Module: Loofah::XssFoliate::InstanceMethods
- Defined in:
- lib/loofah/activerecord/xss_foliate.rb
Instance Method Summary collapse
-
#xss_foliate_fields ⇒ Object
:nodoc:.
Instance Method Details
#xss_foliate_fields ⇒ Object
:nodoc:
214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 |
# File 'lib/loofah/activerecord/xss_foliate.rb', line 214 def xss_foliate_fields # :nodoc: # fix a bug with Rails internal AR::Base models that get loaded before # the plugin, like CGI::Sessions::ActiveRecordStore::Session return if .nil? self.class.columns.each do |column| next unless (column.type == :string || column.type == :text) field = column.name.to_sym value = self[field] next if !value.is_a?(String) next if [:except].include?(field) next if xss_foliated_with_standard_scrubber(field) # :text if we're here fragment = Loofah.scrub_fragment(value, :strip) = if xss_foliate_is_unencoded(field) {:encode_special_chars => false} else {} end self[field] = fragment.nil? ? "" : fragment.text() end end |