Merge pull request #16775 from kaspth/ship-secure-sanitizer

Ship with rails-html-sanitizer instead.
author: Rafael Mendonça França <rafaelmfranca@gmail.com> 2014-09-03 16:59:58 -0300
committer: Rafael Mendonça França <rafaelmfranca@gmail.com> 2014-09-03 16:59:58 -0300
commit: 5db4e7f0ec2957f8641d5af884bd39e31d795597 (patch)
tree: f2a7eaba6451aa9ef5cc648421d60f3851493997 /guides
parent: 66c9d31c2b9a58db03668fb0840669e4d4374123 (diff)
parent: 28eecd934b91618b1334acce859c26c1a380f51a (diff)
download: rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.tar.gz
rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.tar.bz2
rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/guides/source/4_2_release_notes.md b/guides/source/4_2_release_notes.md
index ae8ef34cdd..dad973cf5e 100644
--- a/guides/source/4_2_release_notes.md
+++ b/guides/source/4_2_release_notes.md
@@ -167,7 +167,8 @@ config.log_level = :info
 ### HTML Sanitizer
 
 The HTML sanitizer has been replaced with a new, more robust, implementation
-built upon Loofah and Nokogiri. The new sanitizer is (TODO: betterer).
+built upon Loofah and Nokogiri. The new sanitizer is more secure and its
+sanitization is more powerful and flexible.
 
 With a new sanitization algorithm, the sanitized output will change for certain
 pathological inputs.
author	Rafael Mendonça França <rafaelmfranca@gmail.com>	2014-09-03 16:59:58 -0300
committer	Rafael Mendonça França <rafaelmfranca@gmail.com>	2014-09-03 16:59:58 -0300
commit	5db4e7f0ec2957f8641d5af884bd39e31d795597 (patch)
tree	f2a7eaba6451aa9ef5cc648421d60f3851493997 /guides
parent	66c9d31c2b9a58db03668fb0840669e4d4374123 (diff)
parent	28eecd934b91618b1334acce859c26c1a380f51a (diff)
download	rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.tar.gz rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.tar.bz2 rails-5db4e7f0ec2957f8641d5af884bd39e31d795597.zip