Module: ActionView::Helpers::SanitizeHelper
- Extended by:
- SanitizeHelper
- Included in:
- SanitizeHelper
- Defined in:
- lib/rails/deprecated_sanitizer.rb
Instance Method Summary collapse
- #sanitized_allowed_attributes ⇒ Object
-
#sanitized_allowed_attributes=(attributes) ⇒ Object
Adds to the Set of allowed HTML attributes for the
sanitize
helper. - #sanitized_allowed_css_keywords ⇒ Object
-
#sanitized_allowed_css_keywords=(attributes) ⇒ Object
Adds to the Set of allowed CSS keywords for the
sanitize
andsanitize_css
helpers. - #sanitized_allowed_css_properties ⇒ Object
-
#sanitized_allowed_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed CSS properties for the #sanitize and
sanitize_css
helpers. - #sanitized_allowed_protocols ⇒ Object
-
#sanitized_allowed_protocols=(attributes) ⇒ Object
Adds to the Set of allowed protocols for the
sanitize
helper. - #sanitized_allowed_tags ⇒ Object
-
#sanitized_allowed_tags=(attributes) ⇒ Object
Adds to the Set of allowed tags for the
sanitize
helper. - #sanitized_bad_tags ⇒ Object
-
#sanitized_bad_tags=(attributes) ⇒ Object
Adds to the Set of ‘bad’ tags for the
sanitize
helper. - #sanitized_protocol_separator ⇒ Object
- #sanitized_protocol_separator=(value) ⇒ Object
- #sanitized_shorthand_css_properties ⇒ Object
-
#sanitized_shorthand_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed shorthand CSS properties for the
sanitize
andsanitize_css
helpers. - #sanitized_uri_attributes ⇒ Object
-
#sanitized_uri_attributes=(attributes) ⇒ Object
Adds valid HTML attributes that the
sanitize
helper checks for URIs. - #sanitizer_vendor ⇒ Object
Instance Method Details
#sanitized_allowed_attributes ⇒ Object
47 48 49 |
# File 'lib/rails/deprecated_sanitizer.rb', line 47 def sanitized_allowed_attributes white_list_sanitizer.allowed_attributes end |
#sanitized_allowed_attributes=(attributes) ⇒ Object
Adds to the Set of allowed HTML attributes for the sanitize
helper.
class Application < Rails::Application
config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc']
end
107 108 109 |
# File 'lib/rails/deprecated_sanitizer.rb', line 107 def sanitized_allowed_attributes=(attributes) HTML::WhiteListSanitizer.allowed_attributes.merge(attributes) end |
#sanitized_allowed_css_keywords ⇒ Object
55 56 57 |
# File 'lib/rails/deprecated_sanitizer.rb', line 55 def sanitized_allowed_css_keywords white_list_sanitizer.allowed_css_keywords end |
#sanitized_allowed_css_keywords=(attributes) ⇒ Object
Adds to the Set of allowed CSS keywords for the sanitize
and sanitize_css
helpers.
class Application < Rails::Application
config.action_view.sanitized_allowed_css_keywords = 'expression'
end
127 128 129 |
# File 'lib/rails/deprecated_sanitizer.rb', line 127 def sanitized_allowed_css_keywords=(attributes) HTML::WhiteListSanitizer.allowed_css_keywords.merge(attributes) end |
#sanitized_allowed_css_properties ⇒ Object
51 52 53 |
# File 'lib/rails/deprecated_sanitizer.rb', line 51 def sanitized_allowed_css_properties white_list_sanitizer.allowed_css_properties end |
#sanitized_allowed_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed CSS properties for the #sanitize and sanitize_css
helpers.
