railsmonk / white_list_objectified
watch download tarball
public
Forks3Right
Watchers10Right
Description: Objectified version of Technoweenie's white_list plugin for Rails. Implemented as a class, not as a helper.
Homepage:
Clone URL: git://github.com/railsmonk/white_list_objectified.git
100644 24 lines (14 sloc) 1.165 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

* Objectified version of the plugin. Moved all white listing related code from 
  helper module into separate class WhiteLister. Left previous API in place, 
  so that old test files pass unchanged, this will ensure backward 
  compatibility to some extent. Also, copied and rewritten old tests to cover 
  WhiteLister class. [Dima Sabanin, sdmitry@gmail.com]
 
* Fix bad protocol_separator due to escaped html attributes [technoweenie]
 
* Slight tweak [technoweenie]
 
* Sanitize attributes properly [technoweenie]
 
* Rearrange some code, update for latest changes in rails' html tokenizer, prefix white_list_helper properties (like attributes) with white_listed [technoweenie]
 
* Lots of changes: use sets instead of arrays, global attributes set instead of tag-specific attributes, and a 'blacklist' of tags that are removed completely [technoweenie]
 
* Add abbr, acronym to default white listed tags.  remove id, and add title as default allowed attributes [technoweenie]
 
* Allow configurable tags/attributes when calling white_list [technoweenie]
 
* hasmanyjosh teaches me how to speell [technoweenie]
 
* Add white listing sanitize helper plugin [technoweenie]