Module: ActionView::Helpers::SanitizeHelper
- Extended by:
- SanitizeHelper
- Included in:
- SanitizeHelper
- Defined in:
- lib/rails/deprecated_sanitizer.rb
Instance Method Summary collapse
- #sanitized_allowed_attributes ⇒ Object
-
#sanitized_allowed_attributes=(attributes) ⇒ Object
Adds to the Set of allowed HTML attributes for the
sanitize
helper. - #sanitized_allowed_css_keywords ⇒ Object
-
#sanitized_allowed_css_keywords=(attributes) ⇒ Object
Adds to the Set of allowed CSS keywords for the
sanitize
andsanitize_css
helpers. - #sanitized_allowed_css_properties ⇒ Object
-
#sanitized_allowed_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed CSS properties for the #sanitize and
sanitize_css
helpers. - #sanitized_allowed_protocols ⇒ Object
-
#sanitized_allowed_protocols=(attributes) ⇒ Object
Adds to the Set of allowed protocols for the
sanitize
helper. - #sanitized_allowed_tags ⇒ Object
-
#sanitized_allowed_tags=(attributes) ⇒ Object
Adds to the Set of allowed tags for the
sanitize
helper. - #sanitized_bad_tags ⇒ Object
-
#sanitized_bad_tags=(attributes) ⇒ Object
Adds to the Set of ‘bad’ tags for the
sanitize
helper. - #sanitized_protocol_separator ⇒ Object
- #sanitized_protocol_separator=(value) ⇒ Object
- #sanitized_shorthand_css_properties ⇒ Object
-
#sanitized_shorthand_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed shorthand CSS properties for the
sanitize
andsanitize_css
helpers. - #sanitized_uri_attributes ⇒ Object
-
#sanitized_uri_attributes=(attributes) ⇒ Object
Adds valid HTML attributes that the
sanitize
helper checks for URIs. - #sanitizer_vendor ⇒ Object
Instance Method Details
#sanitized_allowed_attributes ⇒ Object
52 53 54 |
# File 'lib/rails/deprecated_sanitizer.rb', line 52 def sanitized_allowed_attributes white_list_sanitizer.allowed_attributes end |
#sanitized_allowed_attributes=(attributes) ⇒ Object
Adds to the Set of allowed HTML attributes for the sanitize
helper.
class Application < Rails::Application
config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc']
end
112 113 114 |
# File 'lib/rails/deprecated_sanitizer.rb', line 112 def sanitized_allowed_attributes=(attributes) HTML::WhiteListSanitizer.allowed_attributes.merge(attributes) end |
#sanitized_allowed_css_keywords ⇒ Object
60 61 62 |
# File 'lib/rails/deprecated_sanitizer.rb', line 60 def sanitized_allowed_css_keywords white_list_sanitizer.allowed_css_keywords end |
#sanitized_allowed_css_keywords=(attributes) ⇒ Object
Adds to the Set of allowed CSS keywords for the sanitize
and sanitize_css
helpers.
class Application < Rails::Application
config.action_view.sanitized_allowed_css_keywords = 'expression'
end
132 133 134 |
# File 'lib/rails/deprecated_sanitizer.rb', line 132 def sanitized_allowed_css_keywords=(attributes) HTML::WhiteListSanitizer.allowed_css_keywords.merge(attributes) end |
#sanitized_allowed_css_properties ⇒ Object
56 57 58 |
# File 'lib/rails/deprecated_sanitizer.rb', line 56 def sanitized_allowed_css_properties white_list_sanitizer.allowed_css_properties end |
#sanitized_allowed_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed CSS properties for the #sanitize and sanitize_css
helpers.
