aboutsummaryrefslogtreecommitdiffstats
path: root/actionview
diff options
context:
space:
mode:
authorKevin Deisz <kevin.deisz@gmail.com>2018-08-24 16:10:17 -0400
committerKevin Deisz <kevin.deisz@gmail.com>2018-08-24 16:10:17 -0400
commitc14859513a648270705b61210dc3ab2fe5d04004 (patch)
treedf253cd04ba9ffb7f4797eebe4af1031d1b0f5cc /actionview
parente2d8a2ccfd3b0d2030920346a2ff0cad93fcb188 (diff)
downloadrails-c14859513a648270705b61210dc3ab2fe5d04004.tar.gz
rails-c14859513a648270705b61210dc3ab2fe5d04004.tar.bz2
rails-c14859513a648270705b61210dc3ab2fe5d04004.zip
Convert over the rest of the whitelist references
Diffstat (limited to 'actionview')
-rw-r--r--actionview/lib/action_view/helpers/sanitize_helper.rb4
1 files changed, 2 insertions, 2 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper.rb b/actionview/lib/action_view/helpers/sanitize_helper.rb
index cb0c99c4cf..d27d5d7e12 100644
--- a/actionview/lib/action_view/helpers/sanitize_helper.rb
+++ b/actionview/lib/action_view/helpers/sanitize_helper.rb
@@ -10,7 +10,7 @@ module ActionView
# These helper methods extend Action View making them callable within your template files.
module SanitizeHelper
extend ActiveSupport::Concern
- # Sanitizes HTML input, stripping all tags and attributes that aren't whitelisted.
+ # Sanitizes HTML input, stripping all tags and attributes that aren't permitted.
#
# It also strips href/src attributes with unsafe protocols like
# <tt>javascript:</tt>, while also protecting against attempts to use Unicode,
@@ -40,7 +40,7 @@ module ActionView
#
# <%= sanitize @comment.body %>
#
- # Providing custom whitelisted tags and attributes:
+ # Providing custom lists of permitted tags and attributes:
#
# <%= sanitize @comment.body, tags: %w(strong em a), attributes: %w(href) %>
#