diff options
Diffstat (limited to 'actionpack/lib/action_view/helpers/sanitize_helper.rb')
| -rw-r--r-- | actionpack/lib/action_view/helpers/sanitize_helper.rb | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/actionpack/lib/action_view/helpers/sanitize_helper.rb b/actionpack/lib/action_view/helpers/sanitize_helper.rb index b47818a22a..63f6154ec4 100644 --- a/actionpack/lib/action_view/helpers/sanitize_helper.rb +++ b/actionpack/lib/action_view/helpers/sanitize_helper.rb @@ -32,13 +32,13 @@ module ActionView # # Add table tags to the default allowed tags # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td' # end # # Remove tags to the default allowed tags # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.after_initialize do # ActionView::Base.sanitized_allowed_tags.delete 'div' # end @@ -46,7 +46,7 @@ module ActionView # # Change allowed default attributes # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_allowed_attributes = 'id', 'class', 'style' # end # @@ -143,7 +143,7 @@ module ActionView # Gets the HTML::FullSanitizer instance used by +strip_tags+. Replace with # any object that responds to +sanitize+. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.full_sanitizer = MySpecialSanitizer.new # end # @@ -154,7 +154,7 @@ module ActionView # Gets the HTML::LinkSanitizer instance used by +strip_links+. Replace with # any object that responds to +sanitize+. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.link_sanitizer = MySpecialSanitizer.new # end # @@ -165,7 +165,7 @@ module ActionView # Gets the HTML::WhiteListSanitizer instance used by sanitize and +sanitize_css+. # Replace with any object that responds to +sanitize+. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.white_list_sanitizer = MySpecialSanitizer.new # end # @@ -175,7 +175,7 @@ module ActionView # Adds valid HTML attributes that the +sanitize+ helper checks for URIs. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_uri_attributes = 'lowsrc', 'target' # end # @@ -185,7 +185,7 @@ module ActionView # Adds to the Set of 'bad' tags for the +sanitize+ helper. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_bad_tags = 'embed', 'object' # end # @@ -195,7 +195,7 @@ module ActionView # Adds to the Set of allowed tags for the +sanitize+ helper. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td' # end # @@ -205,7 +205,7 @@ module ActionView # Adds to the Set of allowed HTML attributes for the +sanitize+ helper. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_allowed_attributes = 'onclick', 'longdesc' # end # @@ -215,7 +215,7 @@ module ActionView # Adds to the Set of allowed CSS properties for the #sanitize and +sanitize_css+ helpers. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_allowed_css_properties = 'expression' # end # @@ -225,7 +225,7 @@ module ActionView # Adds to the Set of allowed CSS keywords for the +sanitize+ and +sanitize_css+ helpers. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_allowed_css_keywords = 'expression' # end # @@ -235,7 +235,7 @@ module ActionView # Adds to the Set of allowed shorthand CSS properties for the +sanitize+ and +sanitize_css+ helpers. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_shorthand_css_properties = 'expression' # end # @@ -245,7 +245,7 @@ module ActionView # Adds to the Set of allowed protocols for the +sanitize+ helper. # - # Rails::Initializer.run do |config| + # class Application < Rails::Application # config.action_view.sanitized_allowed_protocols = 'ssh', 'feed' # end # |