Module: Decidim::SanitizeHelper
- Included in:
- Accountability::Admin::ResultsController, Accountability::ResultMetadataCell, ActivityCell, AddressCell, Admin::Moderations::ReportsHelper, AnnouncementCell, Assemblies::AssembliesHelper, AuthorCell, Blogs::Admin::PostsHelper, Blogs::ApplicationHelper, Budgets::BaseCell, Budgets::BudgetListItemCell, Budgets::OrderSummaryMailer, Budgets::VoteReminderMailer, ButtonCell, CardGCell, CardLCell, CardMetadataCell, CardSCell, Conferences::Admin::InviteJoinConferenceMailer, Conferences::Admin::SendConferenceDiplomaMailer, Conferences::MediaLinkCell, Conferences::RegistrationTypeCell, ContentBlocks::CtaCell, ContentBlocks::HeroCell, ContentBlocks::HighlightedContentBannerCell, ContentBlocks::ParticipatorySpaceHeroCell, ContentBlocks::SubHeroCell, Debates::DebateLCell, Debates::DebatePresenter, Elections::ElectionPresenter, EndorsementButtonsCell, Events::SimpleEvent, Forms::QuestionReadonlyCell, HtmlTruncation, Initiatives::InitiativeHelper, Initiatives::InitiativesMailer, Meetings::Admin::InviteJoinMeetingMailer, Meetings::ApplicationHelper, Meetings::Directory::ApplicationHelper, Meetings::JoinMeetingButtonCell, Meetings::MapHelper, Meetings::MeetingCell, Meetings::MeetingCellsHelper, Meetings::MeetingPresenter, NewsletterTemplates::BaseCell, NotificationCell, ParticipatoryProcessGroups::ContentBlocks::ExtraDataCell, ParticipatoryProcessGroups::ContentBlocks::MainDataCell, ParticipatoryProcesses::ParticipatoryProcessHelper, ParticipatorySpaceDropdownMetadataCell, PhotoCell, PhotosListCell, ProfileSidebarCell, Proposals::CostReportCell, Proposals::ParticipatoryTextProposalCell, Proposals::ProposalPresenter, ResourcePresenter, Decidim::Sortitions::SortitionsHelper, TosPageCell, TraceabilityHelper, UploadModalCell, ValidationErrorsPresenter, VersionCell, VersionsListCell, Votings::ContentBlocks::MainDataCell, Votings::ContentBlocks::PollingStationsCell, Votings::MapHelper, Votings::PollingStationPresenter, Votings::VotingPresenter
- Defined in:
- decidim-core/app/helpers/decidim/sanitize_helper.rb
Overview
Helper that provides methods to render order selector and links
Class Method Summary collapse
Instance Method Summary collapse
- #decidim_html_escape(text) ⇒ Object
-
#decidim_sanitize(html, options = {}) ⇒ Object
Public: It sanitizes a user-inputted string with the ‘Decidim::UserInputScrubber` scrubber, so that video embeds work as expected.
- #decidim_sanitize_admin(html, options = {}) ⇒ Object
- #decidim_sanitize_editor(html, options = {}) ⇒ Object
- #decidim_sanitize_editor_admin(html, options = {}) ⇒ Object
- #decidim_sanitize_newsletter(html, options = {}) ⇒ Object
- #decidim_url_escape(text) ⇒ Object
Class Method Details
.included(base) ⇒ Object
6 7 8 9 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 6 def self.included(base) base.include ActionView::Helpers::SanitizeHelper base.include ActionView::Helpers::TagHelper end |
Instance Method Details
#decidim_html_escape(text) ⇒ Object
48 49 50 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 48 def decidim_html_escape(text) ERB::Util.unwrapped_html_escape(text.to_str) end |
#decidim_sanitize(html, options = {}) ⇒ Object
Public: It sanitizes a user-inputted string with the ‘Decidim::UserInputScrubber` scrubber, so that video embeds work as expected. Uses Rails’ ‘sanitize` internally.
html - A string representing user-inputted HTML.
Returns an HTML-safe String.
18 19 20 21 22 23 24 25 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 18 def decidim_sanitize(html, = {}) scrubber = [:scrubber] || Decidim::UserInputScrubber.new if [:strip_tags] sanitize(html, scrubber:) else sanitize(html, scrubber:) end end |
#decidim_sanitize_admin(html, options = {}) ⇒ Object
27 28 29 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 27 def decidim_sanitize_admin(html, = {}) decidim_sanitize(html, { scrubber: Decidim::AdminInputScrubber.new }.merge()) end |
#decidim_sanitize_editor(html, options = {}) ⇒ Object
39 40 41 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 39 def decidim_sanitize_editor(html, = {}) content_tag(:div, decidim_sanitize(html, ), class: %w(rich-text-display)) end |
#decidim_sanitize_editor_admin(html, options = {}) ⇒ Object
43 44 45 46 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 43 def decidim_sanitize_editor_admin(html, = {}) html = Decidim::IframeDisabler.new(html, ).perform decidim_sanitize_editor(html, { scrubber: Decidim::AdminInputScrubber.new }.merge()) end |
#decidim_sanitize_newsletter(html, options = {}) ⇒ Object
31 32 33 34 35 36 37 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 31 def (html, = {}) if [:strip_tags] sanitize(html, scrubber: Decidim::NewsletterScrubber.new) else sanitize(html, scrubber: Decidim::NewsletterScrubber.new) end end |
#decidim_url_escape(text) ⇒ Object
52 53 54 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 52 def decidim_url_escape(text) decidim_html_escape(text).sub(/^javascript:/, "") end |