aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view/helpers
Commit message (Collapse)AuthorAgeFilesLines
* Change sanitizer_vendor to just be a method and reword documentation.Timm2014-06-161-4/+5
|
* Revert some stuff to use the new sanitizers.Timm2014-06-161-6/+6
|
* Add a layer of indirection making sanitizers pluggable.Timm2014-06-161-3/+8
|
* Delegate allowed tags and attributes setting to HTML::WhiteListSanitizer.Timm2014-06-161-4/+4
|
* Changed configuration documentation to no longer state it replaces a Set.Timm2014-06-161-2/+2
|
* Deprecate configurations and use allowed_tags and allowed_attributes on ↵Timm2014-06-161-99/+22
| | | | WhiteListSanitizer.
* Made deprecation messages in sanitize_helper more clear.Timm2014-06-161-3/+3
|
* Completed integration of rails-html-sanitizer in SanitizeHelper. Deprecated ↵Timm2014-06-163-294/+19
| | | | protocol_separator accessors and bad_tags=.
* Changed PermitScrubber's direction to bottom up to align better with ↵Timm2014-06-161-0/+1
| | | | Loofah's strip scrubber.
* Now only requiring Loofah in the places where it is needed.Timm2014-06-161-0/+2
|
* Minor rewording in TargetScrubber documentation.Timm2014-06-161-3/+3
|
* Now returning html if html is blank? in FullSanitizer and ↵Timm2014-06-161-1/+3
| | | | WhiteListSanitizer. This means it'll return false if called with false, however that is not a valid use case.
* Stylistic improvements. Some light documentation for remove_xpaths.Timm2014-06-161-6/+8
|
* Simplified the removal of xpaths in remove_xpaths. Added more tests for ↵Timm2014-06-161-1/+1
| | | | remove_xpaths.
* Fixed: added apostrophe to possessive noun.Timm2014-06-161-1/+1
|
* Changed: remove_xpaths called with String returns String, while called with ↵Timm2014-06-161-2/+2
| | | | Loofah fragment returns Loofah fragment. Added tests for this.
* Removed :nodoc: from PermitScrubber.Timm2014-06-161-1/+0
|
* Reworked documentation for PermitScrubber and TargetScrubber.Timm2014-06-161-2/+33
|
* Fixed: spelling error.Timm2014-06-161-1/+1
|
* Initialized tags and attributes to nil.Timm2014-06-161-0/+4
|
* Refactored scrub to keep_node? instead of scrub_node calling it. Also added ↵Timm2014-06-161-6/+5
| | | | ability to stop traversing by returning STOP from scrub_node.
* Changed PermitScrubber to be even more extensible. Updated TargetScrubber to ↵Timm2014-06-161-39/+40
| | | | be compliant. Updated documentation for PermitScrubber and TargetScrubber for clarity.
* Changed PermitScrubbers documentation to list override points for ↵Timm2014-06-161-12/+15
| | | | subclasses. Renamed should_remove_attributes? to should_scrub_attributes?.
* Already killed off LinkScrubber. Changed it instead to be TargetScrubber, ↵Timm2014-06-162-9/+20
| | | | which is more general, while still allowing maximum code reuse.
* Added LinkScrubber to remove duplication in LinkSanitizer. As such made ↵Timm2014-06-162-11/+22
| | | | PermitScrubber easier to subclass.
* Changed FullSanitizer sanitize to use tap method instead of temporary variable.Timm2014-06-161-3/+3
|
* Extracted the common xpaths to remove into XPATHS_TO_REMOVE.Timm2014-06-161-2/+4
|
* Refactored remove_xpaths to use duck typing and read better.Timm2014-06-161-4/+5
|
* Changed explanation for no duck typing of custom scrubbers.Timm2014-06-161-1/+2
|
* Updated documentation to tell that a custom scrubber takes precedence.Timm2014-06-151-0/+1
|
* Updated the documentation to reflect the scrubber option.Timm2014-06-151-1/+22
|
* Marked the private API as not needing code documentation.Timm2014-06-152-0/+2
|
* Added ability to pass a custom scrubber to sanitize. Includes test coverage.Timm2014-06-151-1/+3
|
* Moved requiring of Loofah from sanitizers.rb to action_view.rb.Timm2014-06-151-1/+0
|
* Added ActionView::Sanitizer and moved remove_xpaths to there.Timm2014-06-151-7/+0
|
* Added comment removal. Changed definitation of remove_xpaths to not use a ↵Timm2014-06-151-11/+24
| | | | splat operator.
* Extracted the xpath removals into some new API that allows users to remove ↵Timm2014-06-151-2/+8
| | | | xpath subtrees.
* Added removal of script tags to WhiteListSanitizer.Timm2014-06-151-0/+1
|
* Added guard clauses to FullSanitizer.Timm2014-06-151-1/+6
|
* bad_tags include form since we remove it. Also to prevent a ↵Timm2014-06-151-1/+1
| | | | should_allow_form_tag test creation.
* Removed the contains_bad_protocols? method as well as the tests for it. ↵Timm2014-06-151-8/+2
| | | | Loofah already deals with this.
* Reordered form removal with stripping.Timm2014-06-151-4/+7
|
* Added PermitScrubber which allows you to permit elements for sanitization.Timm2014-06-152-13/+85
|
* Removed duplication in the deprecated methods.Timm2014-06-151-5/+5
|
* Added Loofah as a dependency in actionview.gemspec.Timm2014-06-112-23/+140
| | | | | | Implemented ActionView: FullSanitizer, LinkSanitizer and WhiteListSanitizer in sanitizers.rb. Deprecated protocol_separator and bad_tags. Added new tests in sanitizers_test.rb and reimplemented assert_dom_equal with Loofah.
* [ci skip] Fix doc for javascript_helperAditya Kapoor2014-06-111-1/+7
|
* [ci skip] Add Docs for strip_insignificant_zeros option in number helpersAkshay Vishnoi2014-06-101-10/+8
|
* [ci skip] Correct output and use valid options of number helpersAkshay Vishnoi2014-06-101-2/+2
|
* Unwrap another html_escapeMatthew Draper2014-06-071-2/+2
| | | | /cc @tenderlove
* eliminate more wasteful allocationsAaron Patterson2014-06-061-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 04:44:37 +0000