Module: PreventCrossSiteScripting

Defined in:: lib/prevent_cross_site_scripting.rb,
lib/prevent_cross_site_scripting/version.rb

Constant Summary collapse

VERSION =

"0.1.6"

Instance Method Summary collapse

#cross_site_scripting_validation(*attributes, msg: nil) ⇒ Object

Your code goes here…

Instance Method Details

#cross_site_scripting_validation(*attributes, msg: nil) ⇒ `Object`

Your code goes here…

# File 'lib/prevent_cross_site_scripting.rb', line 5

def cross_site_scripting_validation(*attributes, msg: nil)
  validate do
    attributes.each do |attribute|
      self.errors[attribute] << ((msg.present?) ? msg : "Html tags dosen't allowed ") if (attribute != Nokogiri::HTML(attribute).text)
    end
  end
end