aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view/helpers/sanitize_helper.rb
Commit message (Collapse)AuthorAgeFilesLines
* Permit list usage cleanup and clearer documentationKevin Deisz2018-08-271-1/+1
|
* Convert over the rest of the whitelist referencesKevin Deisz2018-08-241-2/+2
|
* [ci skip] `sanitizer_vendor` will be removed in Rails 6Tsukuru Tanimichi2018-07-111-1/+1
| | | Related to https://github.com/rails/rails/pull/24386#issuecomment-403926683
* Fix broken doc layout for action_view [ci skip]Yoshiyuki Hirano2017-08-271-1/+1
|
* Use frozen string literal in actionview/Kir Shatrov2017-07-241-0/+2
|
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-021-1/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Enforce frozen string in RubocopKir Shatrov2017-07-011-0/+1
|
* Remove `encode_special_chars` option from `strip_tags`Andrew Hood2017-02-271-4/+10
|
* Update comment for Scrubber usage [ci skip]kenta-s2017-01-161-6/+4
|
* applies new string literal convention in actionview/libXavier Noria2016-08-061-2/+2
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* sanitiser helper may be remove in 5.1, update doc [ci skip]Gaurav Sharma2016-03-311-1/+1
| | | using `rails-html-sanitizer` gem still Rails providing strip_tags, strip_links features. May be remove in 5.1
* fix Docs [ci skip]amitkumarsuroliya2015-08-181-1/+1
|
* Let strip_tags leave HTML escaping to Rails.Kasper Timm Hansen2015-03-101-1/+1
| | | | Prevents double escaping errors, such as "&" becoming "&".
* Single instead of double quotes T.J. Schuck2015-01-201-2/+2
| | | [ci skip]
* Rewrite SanitizeHelper docsT.J. Schuck2015-01-201-77/+50
|
* Fix code formatting in sanitize docsT.J. Schuck2015-01-201-9/+11
|
* Remove unneeded `require 'as/deprecation'`claudiob2015-01-041-1/+0
| | | | | Tests should still pass after removing `require 'active_support/deprecation'` from these files since the related deprecations have been removed.
* Clarify comments about sanitized_allowed_tagsPrathamesh Sonpatki2014-10-251-2/+2
| | | | | | | | - Clarify that arguments are expected in array format. - Extension of https://github.com/rails/rails/pull/17390. - https://github.com/rails/rails/pull/17390 was targeted against 4-1-stable branch. This commit updates master. - [ci skip]
* Ship with rails-html-sanitizer instead.Kasper Timm Hansen2014-09-031-8/+3
|
* Move implementation to the gemsRafael Mendonça França2014-09-011-22/+10
| | | | Now we keep only the common code and move the specific code to the gems
* Merge branch 'master' of github.com:rails/docrailsVijay Dev2014-08-191-1/+1
|\ | | | | | | | | | | | | Conflicts: actionpack/lib/action_controller/metal/mime_responds.rb actionview/lib/action_view/vendor/html-scanner/html/sanitizer.rb activerecord/lib/active_record/type/value.rb
| * Uppercase HTML in docs.Hendy Tanata2014-08-081-1/+1
| | | | | | | | [skip ci]
* | Prepare for partial release.Kasper Timm Hansen2014-08-171-3/+8
| | | | | | | | | | | | | | - Default to Rails::DeprecatedSanitizer in ActionView::Helpers::SanitizeHelper. - Add upgrade notes. - Add sanitizer to new applications Gemfiles. - Remove 'rails-dom-testing' as a dependency.
* | Use the plugin API to the getter and settersRafael Mendonça França2014-07-151-4/+4
| | | | | | | | | | To avoid having to redefine these methods on the deprecated plugin we should be using the sanitizer_vendor API.
* | Don't splat arguments to allowed tags or attributes.Timm2014-06-161-2/+2
| |
* | Change sanitizer_vendor to just be a method and reword documentation.Timm2014-06-161-4/+5
| |
* | Revert some stuff to use the new sanitizers.Timm2014-06-161-6/+6
| |
* | Add a layer of indirection making sanitizers pluggable.Timm2014-06-161-3/+8
| |
* | Delegate allowed tags and attributes setting to HTML::WhiteListSanitizer.Timm2014-06-161-4/+4
| |
* | Changed configuration documentation to no longer state it replaces a Set.Timm2014-06-161-2/+2
| |
* | Deprecate configurations and use allowed_tags and allowed_attributes on ↵Timm2014-06-161-99/+22
| | | | | | | | WhiteListSanitizer.
