
| committer | Timm <kaspth@gmail.com> | 2014-06-16 21:04:03 +0200 |
| commit | ea57c7cc85fd4b22e194a8ee8083c9d3d3767950 (patch) | |
| tree | 3c19b81d5f7d95c10bbb1afe9bff3ecb08c46c45 /actionview/lib | |
| parent | ac0d778fe973d8eb63fe8ef2af82a165d94b432a (diff) | |
| download | rails-ea57c7cc85fd4b22e194a8ee8083c9d3d3767950.tar.gz rails-ea57c7cc85fd4b22e194a8ee8083c9d3d3767950.tar.bz2 rails-ea57c7cc85fd4b22e194a8ee8083c9d3d3767950.zip | |
Changed PermitScrubbers documentation to list override points for subclasses. Renamed should_remove_attributes? to should_scrub_attributes?.
Diffstat (limited to 'actionview/lib')
| -rw-r--r-- | actionview/lib/action_view/helpers/sanitize_helper/scrubbers.rb | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper/scrubbers.rb b/actionview/lib/action_view/helpers/sanitize_helper/scrubbers.rb index 4751d84688..3c8ed6f420 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper/scrubbers.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper/scrubbers.rb @@ -12,8 +12,11 @@ # Contain an elements allowed attributes. # If none is set HTML5::Scrub.scrub_attributes implementation will be used. # -# Subclass PermitScrubber to provide your own definition of -# when a node is allowed and how attributes should be scrubbed. +# Subclass PermitScrubber to provide your own definition of: +# +# When a node is allowed via +allowed_node?+ +# When a node should be skipped via +should_skip_node?+ +# Which attributes should be scrubbed via +should_scrub_attributes?+ class PermitScrubber < Loofah::Scrubber # :nodoc: attr_reader :tags, :attributes @@ -48,24 +51,24 @@ class PermitScrubber < Loofah::Scrubber end end + def should_skip_node?(node) + text_or_cdata_node?(node) + end + + def should_scrub_attributes?(name) + @attributes.exclude?(name) + end + def scrub_attributes(node) if @attributes node.attributes.each do |name, _| - node.remove_attribute(name) if should_remove_attributes?(name) + node.remove_attribute(name) if should_scrub_attributes?(name) end else Loofah::HTML5::Scrub.scrub_attributes(node) end end - def should_skip_node?(node) - text_or_cdata_node?(node) - end - - def should_remove_attributes?(name) - @attributes.exclude?(name) - end - def text_or_cdata_node?(node) case node.type when Nokogiri::XML::Node::TEXT_NODE, Nokogiri::XML::Node::CDATA_SECTION_NODE @@ -95,7 +98,7 @@ class TargetScrubber < PermitScrubber @tags.exclude?(node.name) end - def should_remove_attributes?(name) + def should_scrub_attributes?(name) @attributes.include?(name) end end |