Module: ActionView::Helpers::SanitizeHelper

Extended by:
SanitizeHelper
Included in:
SanitizeHelper
Defined in:
lib/rails/deprecated_sanitizer.rb

Instance Method Summary collapse

Instance Method Details

#sanitized_allowed_attributesObject 



47
48
49
 
# File 'lib/rails/deprecated_sanitizer.rb', line 47

def sanitized_allowed_attributes
  white_list_sanitizer.allowed_attributes
end

#sanitized_allowed_attributes=(attributes) ⇒ Object

Adds to the Set of allowed HTML attributes for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc']
end



107
108
109
 
# File 'lib/rails/deprecated_sanitizer.rb', line 107

def sanitized_allowed_attributes=(attributes)
  HTML::WhiteListSanitizer.allowed_attributes.merge(attributes)
end

#sanitized_allowed_css_keywordsObject 



55
56
57
 
# File 'lib/rails/deprecated_sanitizer.rb', line 55

def sanitized_allowed_css_keywords
  white_list_sanitizer.allowed_css_keywords
end

#sanitized_allowed_css_keywords=(attributes) ⇒ Object

Adds to the Set of allowed CSS keywords for the sanitize and sanitize_css helpers.

class Application < Rails::Application
  config.action_view.sanitized_allowed_css_keywords = 'expression'
end



127
128
129
 
# File 'lib/rails/deprecated_sanitizer.rb', line 127

def sanitized_allowed_css_keywords=(attributes)
  HTML::WhiteListSanitizer.allowed_css_keywords.merge(attributes)
end

#sanitized_allowed_css_propertiesObject 



51
52
53
 
# File 'lib/rails/deprecated_sanitizer.rb', line 51

def sanitized_allowed_css_properties
  white_list_sanitizer.allowed_css_properties
end

#sanitized_allowed_css_properties=(attributes) ⇒ Object

Adds to the Set of allowed CSS properties for the #sanitize and sanitize_css helpers.

class Application < Rails::Application
  config.action_view.sanitized_allowed_css_properties = 'expression'
end



117
118
119
 
# File 'lib/rails/deprecated_sanitizer.rb', line 117

def sanitized_allowed_css_properties=(attributes)
  HTML::WhiteListSanitizer.allowed_css_properties.merge(attributes)
end

#sanitized_allowed_protocolsObject 



63
64
65
 
# File 'lib/rails/deprecated_sanitizer.rb', line 63

def sanitized_allowed_protocols
  white_list_sanitizer.allowed_protocols
end

#sanitized_allowed_protocols=(attributes) ⇒ Object

Adds to the Set of allowed protocols for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_allowed_protocols = 'ssh', 'feed'
end



147
148
149
 
# File 'lib/rails/deprecated_sanitizer.rb', line 147

def sanitized_allowed_protocols=(attributes)
  HTML::WhiteListSanitizer.allowed_protocols.merge(attributes)
end

#sanitized_allowed_tagsObject 



43
44
45
 
# File 'lib/rails/deprecated_sanitizer.rb', line 43

def sanitized_allowed_tags
  white_list_sanitizer.allowed_tags
end

#sanitized_allowed_tags=(attributes) ⇒ Object

Adds to the Set of allowed tags for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td'
end



97
98
99
 
# File 'lib/rails/deprecated_sanitizer.rb', line 97

def sanitized_allowed_tags=(attributes)
  HTML::WhiteListSanitizer.allowed_tags.merge(attributes)
end

#sanitized_bad_tagsObject 



39
40
41
 
# File 'lib/rails/deprecated_sanitizer.rb', line 39

def sanitized_bad_tags
  white_list_sanitizer.bad_tags
end

#sanitized_bad_tags=(attributes) ⇒ Object

Adds to the Set of ‘bad’ tags for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_bad_tags = 'embed', 'object'
end



87
88
89
 
# File 'lib/rails/deprecated_sanitizer.rb', line 87

def sanitized_bad_tags=(attributes)
  HTML::WhiteListSanitizer.bad_tags.merge(attributes)
end

#sanitized_protocol_separatorObject 



31
32
33
 
# File 'lib/rails/deprecated_sanitizer.rb', line 31

def sanitized_protocol_separator
  white_list_sanitizer.protocol_separator
end

#sanitized_protocol_separator=(value) ⇒ Object 



67
68
69
 
# File 'lib/rails/deprecated_sanitizer.rb', line 67

def sanitized_protocol_separator=(value)
  white_list_sanitizer.protocol_separator = value
end

#sanitized_shorthand_css_propertiesObject 



59
60
61
 
# File 'lib/rails/deprecated_sanitizer.rb', line 59

def sanitized_shorthand_css_properties
  white_list_sanitizer.shorthand_css_properties
end

#sanitized_shorthand_css_properties=(attributes) ⇒ Object

Adds to the Set of allowed shorthand CSS properties for the sanitize and sanitize_css helpers.

class Application < Rails::Application
  config.action_view.sanitized_shorthand_css_properties = 'expression'
end



137
138
139
 
# File 'lib/rails/deprecated_sanitizer.rb', line 137

def sanitized_shorthand_css_properties=(attributes)
  HTML::WhiteListSanitizer.shorthand_css_properties.merge(attributes)
end

#sanitized_uri_attributesObject 



35
36
37
 
# File 'lib/rails/deprecated_sanitizer.rb', line 35

def sanitized_uri_attributes
  white_list_sanitizer.uri_attributes
end

#sanitized_uri_attributes=(attributes) ⇒ Object

Adds valid HTML attributes that the sanitize helper checks for URIs.

class Application < Rails::Application
  config.action_view.sanitized_uri_attributes = 'lowsrc', 'target'
end



77
78
79
 
# File 'lib/rails/deprecated_sanitizer.rb', line 77

def sanitized_uri_attributes=(attributes)
  HTML::WhiteListSanitizer.uri_attributes.merge(attributes)
end

#sanitizer_vendorObject 



27
28
29
 
# File 'lib/rails/deprecated_sanitizer.rb', line 27

def sanitizer_vendor
  Rails::DeprecatedSanitizer
end