* | Made deprecation messages in sanitize_helper more clear.Timm2014-06-161-3/+3
| |
* | Completed integration of rails-html-sanitizer in SanitizeHelper. Deprecated ↵Timm2014-06-161-18/+19
| | | | | | | | protocol_separator accessors and bad_tags=.
* | Updated documentation to tell that a custom scrubber takes precedence.Timm2014-06-151-0/+1
| |
* | Updated the documentation to reflect the scrubber option.Timm2014-06-151-1/+22
| |
* | Added Loofah as a dependency in actionview.gemspec.Timm2014-06-111-23/+24
|/ | | | | | Implemented ActionView: FullSanitizer, LinkSanitizer and WhiteListSanitizer in sanitizers.rb. Deprecated protocol_separator and bad_tags. Added new tests in sanitizers_test.rb and reimplemented assert_dom_equal with Loofah.
* Fix documentation簡煒航 (Jian Weihang)2014-05-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To prevent `ArgumentError`, `config.action_view.sanitized_allowed_attributes` should be assigned by an array instead of a list. ``` /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/set.rb:98:in `do_with_enum': value must be enumerable (ArgumentError) from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/set.rb:355:in `merge' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/actionview-4.1.1/lib/action_view/helpers/sanitize_helper.rb:211:in `sanitized_allowed_attributes=' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/actionview-4.1.1/lib/action_view/railtie.rb:26:in `block (3 levels) in <class:Railtie>' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/actionview-4.1.1/lib/action_view/railtie.rb:25:in `each' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/actionview-4.1.1/lib/action_view/railtie.rb:25:in `block (2 levels) in <class:Railtie>' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.1/lib/active_support/lazy_load_hooks.rb:38:in `instance_eval' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.1/lib/active_support/lazy_load_hooks.rb:38:in `execute_hook' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.1/lib/active_support/lazy_load_hooks.rb:28:in `block in on_load' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.1/lib/active_support/lazy_load_hooks.rb:27:in `each' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/activesupport-4.1.1/lib/active_support/lazy_load_hooks.rb:27:in `on_load' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/actionview-4.1.1/lib/action_view/railtie.rb:24:in `block in <class:Railtie>' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/initializable.rb:30:in `instance_exec' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/initializable.rb:30:in `run' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/initializable.rb:55:in `block in run_initializers' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:226:in `block in tsort_each' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:348:in `block (2 levels) in each_strongly_connected_component' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:427:in `each_strongly_connected_component_from' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:347:in `block in each_strongly_connected_component' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:345:in `each' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:345:in `call' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:345:in `each_strongly_connected_component' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:224:in `tsort_each' from /Users/tonytonyjan/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/tsort.rb:205:in `tsort_each' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/initializable.rb:54:in `run_initializers' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/application.rb:288:in `initialize!' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/config/environment.rb:5:in `<top (required)>' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/config.ru:3:in `require' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/config.ru:3:in `block in <main>' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/builder.rb:55:in `instance_eval' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/builder.rb:55:in `initialize' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/config.ru:in `new' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/config.ru:in `<main>' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/builder.rb:49:in `eval' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/builder.rb:49:in `new_from_string' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/builder.rb:40:in `parse_file' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/server.rb:277:in `build_app_and_options_from_config' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/server.rb:199:in `app' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands/server.rb:50:in `app' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/rack-1.5.2/lib/rack/server.rb:314:in `wrapped_app' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands/server.rb:130:in `log_to_stdout' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands/server.rb:67:in `start' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands/commands_tasks.rb:81:in `block in server' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands/commands_tasks.rb:76:in `tap' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands/commands_tasks.rb:76:in `server' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands/commands_tasks.rb:40:in `run_command!' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/railties-4.1.1/lib/rails/commands.rb:17:in `<top (required)>' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/bin/rails:8:in `require' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/bin/rails:8:in `<top (required)>' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/spring-1.1.3/lib/spring/client/rails.rb:27:in `load' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/spring-1.1.3/lib/spring/client/rails.rb:27:in `call' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/spring-1.1.3/lib/spring/client/command.rb:7:in `call' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/spring-1.1.3/lib/spring/client.rb:26:in `run' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/spring-1.1.3/bin/spring:48:in `<top (required)>' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/spring-1.1.3/lib/spring/binstub.rb:11:in `load' from /Users/tonytonyjan/.rvm/gems/ruby-2.1.2/gems/spring-1.1.3/lib/spring/binstub.rb:11:in `<top (required)>' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/bin/spring:16:in `require' from /Users/tonytonyjan/Dropbox/home/codes/penta_ruby/bin/spring:16:in `<top (required)>' from bin/rails:3:in `load' from bin/rails:3:in `<main>' ```
* Move actionpack/lib/action_view* into actionview/libPiotr Sarnacki2013-06-201-0/+256