From 67b42cb4aa008198e2c22b84b063aa1eb082036d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Mon, 1 Sep 2014 23:26:10 -0300 Subject: Move implementation to the gems Now we keep only the common code and move the specific code to the gems --- .../lib/action_view/helpers/sanitize_helper.rb | 32 +++++++--------------- 1 file changed, 10 insertions(+), 22 deletions(-) (limited to 'actionview/lib/action_view/helpers') diff --git a/actionview/lib/action_view/helpers/sanitize_helper.rb b/actionview/lib/action_view/helpers/sanitize_helper.rb index dfbc52e3ac..394250f058 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper.rb @@ -121,22 +121,6 @@ module ActionView module ClassMethods #:nodoc: attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer - [:protocol_separator, - :uri_attributes, - :bad_tags, - :allowed_css_properties, - :allowed_css_keywords, - :shorthand_css_properties, - :allowed_protocols].each do |meth| - meth_name = "sanitized_#{meth}" - imp = lambda do |name| - ActiveSupport::Deprecation.warn("#{name} is deprecated and has no effect.") - end - - define_method(meth_name) { imp.(meth_name) } - define_method("#{meth_name}=") { |value| imp.("#{meth_name}=") } - end - # Vendors the full, link and white list sanitizers. # This uses html-scanner for the HTML sanitization. # In the next Rails version this will use Rails::Html::Sanitizer instead. @@ -189,25 +173,29 @@ module ActionView @white_list_sanitizer ||= sanitizer_vendor.white_list_sanitizer.new end + ## + # :method: sanitized_allowed_tags= + # + # :call-seq: sanitized_allowed_tags=(tags) + # # Replaces the allowed tags for the +sanitize+ helper. # # class Application < Rails::Application # config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td' # end # - def sanitized_allowed_tags=(tags) - sanitizer_vendor.white_list_sanitizer.allowed_tags = tags - end + ## + # :method: sanitized_allowed_attributes= + # + # :call-seq: sanitized_allowed_attributes=(attributes) + # # Replaces the allowed HTML attributes for the +sanitize+ helper. # # class Application < Rails::Application # config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc'] # end # - def sanitized_allowed_attributes=(attributes) - sanitizer_vendor.white_list_sanitizer.allowed_attributes = attributes - end end end end -- cgit v1.2.3 From 28eecd934b91618b1334acce859c26c1a380f51a Mon Sep 17 00:00:00 2001 From: Kasper Timm Hansen Date: Tue, 2 Sep 2014 21:07:41 +0200 Subject: Ship with rails-html-sanitizer instead. --- actionview/lib/action_view/helpers/sanitize_helper.rb | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) (limited to 'actionview/lib/action_view/helpers') diff --git a/actionview/lib/action_view/helpers/sanitize_helper.rb b/actionview/lib/action_view/helpers/sanitize_helper.rb index 394250f058..4f2db0a0c4 100644 --- a/actionview/lib/action_view/helpers/sanitize_helper.rb +++ b/actionview/lib/action_view/helpers/sanitize_helper.rb @@ -1,6 +1,6 @@ require 'active_support/core_ext/object/try' require 'active_support/deprecation' -require 'rails-deprecated_sanitizer' +require 'rails-html-sanitizer' module ActionView # = Action View Sanitize Helpers @@ -122,14 +122,9 @@ module ActionView attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer # Vendors the full, link and white list sanitizers. - # This uses html-scanner for the HTML sanitization. - # In the next Rails version this will use Rails::Html::Sanitizer instead. - # To get this new behavior now, in your Gemfile, add: - # - # gem 'rails-html-sanitizer' - # + # Provided strictly for compabitility and can be removed in Rails 5. def sanitizer_vendor - Rails::DeprecatedSanitizer + Rails::Html::Sanitizer end def sanitized_allowed_tags -- cgit v1.2.3 From ee61b76a810ad67ca064be2922a8b481fa840043 Mon Sep 17 00:00:00 2001 From: PaoMar Date: Wed, 3 Sep 2014 15:03:58 -0500 Subject: Add support for ARIA attributes in tags --- actionview/lib/action_view/helpers/tag_helper.