class Application < Rails::Application
config.action_view.sanitized_allowed_css_properties = 'expression'
end
117 118 119 |
# File 'lib/rails/deprecated_sanitizer.rb', line 117 def sanitized_allowed_css_properties=(attributes) HTML::WhiteListSanitizer.allowed_css_properties.merge(attributes) end |
#sanitized_allowed_protocols ⇒ Object
63 64 65 |
# File 'lib/rails/deprecated_sanitizer.rb', line 63 def sanitized_allowed_protocols white_list_sanitizer.allowed_protocols end |
#sanitized_allowed_protocols=(attributes) ⇒ Object
Adds to the Set of allowed protocols for the sanitize
helper.
class Application < Rails::Application
config.action_view.sanitized_allowed_protocols = 'ssh', 'feed'
end
147 148 149 |
# File 'lib/rails/deprecated_sanitizer.rb', line 147 def sanitized_allowed_protocols=(attributes) HTML::WhiteListSanitizer.allowed_protocols.merge(attributes) end |
#sanitized_allowed_tags ⇒ Object
43 44 45 |
# File 'lib/rails/deprecated_sanitizer.rb', line 43 def white_list_sanitizer. end |
#sanitized_allowed_tags=(attributes) ⇒ Object
Adds to the Set of allowed tags for the sanitize
helper.
class Application < Rails::Application
config.action_view. = 'table', 'tr', 'td'
end
97 98 99 |
# File 'lib/rails/deprecated_sanitizer.rb', line 97 def (attributes) HTML::WhiteListSanitizer..merge(attributes) end |
#sanitized_bad_tags ⇒ Object
39 40 41 |
# File 'lib/rails/deprecated_sanitizer.rb', line 39 def white_list_sanitizer. end |
#sanitized_bad_tags=(attributes) ⇒ Object
Adds to the Set of ‘bad’ tags for the sanitize
helper.
class Application < Rails::Application
config.action_view. = 'embed', 'object'
end
87 88 89 |
# File 'lib/rails/deprecated_sanitizer.rb', line 87 def (attributes) HTML::WhiteListSanitizer..merge(attributes) end |
#sanitized_protocol_separator ⇒ Object
31 32 33 |
# File 'lib/rails/deprecated_sanitizer.rb', line 31 def sanitized_protocol_separator white_list_sanitizer.protocol_separator end |
#sanitized_protocol_separator=(value) ⇒ Object
67 68 69 |
# File 'lib/rails/deprecated_sanitizer.rb', line 67 def sanitized_protocol_separator=(value) white_list_sanitizer.protocol_separator = value end |
#sanitized_shorthand_css_properties ⇒ Object
59 60 61 |
# File 'lib/rails/deprecated_sanitizer.rb', line 59 def sanitized_shorthand_css_properties white_list_sanitizer.shorthand_css_properties end |
#sanitized_shorthand_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed shorthand CSS properties for the sanitize
and sanitize_css
helpers.
class Application < Rails::Application
config.action_view.sanitized_shorthand_css_properties = 'expression'
end
137 138 139 |
# File 'lib/rails/deprecated_sanitizer.rb', line 137 def sanitized_shorthand_css_properties=(attributes) HTML::WhiteListSanitizer.shorthand_css_properties.merge(attributes) end |
#sanitized_uri_attributes ⇒ Object
35 36 37 |
# File 'lib/rails/deprecated_sanitizer.rb', line 35 def sanitized_uri_attributes white_list_sanitizer.uri_attributes end |
#sanitized_uri_attributes=(attributes) ⇒ Object
Adds valid HTML attributes that the sanitize
helper checks for URIs.
class Application < Rails::Application
config.action_view.sanitized_uri_attributes = 'lowsrc', 'target'
end
77 78 79 |
# File 'lib/rails/deprecated_sanitizer.rb', line 77 def sanitized_uri_attributes=(attributes) HTML::WhiteListSanitizer.uri_attributes.merge(attributes) end |
#sanitizer_vendor ⇒ Object
27 28 29 |
# File 'lib/rails/deprecated_sanitizer.rb', line 27 def sanitizer_vendor Rails::DeprecatedSanitizer end |