Class: CmsSnippet

Inherits:

ActiveRecord::Base

Object
ActiveRecord::Base
CmsSnippet

show all

Defined in:: app/models/cms_snippet.rb

Instance Method Summary collapse

#content=(value) ⇒ Object

Instance Method Details

#content=(value) ⇒ `Object`

# File 'app/models/cms_snippet.rb', line 6

def content=(value)
  if value && value.is_a?(String)
    # filter suspicious content... go overboard for now, fine-tune later perhaps
    value.gsub!(/<(%.*?(exec|system)\s?\(.*?\s*%)>/, '&lt;\1&gt;')
    value.gsub!(/<(%.*?\%x\s?\[.*?\s*%)>/, '&lt;\1&gt;')
    value.gsub!(/<(%.*?`.*?\s*%)>/, '&lt;\1&gt;')
  end
  super(value)
end