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'actionview/lib/action_view/helpers') diff --git a/actionview/lib/action_view/helpers/tag_helper.rb b/actionview/lib/action_view/helpers/tag_helper.rb index 268558669e..f200d424c0 100644 --- a/actionview/lib/action_view/helpers/tag_helper.rb +++ b/actionview/lib/action_view/helpers/tag_helper.rb @@ -148,9 +148,9 @@ module ActionView return if options.blank? attrs = [] options.each_pair do |key, value| - if key.to_s == 'data' && value.is_a?(Hash) + if (key.to_s == 'data' || key.to_s == 'aria') && value.is_a?(Hash) value.each_pair do |k, v| - attrs << data_tag_option(k, v, escape) + attrs << prefix_tag_option(key, k, v, escape) end elsif BOOLEAN_ATTRIBUTES.include?(key) attrs << boolean_tag_option(key) if value @@ -161,8 +161,8 @@ module ActionView " #{attrs.sort! * ' '}" unless attrs.empty? end - def data_tag_option(key, value, escape) - key = "data-#{key.to_s.dasherize}" + def prefix_tag_option(prefix, key, value, escape) + key = "#{prefix}-#{key.to_s.dasherize}" unless value.is_a?(String) || value.is_a?(Symbol) || value.is_a?(BigDecimal) value = value.to_json end -- cgit v1.2.3 From faa0f324345f48c9f41f02c626055a7fadf1ddf4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Wed, 3 Sep 2014 18:31:04 -0300 Subject: Extract data/aria attribute prefixes to a constant --- actionview/lib/action_view/helpers/tag_helper.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'actionview/lib/action_view/helpers') diff --git a/actionview/lib/action_view/helpers/tag_helper.rb b/actionview/lib/action_view/helpers/tag_helper.rb index f200d424c0..c20800598f 100644 --- a/actionview/lib/action_view/helpers/tag_helper.rb +++ b/actionview/lib/action_view/helpers/tag_helper.rb @@ -20,6 +20,8 @@ module ActionView BOOLEAN_ATTRIBUTES.merge(BOOLEAN_ATTRIBUTES.map {|attribute| attribute.to_sym }) + TAG_PREFIXES = ['aria', 'data', :aria, :data].to_set + PRE_CONTENT_STRINGS = { :textarea => "\n" } @@ -148,7 +150,7 @@ module ActionView return if options.blank? attrs = [] options.each_pair do |key, value| - if (key.to_s == 'data' || key.to_s == 'aria') && value.is_a?(Hash) + if TAG_PREFIXES.include?(key) && value.is_a?(Hash) value.each_pair do |k, v| attrs << prefix_tag_option(key, k, v, escape) end -- cgit v1.2.3 From ab2ace6bbef1cc98c98e5a9a6b45e734bc5edd9d Mon Sep 17 00:00:00 2001 From: Rajarshi Das Date: Sat, 6 Sep 2014 11:49:39 +0530 Subject: fix the undefined method content_tag #15245 not required include ActionView::Helpers::TagHelper in test as well --- actionview/lib/action_view/helpers/translation_helper.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'actionview/lib/action_view/helpers') diff --git a/actionview/lib/action_view/helpers/translation_helper.rb b/actionview/lib/action_view/helpers/translation_helper.rb index 1d50ea2ff5..c2fda42396 100644 --- a/actionview/lib/action_view/helpers/translation_helper.rb +++ b/actionview/lib/action_view/helpers/translation_helper.rb @@ -6,6 +6,7 @@ module ActionView # = Action View Translation Helpers module Helpers module TranslationHelper + include TagHelper # Delegates to I18n#translate but also performs three additional functions. # # First, it will ensure that any thrown +MissingTranslation+ messages will be turned -- cgit v1.2.3