diff options
Diffstat (limited to 'actionview/lib/action_view/helpers/sanitize_helper.rb')
-rw-r--r-- | actionview/lib/action_view/helpers/sanitize_helper.rb | 32 |
1 files changed, 10 insertions, 22 deletions
diff --git a/actionview/lib/action_view/helpers/sanitize_helper.rb b/actionview/lib/action_view/helpers/sanitize_helper.rb index dfbc52e3ac..394250f058 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper.rb @@ -121,22 +121,6 @@ module ActionView module ClassMethods #:nodoc: attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer - [:protocol_separator, - :uri_attributes, - :bad_tags, - :allowed_css_properties, - :allowed_css_keywords, - :shorthand_css_properties, - :allowed_protocols].each do |meth| - meth_name = "sanitized_#{meth}" - imp = lambda do |name| - ActiveSupport::Deprecation.warn("#{name} is deprecated and has no effect.") - end - - define_method(meth_name) { imp.(meth_name) } - define_method("#{meth_name}=") { |value| imp.("#{meth_name}=") } - end - # Vendors the full, link and white list sanitizers. # This uses html-scanner for the HTML sanitization. # In the next Rails version this will use Rails::Html::Sanitizer instead. @@ -189,25 +173,29 @@ module ActionView @white_list_sanitizer ||= sanitizer_vendor.white_list_sanitizer.new end + ## + # :method: sanitized_allowed_tags= + # + # :call-seq: sanitized_allowed_tags=(tags) + # # Replaces the allowed tags for the +sanitize+ helper. # # class Application < Rails::Application # config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td' # end # - def sanitized_allowed_tags=(tags) - sanitizer_vendor.white_list_sanitizer.allowed_tags = tags - end + ## + # :method: sanitized_allowed_attributes= + # + # :call-seq: sanitized_allowed_attributes=(attributes) + # # Replaces the allowed HTML attributes for the +sanitize+ helper. # # class Application < Rails::Application # config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc'] # end # - def sanitized_allowed_attributes=(attributes) - sanitizer_vendor.white_list_sanitizer.allowed_attributes = attributes - end end end end |