Add warning when content has been sanitized

pages/app/presenters/refinery/pages/section_presenter.rb

@@ -1,3 +1,5 @@
+require 'diffy'
+
 module Refinery
   module Pages
     # Knows how to build the html for a section. A section is part of the visible html, that has
@@ -63,11 +65,24 @@ def html_from_fallback(can_use_fallback)
       attr_writer :id, :fallback_html, :hidden
 
       def wrap_content_in_tag(content)
-        content = sanitize(content,
+        content_tag(:section, content_tag(:div, sanitize_content(content), :class => 'inner'), :id => id)
+      end
+
+      def sanitize_content(input)
+        output = sanitize(input,
           tags: Refinery::Pages::whitelist_elements,
           attributes: Refinery::Pages::whitelist_attributes
         )
-        content_tag(:section, content_tag(:div, content, :class => 'inner'), :id => id)
+
+        if input != output
+          warning = "\n-- SANITIZED CONTENT WARNING --\n"
+          warning << "Refinery::Pages::SectionPresenter#wrap_content_in_tag\n"
+          warning << "HTML attributes and/or elements content has been sanitized\n"
+          warning << "#{::Diffy::Diff.new(input, output).to_s(:color)}\n"
+          warn warning
+        end
+
+        return output
       end
     end
   end

pages/refinerycms-pages.gemspec

@@ -26,6 +26,7 @@ Gem::Specification.new do |s|
   s.add_dependency 'refinerycms-core',            version
   s.add_dependency 'babosa',                      '!= 0.3.6'
   s.add_dependency 'speakingurl-rails',           '~> 8.0.0'
+  s.add_dependency 'diffy',                       '~> 3.1.0'
 
   s.required_ruby_version = Refinery::Version.required_ruby_version
 end

pages/spec/presenters/refinery/pages/section_presenter_spec.rb

@@ -97,6 +97,26 @@ module Pages
           end
         end
 
+        describe "#sanitize_content" do
+          before do
+            @errors = StringIO.new
+            @old_err = $stderr
+            $stderr = @errors
+          end
+
+          after(:each) { $stderr = @old_err }
+
+          it "shows a sanitized content warning" do
+            section = SectionPresenter.new
+            section.override_html = %Q{<dummy></dummy>}
+            section.wrapped_html(true)
+            @errors.rewind
+            expect(@errors.read).to eq(
+              %Q{\n-- SANITIZED CONTENT WARNING --\nRefinery::Pages::SectionPresenter#wrap_content_in_tag\nHTML attributes and/or elements content has been sanitized\n\e[31m-<dummy></dummy>\e[0m\n\\ No newline at end of file\n\n}
+            )
+          end
+        end
+
         describe "if allowed to use fallback html" do
           it "wont show a section with no fallback or override" do
             section = SectionPresenter.new