diff --git a/Gemfile b/Gemfile
index a6b3536f..5b821448 100644
--- a/Gemfile
+++ b/Gemfile
@@ -41,9 +41,6 @@ gem 'rails-html-sanitizer'
# URI replacement
gem 'addressable'
-# Converts links in Strings to HTML anchors
-gem 'rinku'
-
# Sanitizes user content
gem 'sanitize'
diff --git a/Gemfile.lock b/Gemfile.lock
index 9c973713..875fcb14 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -399,7 +399,6 @@ GEM
actionpack (>= 5.0)
railties (>= 5.0)
rexml (3.2.5)
- rinku (2.0.6)
roar (1.0.3)
representable (>= 2.0.1, <= 3.0.0)
roar-rails (1.0.1)
@@ -589,7 +588,6 @@ DEPENDENCIES
redis
representable (~> 3.0.0)
request_store
- rinku
roar (= 1.0.3)
roo
rspec-instafail
diff --git a/lib/user_html.rb b/lib/user_html.rb
index 5768cd89..07cb7071 100644
--- a/lib/user_html.rb
+++ b/lib/user_html.rb
@@ -1,16 +1,15 @@
module UserHtml
mattr_accessor :sanitize_config
- def self.link_and_sanitize(content)
- linked_content = Rinku.auto_link(content, :urls)
- Sanitize.fragment(linked_content, UserHtml.sanitize_config)
+ def self.sanitize(content)
+ Sanitize.fragment(content, UserHtml.sanitize_config)
end
module ActiveRecord
module Base
def user_html(*attributes)
attributes.each do |attribute|
- filter_name = :"link_and_sanitize_#{attribute.to_s}"
+ filter_name = :"sanitize_#{attribute.to_s}"
class_exec do
before_validation filter_name
@@ -19,7 +18,7 @@ def user_html(*attributes)
content = send(attribute)
return if content.nil?
- send("#{attribute}=", UserHtml.link_and_sanitize(content))
+ send("#{attribute}=", UserHtml.sanitize(content))
end
end
end
diff --git a/spec/lib/user_html_spec.rb b/spec/lib/user_html_spec.rb
index 046f5b77..2eef7181 100644
--- a/spec/lib/user_html_spec.rb
+++ b/spec/lib/user_html_spec.rb
@@ -5,17 +5,14 @@
expect(ActiveRecord::Base).to respond_to(:user_html)
end
- it 'converts url\'s to html anchors with rel="nofollow" and target="_blank"' do
+ it 'does not auto_link urls' do
content = 'Here is a cool link: http://www.example.com.'
- expect(described_class.link_and_sanitize(content)).to(
- eq 'Here is a cool link: http://www.example.com.'
- )
+ expect(described_class.sanitize(content)).to eq content
end
it 'adds rel="nofollow" and target="_blank" to existing html anchors' do
content = 'Here is a cooler link: Example.'
- expect(described_class.link_and_sanitize(content)).to(
+ expect(described_class.sanitize(content)).to(
eq 'Here is a cooler link: Example.'
)
@@ -23,7 +20,7 @@
it 'removes script tags' do
content = 'Have a cup of .'
- expect(described_class.link_and_sanitize(content)).to eq 'Have a cup of .'
+ expect(described_class.sanitize(content)).to eq 'Have a cup of .'
end
it 'allows iframes to whitelisted domains' do
@@ -34,7 +31,7 @@
'src="https://www.youtube.com/embed/Xp6V_lO1ZKA" frameborder="0" ' +
'allowfullscreen="">'
- expect(described_class.link_and_sanitize(youtube_content)).to eq expected_youtube_content
+ expect(described_class.sanitize(youtube_content)).to eq expected_youtube_content
khan_content = \
""
- expect(described_class.link_and_sanitize(khan_content)).to eq expected_khan_content
+ expect(described_class.sanitize(khan_content)).to eq expected_khan_content
end
@@ -68,7 +65,7 @@
https://server2.cnx.org/content
}
valid_urls.each do | url |
- expect(described_class.link_and_sanitize(
+ expect(described_class.sanitize(
""
)).to eq ""
end
@@ -76,7 +73,7 @@
it 'removes iframes to non-whitelisted domains' do
content = "Funny cat videos: