Skip to content
This repository
Browse code

do not force sanitize and whitelist protocols for auto_link

sanitize is not always required so we cannot make it. let's just
whitelist protocols
  • Loading branch information...
commit f35c93f4b18493488657f6c206e32423df7a8640 1 parent 3af3385
Egor Homakov authored May 26, 2012
4  actionpack/lib/action_view/helpers/text_helper.rb
@@ -463,7 +463,7 @@ def set_cycle(name, cycle_object)
463 463
         end
464 464
 
465 465
         AUTO_LINK_RE = %r{
466  
-            (?: ([\w+.:-]+:)// | www\. )
  466
+            (?: ((?:ed2k|ftp|http|https|irc|mailto|news|gopher|nntp|telnet|webcal|xmpp|callto|feed|svn|urn|aim|rsync|tag|ssh|sftp|rtsp|afs):)// | www\. )
467 467
             [^\s<]+
468 468
           }x
469 469
 
@@ -499,7 +499,7 @@ def auto_link_urls(text, html_options = {}, options = {})
499 499
               href = 'http://' + href unless scheme
500 500
 
501 501
               sanitize_link = options[:sanitize] != false
502  
-              sanitize(content_tag(:a, link_text, link_attributes.merge('href' => href), sanitize_link) + punctuation.reverse.join(''))
  502
+              content_tag(:a, link_text, link_attributes.merge('href' => href), sanitize_link) + punctuation.reverse.join('')
503 503
             end
504 504
           end
505 505
         end

0 notes on commit f35c93f

Please sign in to comment.
Something went wrong with that request. Please try again.