Module: ActionView::Helpers::SanitizeHelper::ClassMethods

Defined in:
actionpack/lib/action_view/helpers/sanitize_helper.rb

Overview

:nodoc:

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#full_sanitizerObject

Gets the HTML::FullSanitizer instance used by strip_tags. Replace with any object that responds to sanitize.

class Application < Rails::Application
  config.action_view.full_sanitizer = MySpecialSanitizer.new
end



152
153
154
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 152

def full_sanitizer
  @full_sanitizer ||= HTML::FullSanitizer.new
end

#link_sanitizerObject

Gets the HTML::LinkSanitizer instance used by strip_links. Replace with any object that responds to sanitize.

class Application < Rails::Application
  config.action_view.link_sanitizer = MySpecialSanitizer.new
end



163
164
165
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 163

def link_sanitizer
  @link_sanitizer ||= HTML::LinkSanitizer.new
end

#white_list_sanitizerObject

Gets the HTML::WhiteListSanitizer instance used by sanitize and sanitize_css. Replace with any object that responds to sanitize.

class Application < Rails::Application
  config.action_view.white_list_sanitizer = MySpecialSanitizer.new
end



174
175
176
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 174

def white_list_sanitizer
  @white_list_sanitizer ||= HTML::WhiteListSanitizer.new
end

Instance Method Details

#sanitized_allowed_attributesObject 



121
122
123
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 121

def sanitized_allowed_attributes
  white_list_sanitizer.allowed_attributes
end

#sanitized_allowed_attributes=(attributes) ⇒ Object

Adds to the Set of allowed HTML attributes for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_allowed_attributes = 'onclick', 'longdesc'
end



214
215
216
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 214

def sanitized_allowed_attributes=(attributes)
  HTML::WhiteListSanitizer.allowed_attributes.merge(attributes)
end

#sanitized_allowed_css_keywordsObject 



129
130
131
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 129

def sanitized_allowed_css_keywords
  white_list_sanitizer.allowed_css_keywords
end

#sanitized_allowed_css_keywords=(attributes) ⇒ Object

Adds to the Set of allowed CSS keywords for the sanitize and sanitize_css helpers.

class Application < Rails::Application
  config.action_view.sanitized_allowed_css_keywords = 'expression'
end



234
235
236
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 234

def sanitized_allowed_css_keywords=(attributes)
  HTML::WhiteListSanitizer.allowed_css_keywords.merge(attributes)
end

#sanitized_allowed_css_propertiesObject 



125
126
127
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 125

def sanitized_allowed_css_properties
  white_list_sanitizer.allowed_css_properties
end

#sanitized_allowed_css_properties=(attributes) ⇒ Object

Adds to the Set of allowed CSS properties for the #sanitize and sanitize_css helpers.

class Application < Rails::Application
  config.action_view.sanitized_allowed_css_properties = 'expression'
end



224
225
226
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 224

def sanitized_allowed_css_properties=(attributes)
  HTML::WhiteListSanitizer.allowed_css_properties.merge(attributes)
end

#sanitized_allowed_protocolsObject 



137
138
139
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 137

def sanitized_allowed_protocols
  white_list_sanitizer.allowed_protocols
end

#sanitized_allowed_protocols=(attributes) ⇒ Object

Adds to the Set of allowed protocols for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_allowed_protocols = 'ssh', 'feed'
end



254
255
256
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 254

def sanitized_allowed_protocols=(attributes)
  HTML::WhiteListSanitizer.allowed_protocols.merge(attributes)
end

#sanitized_allowed_tagsObject 



117
118
119
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 117

def sanitized_allowed_tags
  white_list_sanitizer.allowed_tags
end

#sanitized_allowed_tags=(attributes) ⇒ Object

Adds to the Set of allowed tags for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td'
end



204
205
206
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 204

def sanitized_allowed_tags=(attributes)
  HTML::WhiteListSanitizer.allowed_tags.merge(attributes)
end

#sanitized_bad_tagsObject 



113
114
115
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 113

def sanitized_bad_tags
  white_list_sanitizer.bad_tags
end

#sanitized_bad_tags=(attributes) ⇒ Object

Adds to the Set of ‘bad’ tags for the sanitize helper.

class Application < Rails::Application
  config.action_view.sanitized_bad_tags = 'embed', 'object'
end



194
195
196
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 194

def sanitized_bad_tags=(attributes)
  HTML::WhiteListSanitizer.bad_tags.merge(attributes)
end

#sanitized_protocol_separatorObject 



105
106
107
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 105

def sanitized_protocol_separator
  white_list_sanitizer.protocol_separator
end

#sanitized_protocol_separator=(value) ⇒ Object 



141
142
143
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 141

def sanitized_protocol_separator=(value)
  white_list_sanitizer.protocol_separator = value
end

#sanitized_shorthand_css_propertiesObject 



133
134
135
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 133

def sanitized_shorthand_css_properties
  white_list_sanitizer.shorthand_css_properties
end

#sanitized_shorthand_css_properties=(attributes) ⇒ Object

Adds to the Set of allowed shorthand CSS properties for the sanitize and sanitize_css helpers.

class Application < Rails::Application
  config.action_view.sanitized_shorthand_css_properties = 'expression'
end



244
245
246
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 244

def sanitized_shorthand_css_properties=(attributes)
  HTML::WhiteListSanitizer.shorthand_css_properties.merge(attributes)
end

#sanitized_uri_attributesObject 



109
110
111
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 109

def sanitized_uri_attributes
  white_list_sanitizer.uri_attributes
end

#sanitized_uri_attributes=(attributes) ⇒ Object

Adds valid HTML attributes that the sanitize helper checks for URIs.

class Application < Rails::Application
  config.action_view.sanitized_uri_attributes = 'lowsrc', 'target'
end



184
185
186
 
# File 'actionpack/lib/action_view/helpers/sanitize_helper.rb', line 184

def sanitized_uri_attributes=(attributes)
  HTML::WhiteListSanitizer.uri_attributes.merge(attributes)
end