Permalink
Browse files

Readme

  • Loading branch information...
1 parent 922ca9a commit 65944f1d1b6d5f6edfd38e72f936591fae99ca8e @xuanxu xuanxu committed May 6, 2011
Showing with 12 additions and 4 deletions.
  1. +12 −4 README.rdoc
View
@@ -8,9 +8,11 @@ This is an extraction of the `auto_link` method from rails. The `auto_link`
method was removed from Rails in version Rails 3.1. This gem is meant to
bridge the gap for people migrating.
-== FEATURES/PROBLEMS:
+== FEATURES:
-* May not be safe!
+By default auto_link returns sanitized html_safe strings.
+This behaviour can be overriden setting the <tt>:sanitize</tt> option to false
+(thus making it insecure if you don't have the content under control).
== SYNOPSIS:
@@ -27,6 +29,12 @@ bridge the gap for people migrating.
auto_link("Visit http://www.loudthinking.com/ or e-mail david@loudthinking.com", :link => :email_addresses)
# => "Visit http://www.loudthinking.com/ or e-mail <a href=\"mailto:david@loudthinking.com\">david@loudthinking.com</a>"
+ auto_link("Go to http://www.rubyonrails.org <script>Malicious code!</script>")
+ # => "Go to <a href=\"http://www.rubyonrails.org\">http://www.rubyonrails.org</a> "
+
+ auto_link("Go to http://www.rubyonrails.org <script>alert('Script!')</script>", :sanitize => false)
+ # => "Go to <a href=\"http://www.rubyonrails.org\">http://www.rubyonrails.org</a> <script>alert('Script!')</script>"
+
post_body = "Welcome to my new blog at http://www.myblog.com/. Please e-mail me at me@email.com."
auto_link(post_body, :html => { :target => '_blank' }) do |text|
truncate(text, :length => 15)
@@ -35,11 +43,11 @@ bridge the gap for people migrating.
== REQUIREMENTS:
-* rails
+* rails >= 3.1
== INSTALL:
-* gem install rails
+* gem install rails_autolink
== LICENSE:

0 comments on commit 65944f1

Please sign in to comment.