kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Move implementation to the gems

Browse source 
Now we keep only the common code and move the specific code to the gems
This commit is contained in:
Rafael Mendonça França 2014-09-01 23:26:10 -03:00
parent c6f9cec1be
commit 67b42cb4aa
2 changed files with 11 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Gemfile
View file

@ -11,6 +11,7 @@ gem 'rack-cache', '~> 1.2'
gem 'jquery-rails', github: 'rails/jquery-rails', branch: 'master' gem 'jquery-rails', github: 'rails/jquery-rails', branch: 'master'
gem 'coffee-rails', '~> 4.0.0' gem 'coffee-rails', '~> 4.0.0'
gem 'rails-html-sanitizer', github: 'rails/rails-html-sanitizer' gem 'rails-html-sanitizer', github: 'rails/rails-html-sanitizer'
gem 'rails-deprecated_sanitizer', github: 'rails/rails-deprecated_sanitizer'
gem 'turbolinks', '~> 2.2.3' gem 'turbolinks', '~> 2.2.3'
# require: false so bcrypt is loaded only when has_secure_password is used. # require: false so bcrypt is loaded only when has_secure_password is used.

32
actionview/lib/action_view/helpers/sanitize_helper.rb
View file

@ -121,22 +121,6 @@ module ActionView
module ClassMethods #:nodoc: module ClassMethods #:nodoc:
attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer
[:protocol_separator,
:uri_attributes,
:bad_tags,
:allowed_css_properties,
:allowed_css_keywords,
:shorthand_css_properties,
:allowed_protocols].each do |meth|
meth_name = "sanitized_#{meth}"
imp = lambda do |name|
ActiveSupport::Deprecation.warn("#{name} is deprecated and has no effect.")
end
define_method(meth_name) { imp.(meth_name) }
define_method("#{meth_name}=") { |value| imp.("#{meth_name}=") }
end
# Vendors the full, link and white list sanitizers. # Vendors the full, link and white list sanitizers.
# This uses html-scanner for the HTML sanitization. # This uses html-scanner for the HTML sanitization.
# In the next Rails version this will use Rails::Html::Sanitizer instead. # In the next Rails version this will use Rails::Html::Sanitizer instead.
@ -189,25 +173,29 @@ module ActionView
@white_list_sanitizer ||= sanitizer_vendor.white_list_sanitizer.new @white_list_sanitizer ||= sanitizer_vendor.white_list_sanitizer.new
end end
##
# :method: sanitized_allowed_tags=
#
# :call-seq: sanitized_allowed_tags=(tags)
#
# Replaces the allowed tags for the +sanitize+ helper. # Replaces the allowed tags for the +sanitize+ helper.
# #
# class Application < Rails::Application # class Application < Rails::Application
# config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td' # config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td'
# end # end
# #
def sanitized_allowed_tags=(tags)
sanitizer_vendor.white_list_sanitizer.allowed_tags = tags
end
##
# :method: sanitized_allowed_attributes=
#
# :call-seq: sanitized_allowed_attributes=(attributes)
#
# Replaces the allowed HTML attributes for the +sanitize+ helper. # Replaces the allowed HTML attributes for the +sanitize+ helper.
# #
# class Application < Rails::Application # class Application < Rails::Application
# config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc'] # config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc']
# end # end
# #
def sanitized_allowed_attributes=(attributes)
sanitizer_vendor.white_list_sanitizer.allowed_attributes = attributes
end
end end
end end
end end