Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Action Text to use HTML5 when available #48522

Merged
merged 1 commit into from
Jun 20, 2023
Merged

Update Action Text to use HTML5 when available #48522

merged 1 commit into from
Jun 20, 2023
+20 −6

Conversation

flavorjones
Copy link
Member

Motivation / Background

Update Action Text to use the HTML5 sanitizer when available, and to parse markup using Nokogiri::HTML5 when available. Previously, Action Text used Nokogiri's HTML4 parsers for these operations.

Detail

This pull request updates the default value for ActionText::ContentHelper.sanitizer from Rails::Html::Sanitizer.safe_list_sanitizer.new to Rails::Html::Sanitizer.best_supported_vendor.safe_list_sanitizer.new. The method .best_supported_vendor is available in rails-html-sanitizer v1.6.0 and later, which 500ccaa made the minimum for Action View.

This pull request also adds two new methods that return the "best supported" HTML document and document fragment classes: ActionText.html_document_class and ActionText.html_document_fragment_class. These methods are used internally where code previously referenced Nokogiri::HTML directly.

The change from #clone to #dup is necessary to work around an issue in Nokogiri where #clone is not defined properly for HTML5 fragment and the fragment does not have a parent Document. #dup behaves the way we expect, so this should be fine.

Additional information

This is part of ongoing work to update Rails to use HTML5.

Checklist

Before submitting the PR make sure the following are checked:

  • This Pull Request is related to one change. Changes that are unrelated should be opened in separate PRs.
  • Commit message has a detailed description of what changed and why. If this PR fixes a related issue include it in the commit message. Ex: [Fix #issue-number]
  • Tests are added or updated if you fix a bug or add a feature.
  • CHANGELOG files are updated for the changed libraries if there is a behavior change or additional feature. Minor bug fixes and documentation changes should not be included.

@flavorjones
Update Action Text to use HTML5 when available
55bca6b 
The change from `#clone` to `#dup` is necessary to work around an
issue in Nokogiri where `#clone` is not defined properly for HTML5
fragment and the fragment does not have a parent Document. `#dup`
behaves the way we expect, so this should be fine.
@rails-bot rails-bot bot added the actiontext label Jun 19, 2023
@guilleiguaran guilleiguaran merged commit 52ca1b6 into rails:main Jun 20, 2023
8 of 9 checks passed
@flavorjones flavorjones deleted the flavorjones-update-action-view-to-html5 branch June 20, 2023 01:41
@flavorjones
Copy link
Member Author

For posterity: the #clone change in this PR is to work around the upstream issue sparklemotion/nokogiri#2908

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@guilleiguaran guilleiguaran guilleiguaran approved these changes

Assignees
No one assigned
Labels
actiontext
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@flavorjones @guilleiguaran