Module: Decidim::SanitizeHelper

Included in:

ActivityCell, AddressCell, AnnouncementCell, AuthorCell, CardMCell, ContentBlocks::CtaCell, ContentBlocks::HeroCell, ContentBlocks::HighlightedContentBannerCell, ContentBlocks::SubHeroCell, EndorsementButtonsCell, Events::SimpleEvent, FingerprintCell, FollowButtonCell, NewsletterTemplates::BaseCell, ProfileSidebarCell, ResourcePresenter, TosPageCell, TraceabilityHelper, UserConversationCell, UserConversationsCell, UserProfileCell, VersionAuthorCell, VersionCell, VersionsListCell

Defined in:

app/helpers/decidim/sanitize_helper.rb

Overview

Helper that provides methods to render order selector and links

Class Method Summary

• .included(base) ⇒ Object

Instance Method Summary

• #decidim_html_escape(text) ⇒ Object
• #decidim_sanitize(html, options = {}) ⇒ Object

  Public: It sanitizes a user-inputted string with the ‘Decidim::UserInputScrubber` scrubber, so that video embeds work as expected.

• #decidim_sanitize_newsletter(html, options = {}) ⇒ Object
• #decidim_url_escape(text) ⇒ Object

Class Method Details

.included(base) ⇒ Object

# File 'app/helpers/decidim/sanitize_helper.rb', line 6

def self.included(base)
  base.include ActionView::Helpers::SanitizeHelper
end

Instance Method Details

#decidim_html_escape(text) ⇒ Object

# File 'app/helpers/decidim/sanitize_helper.rb', line 33

def decidim_html_escape(text)
  ERB::Util.unwrapped_html_escape(text.to_str)
end

#decidim_sanitize(html, options = {}) ⇒ Object

Public: It sanitizes a user-inputted string with the ‘Decidim::UserInputScrubber` scrubber, so that video embeds work as expected. Uses Rails’ ‘sanitize` internally.

html - A string representing user-inputted HTML.

Returns an HTML-safe String.

# File 'app/helpers/decidim/sanitize_helper.rb', line 17

def decidim_sanitize(html, options = {})
  if options[:strip_tags]
    strip_tags sanitize(html, scrubber: Decidim::UserInputScrubber.new)
  else
    sanitize(html, scrubber: Decidim::UserInputScrubber.new)
  end
end

#decidim_sanitize_newsletter(html, options = {}) ⇒ Object

# File 'app/helpers/decidim/sanitize_helper.rb', line 25

def decidim_sanitize_newsletter(html, options = {})
  if options[:strip_tags]
    strip_tags sanitize(html, scrubber: Decidim::NewsletterScrubber.new)
  else
    sanitize(html, scrubber: Decidim::NewsletterScrubber.new)
  end
end

#decidim_url_escape(text) ⇒ Object

# File 'app/helpers/decidim/sanitize_helper.rb', line 37

def decidim_url_escape(text)
  decidim_html_escape(text).sub(/^javascript:/, "")
end