Commit c11bd7e713c7e79c579dd901585652c959d1e2c7 to rails's rails

c11bd7e
all branches
all tags
- v2.1.0_RC1
- v2.1.0
- v2.0.3
- v2.0.2
- v2.0.1
- v2.0.0_RC2
- v2.0.0_RC1
- v2.0.0_PR
- v2.0.0
- v1.2.6
- v1.2.5
- v1.2.4
- v1.2.3
- v1.2.2
- v1.2.1
- v1.2.0_RC2
- v1.2.0_RC1
- v1.2.0
- v1.1.6
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1.0_RC1
- v1.1.0
- v1.0.0
- v0.9.5
- v0.9.4.1
- v0.9.4
- v0.9.3
- v0.9.2
- v0.9.1
- v0.14.4
- v0.14.3
- v0.14.2
- v0.14.1
- v0.13.1
- v0.13.0
- v0.12.0
- v0.11.1
- v0.11.0
- v0.10.1
- v0.10.0
comments

rails / rails

Description:	Ruby on Rails
Homepage:	http://rubyonrails.org
Clone URL:	git://github.com/rails/rails.git Give this clone URL to anyone. `git clone git://github.com/rails/rails.git`
Search Repo:

Merge branch 'master' of git@github.com:rails/rails

lifo (author)

Sun May 11 15:59:27 -0700 2008

commit c11bd7e713c7e79c579dd901585652c959d1e2c7
tree 16a44a7df198c00f03fdcaa6853264f00170523e
parent 80e18e759e5244bbffd637e306f4f18b92af5caf parent 9a137506a1267ec5938fcec4d2ff135f15037459

actionpack/lib/action_view/helpers/sanitize_helper.rb

actionpack/lib/action_view/helpers/sanitize_helper.rb

0
@@ -48,6 +48,11 @@
0
       #     config.action_view.sanitized_allowed_attributes = 'id', 'class', 'style'
0
       #   end
0
       # 
0
+      # Please note that sanitizing user-provided text does not guarantee that the
0
+      # resulting markup is valid (conforming to a document type) or even well-formed.
0
+      # The output may still contain e.g. unescaped '<', '>', '&' characters and
0
+      # confuse browsers.
0
+      #
0
       def sanitize(html, options = {})
0
         self.class.white_list_sanitizer.sanitize(html, options)
0
       end

Comments

No one has commented yet.