- No changes.
- No changes.
- No changes.
- No changes.
-
Use
Rails::HTML5::SafeListSanitizerby default in the Rails 7.1 configuration if it is supported.Action Text's sanitizer can be configured by setting
config.action_text.sanitizer_vendor. Supported values areRails::HTML4::SanitizerorRails::HTML5::Sanitizer.The Rails 7.1 configuration will set this to
Rails::HTML5::Sanitizerwhen it is supported, and fall back toRails::HTML4::Sanitizer. Previous configurations default toRails::HTML4::Sanitizer.As a result of this change, the defaults for
ActionText::ContentHelper.allowed_tagsand.allowed_attributesare applied at runtime, so the value of these attributes is now 'nil' unless set by the application. You may callsanitizer_allowed_tagsorsanitizer_allowed_attributesto inspect the tags and attributes being allowed by the sanitizer.Mike Dalessio
-
Attachables now can override default attachment missing template.
When rendering Action Text attachments where the underlying attachable model has been removed, a fallback template is used. You now can override this template on a per-model basis. For example, you could render a placeholder image for a file attachment or the text "Deleted User" for a User attachment.
Matt Swanson, Joel Drapper
-
Update bundled Trix version from
1.3.1to2.0.4.Sarah Ridge, Sean Doyle
-
Apply
field_error_proctorich_text_areaform fields.Kaíque Kandy Koga
-
Action Text attachment URLs rendered in a background job (a la Turbo Streams) now use
Rails.application.default_url_optionsandRails.application.config.force_sslinstead ofhttp://example.org.Jonathan Hefner
-
Support
strict_loading:option forhas_rich_textdeclarationSean Doyle
-
Update ContentAttachment so that it can encapsulate arbitrary HTML content in a document.
Jamis Buck
-
Fix an issue that caused the content layout to render multiple times when a rich_text field was updated.
Jacob Herrington
Please check 7-0-stable for previous changes.