-
Notifications
You must be signed in to change notification settings - Fork 21.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
auto_link shouldn't always sanitize #6495
Conversation
sanitize is not always required so we cannot make it. let's just whitelist protocols
Figured out - Repushing of gem versions is not allowed. OK bumped to 1.0.9 Now URL's like sasdfasdf://something.com will be no longer autolinked! And I think it's cool - nobody knows all dangerous protocols(browsers can add some) like |
cc @tenderlove |
Would ne great if you add some test. But I'm merging this since the build is broken. |
auto_link shouldn't always sanitize
@rafaelfranca yes I'd love to add tests. I should probably push into rails_autolink since it's no longer in 3.1 |
The build is still broken. http://travis-ci.org/#!/rails/rails/jobs/1442465. Please take a look. Could you at least run the tests before send the pull request? |
It's not broken!
We do not support file:/// URLs anymore - we should remove that testcase |
Ok. Please remove it. 👍 |
@homakov yes, you should release a new rails_autolink with your fixes. Thanks! |
@rafaelfranca Yes in that comment I implied you to do it - it's just 1 line, I don't want to pollute issue trackers with tiny pull requests:) Anyway I can do PR if you wish @tenderlove yes, I figured it out, new gem is released |
sanitize is not always required so we cannot force it by default. let's just
whitelist protocols and everybody's happy
My commit was wrong - I didn't realize how it will impact on
raw
text.@tenderlove also should I bump gem version of rails_autolink ? It's bugfix so I just pushed it to the 1.0.8