class Application < Rails::Application
config.action_view.sanitized_allowed_css_properties = 'expression'
end
122 123 124 |
# File 'lib/rails/deprecated_sanitizer.rb', line 122 def sanitized_allowed_css_properties=(attributes) HTML::WhiteListSanitizer.allowed_css_properties.merge(attributes) end |
#sanitized_allowed_protocols ⇒ Object
68 69 70 |
# File 'lib/rails/deprecated_sanitizer.rb', line 68 def sanitized_allowed_protocols white_list_sanitizer.allowed_protocols end |
#sanitized_allowed_protocols=(attributes) ⇒ Object
Adds to the Set of allowed protocols for the sanitize
helper.
class Application < Rails::Application
config.action_view.sanitized_allowed_protocols = 'ssh', 'feed'
end
152 153 154 |
# File 'lib/rails/deprecated_sanitizer.rb', line 152 def sanitized_allowed_protocols=(attributes) HTML::WhiteListSanitizer.allowed_protocols.merge(attributes) end |
#sanitized_allowed_tags ⇒ Object
48 49 50 |
# File 'lib/rails/deprecated_sanitizer.rb', line 48 def white_list_sanitizer. end |
#sanitized_allowed_tags=(attributes) ⇒ Object
Adds to the Set of allowed tags for the sanitize
helper.
class Application < Rails::Application
config.action_view. = 'table', 'tr', 'td'
end
102 103 104 |
# File 'lib/rails/deprecated_sanitizer.rb', line 102 def (attributes) HTML::WhiteListSanitizer..merge(attributes) end |
#sanitized_bad_tags ⇒ Object
44 45 46 |
# File 'lib/rails/deprecated_sanitizer.rb', line 44 def white_list_sanitizer. end |
#sanitized_bad_tags=(attributes) ⇒ Object
Adds to the Set of ‘bad’ tags for the sanitize
helper.
class Application < Rails::Application
config.action_view. = 'embed', 'object'
end
92 93 94 |
# File 'lib/rails/deprecated_sanitizer.rb', line 92 def (attributes) HTML::WhiteListSanitizer..merge(attributes) end |
#sanitized_protocol_separator ⇒ Object
36 37 38 |
# File 'lib/rails/deprecated_sanitizer.rb', line 36 def sanitized_protocol_separator white_list_sanitizer.protocol_separator end |
#sanitized_protocol_separator=(value) ⇒ Object
72 73 74 |
# File 'lib/rails/deprecated_sanitizer.rb', line 72 def sanitized_protocol_separator=(value) white_list_sanitizer.protocol_separator = value end |
#sanitized_shorthand_css_properties ⇒ Object
64 65 66 |
# File 'lib/rails/deprecated_sanitizer.rb', line 64 def sanitized_shorthand_css_properties white_list_sanitizer.shorthand_css_properties end |
#sanitized_shorthand_css_properties=(attributes) ⇒ Object
Adds to the Set of allowed shorthand CSS properties for the sanitize
and sanitize_css
helpers.
class Application < Rails::Application
config.action_view.sanitized_shorthand_css_properties = 'expression'
end
142 143 144 |
# File 'lib/rails/deprecated_sanitizer.rb', line 142 def sanitized_shorthand_css_properties=(attributes) HTML::WhiteListSanitizer.shorthand_css_properties.merge(attributes) end |
#sanitized_uri_attributes ⇒ Object
40 41 42 |
# File 'lib/rails/deprecated_sanitizer.rb', line 40 def sanitized_uri_attributes white_list_sanitizer.uri_attributes end |
#sanitized_uri_attributes=(attributes) ⇒ Object
Adds valid HTML attributes that the sanitize
helper checks for URIs.
class Application < Rails::Application
config.action_view.sanitized_uri_attributes = 'lowsrc', 'target'
end
82 83 84 |
# File 'lib/rails/deprecated_sanitizer.rb', line 82 def sanitized_uri_attributes=(attributes) HTML::WhiteListSanitizer.uri_attributes.merge(attributes) end |
#sanitizer_vendor ⇒ Object
32 33 34 |
# File 'lib/rails/deprecated_sanitizer.rb', line 32 def sanitizer_vendor Rails::DeprecatedSanitizer end |