Module: Decidim::SanitizeHelper

Included in:
Accountability::Admin::ResultsController, Accountability::ResultMCell, ActivityCell, AddressCell, AnnouncementCell, Assemblies::AssembliesHelper, AuthorCell, Blogs::Admin::PostsHelper, Blogs::ApplicationHelper, Budgets::BaseCell, Budgets::BudgetListItemCell, Budgets::OrderSummaryMailer, Budgets::VoteReminderMailer, CardMCell, Conferences::Admin::InviteJoinConferenceMailer, Conferences::Admin::SendConferenceDiplomaMailer, Conferences::MediaLinkCell, Conferences::PhotoCell, Conferences::PhotosListCell, Conferences::RegistrationTypeCell, ContentBlocks::CtaCell, ContentBlocks::HeroCell, ContentBlocks::HighlightedContentBannerCell, ContentBlocks::SubHeroCell, Elections::ElectionPresenter, EndorsementButtonsCell, Events::SimpleEvent, FingerprintCell, FollowButtonCell, HtmlTruncation, Initiatives::ContentBlocks::HighlightedInitiativesCell, Initiatives::InitiativeHelper, Initiatives::InitiativesMailer, Meetings::Admin::InviteJoinMeetingMailer, Meetings::ApplicationHelper, Meetings::Directory::ApplicationHelper, Meetings::JoinMeetingButtonCell, Meetings::MapHelper, Meetings::MeetingCell, Meetings::MeetingCellsHelper, Meetings::MeetingPresenter, NewsletterTemplates::BaseCell, ParticipatoryProcessGroups::ContentBlocks::MetadataCell, ParticipatoryProcessGroups::ContentBlocks::TitleCell, ParticipatoryProcesses::ContentBlocks::HighlightedProcessesCell, ParticipatoryProcesses::ParticipatoryProcessHelper, ParticipatoryProcesses::ProcessMCell, ProfileSidebarCell, Proposals::CostReportCell, Proposals::ParticipatoryTextProposalCell, Proposals::ProposalPresenter, ResourcePresenter, Decidim::Sortitions::SortitionsHelper, TosPageCell, TraceabilityHelper, UserConversationCell, UserConversationsCell, UserProfileCell, ValidationErrorsPresenter, VersionAuthorCell, VersionCell, VersionsListCell, Votings::ContentBlocks::LandingPage::DescriptionCell, Votings::ContentBlocks::LandingPage::PollingStationsCell, Votings::PollingStationPresenter, Votings::VotingPresenter
Defined in:
decidim-core/app/helpers/decidim/sanitize_helper.rb

Overview

Helper that provides methods to render order selector and links

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(base) ⇒ Object


6
7
8
9
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 6

def self.included(base)
  base.include ActionView::Helpers::SanitizeHelper
  base.include ActionView::Helpers::TagHelper
end

Instance Method Details

#decidim_html_escape(text) ⇒ Object


38
39
40
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 38

def decidim_html_escape(text)
  ERB::Util.unwrapped_html_escape(text.to_str)
end

#decidim_sanitize(html, options = {}) ⇒ Object

Public: It sanitizes a user-inputted string with the `Decidim::UserInputScrubber` scrubber, so that video embeds work as expected. Uses Rails' `sanitize` internally.

html - A string representing user-inputted HTML.

Returns an HTML-safe String.


18
19
20
21
22
23
24
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 18

def decidim_sanitize(html, options = {})
  if options[:strip_tags]
    strip_tags sanitize(html, scrubber: Decidim::UserInputScrubber.new)
  else
    sanitize(html, scrubber: Decidim::UserInputScrubber.new)
  end
end

#decidim_sanitize_editor(html, options = {}) ⇒ Object


34
35
36
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 34

def decidim_sanitize_editor(html, options = {})
  (:div, decidim_sanitize(html, options), class: %w(ql-editor ql-reset-decidim))
end

#decidim_sanitize_newsletter(html, options = {}) ⇒ Object


26
27
28
29
30
31
32
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 26

def decidim_sanitize_newsletter(html, options = {})
  if options[:strip_tags]
    strip_tags sanitize(html, scrubber: Decidim::NewsletterScrubber.new)
  else
    sanitize(html, scrubber: Decidim::NewsletterScrubber.new)
  end
end

#decidim_url_escape(text) ⇒ Object


42
43
44
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 42

def decidim_url_escape(text)
  decidim_html_escape(text).sub(/^javascript:/, "")
end