From 55b453f2959ee176611732fa22b386916e9a9604 Mon Sep 17 00:00:00 2001
From: Timm <kaspth@gmail.com>
Date: Wed, 10 Jul 2013 15:57:01 +0200
Subject: Added removal of script tags to WhiteListSanitizer.

---
 actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb
index 9d4e5b8e38..8b1e76fec1 100644
--- a/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb
+++ b/actionview/lib/action_view/helpers/sanitize_helper/sanitizers.rb
@@ -49,6 +49,7 @@ module ActionView
         @permit_scrubber.attributes = options[:attributes]
         loofah_fragment.scrub!(@permit_scrubber)
       else
+        loofah_fragment.xpath("./script").each { |script| script.remove }
         loofah_fragment.xpath("./form").each { |form| form.remove }
         loofah_fragment.scrub!(:strip)
       end
-- 
cgit v1.2.3