Deprecated sanitizer API extracted from Action View.
Ruby
Switch branches/tags
Clone or download
Pull request Compare This branch is 3 commits ahead of kaspth:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
test
.gitignore
.travis.yml
CHANGELOG.md
Gemfile
LICENSE
README.md
Rakefile
rails-deprecated_sanitizer.gemspec

README.md

Rails::Deprecated::Sanitizer

In Rails 4.2 HTML sanitization has been rewritten using a more secure library.

This gem includes the old behavior shipping with Rails 4.2 and before. It is strictly provided to ease migration.

To downgrade add gem 'rails-deprecated_sanitizer' to your Gemfile.

See the Rails 4.2 upgrade guide for more information.

You can read more about the new sanitization implementation here: rails-html-sanitizer.

Reporting XSS Security Issues

The code provided here deals with XSS attacks and is therefore a security concern. So if you find a security issue please follow the regular security reporting guidelines.