Deprecated sanitizer API extracted from Action View.
Ruby
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
test
.gitignore
.travis.yml
CHANGELOG.md
Gemfile
LICENSE.txt
README.md
Rakefile
rails-deprecated_sanitizer.gemspec

README.md

Rails::Deprecated::Sanitizer

In Rails 4.2 HTML sanitization has been rewritten using a more secure library.

This gem includes the old behavior shipping with Rails 4.2 and before. It is strictly provided to ease migration. It will be supported until Rails 5.

To downgrade add gem 'rails-deprecated_sanitizer' to your Gemfile.

See the Rails 4.2 upgrade guide for more information.

You can read more about the new sanitization implementation here: rails-html-sanitizer.

Reporting XSS Security Issues

The code provided here deals with XSS attacks and is therefore a security concern. So if you find a security issue please follow the regular security reporting guidelines.