Browse files

Don't overwrite allowed tags when allowing video embeds on Story

  • Loading branch information...
1 parent 4fba764 commit 3529eedcdd7a6bcdac1a70bdf873bd32779abdda GIT_AUTHOR_NAME committed with veezus Mar 16, 2009
Showing with 10 additions and 2 deletions.
  1. +2 −2 app/models/story.rb
  2. +8 −0 spec/models/story_spec.rb
View
4 app/models/story.rb
@@ -40,8 +40,8 @@
class Story < NewsItem
cleanse_columns(:extended_description) do |sanitizer|
- sanitizer.allowed_tags.replace(%w(object param embed a img))
- sanitizer.allowed_attributes.replace(%w(width height name src value allowFullScreen type href allowScriptAccess style wmode pluginspage classid codebase data quality))
+ sanitizer.allowed_tags.add(%w(object param embed a img))
+ sanitizer.allowed_attributes.add(%w(width height name src value allowFullScreen type href allowScriptAccess style wmode pluginspage classid codebase data quality))
end
aasm_initial_state :draft
View
8 spec/models/story_spec.rb
@@ -13,6 +13,14 @@
end
end
+ describe "validation" do
+ it "should allow p tags in extended description" do
+ story = Factory(:story)
+ story.extended_description = "<p>Some html</p>"
+ story.save
+ story.extended_description.should include("<p>")
+ end
+ end
describe "status" do
before(:each) do
@story = Factory(:story)

0 comments on commit 3529eed

Please sign in to comment.