Module: Decidim::SanitizeHelper
- Included in:
- Accountability::Admin::ResultsController, Accountability::ResultPresenter, Admin::Moderations::ReportsHelper, ApplicationMailer, Assemblies::AssembliesHelper, Blogs::Admin::PostsHelper, Blogs::ApplicationHelper, Blogs::SchemaOrgBlogPostingPostSerializer, Budgets::OrderSummaryMailer, Budgets::VoteReminderMailer, CardGCell, CheckBoxesTreeHelper, Conferences::Admin::InviteJoinConferenceMailer, Conferences::Admin::SendConferenceDiplomaMailer, Debates::DebateLCell, Debates::DebatePresenter, DecidimDeviseMailer, Events::BaseEvent, Exporters::FormPDF, HtmlTruncation, Initiatives::InitiativeHelper, Initiatives::InitiativesMailer, Log::ResourcePresenter, Meetings::Admin::InviteJoinMeetingMailer, Meetings::ApplicationHelper, Meetings::Directory::ApplicationHelper, Meetings::MapHelper, Meetings::MeetingCellsHelper, Meetings::MeetingPresenter, Meetings::MeetingsController, Meetings::SchemaOrgEventMeetingSerializer, ParticipatoryProcessGroups::ContentBlocks::ExtraDataCell, ParticipatoryProcessGroups::ContentBlocks::MainDataCell, ParticipatoryProcesses::ParticipatoryProcessHelper, Proposals::ProposalPresenter, PushNotificationMessage, ResourcePresenter, SchemaOrgBreadcrumbListSerializer, Decidim::Sortitions::Admin::SortitionsHelper, Decidim::Sortitions::SortitionsHelper, TraceabilityHelper, ValidationErrorsPresenter, ViewModel
- Defined in:
- decidim-core/app/helpers/decidim/sanitize_helper.rb
Overview
Helper that provides methods to render order selector and links
Class Method Summary collapse
Instance Method Summary collapse
- #decidim_escape_translated(text) ⇒ Object
- #decidim_html_escape(text) ⇒ Object
-
#decidim_rich_text(html) ⇒ Object
Converts the blob and blob variant references to blob URLs.
-
#decidim_sanitize(html, options = {}) ⇒ Object
Public: It sanitizes a user-inputted string with the ‘Decidim::UserInputScrubber` scrubber, so that video embeds work as expected.
- #decidim_sanitize_admin(html, options = {}) ⇒ Object
- #decidim_sanitize_editor(html, options = {}) ⇒ Object
- #decidim_sanitize_editor_admin(html, options = {}) ⇒ Object
- #decidim_sanitize_newsletter(html, options = {}) ⇒ Object
- #decidim_sanitize_translated(text) ⇒ Object
- #decidim_url_escape(text) ⇒ Object
Class Method Details
.included(base) ⇒ Object
6 7 8 9 10 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 6 def self.included(base) base.include ActionView::Helpers::SanitizeHelper base.include ActionView::Helpers::TagHelper base.include Decidim::TranslatableAttributes end |
Instance Method Details
#decidim_escape_translated(text) ⇒ Object
70 71 72 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 70 def decidim_escape_translated(text) decidim_html_escape(translated_attribute(text)) end |
#decidim_html_escape(text) ⇒ Object
58 59 60 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 58 def decidim_html_escape(text) ERB::Util.unwrapped_html_escape(text.to_str) end |
#decidim_rich_text(html) ⇒ Object
Converts the blob and blob variant references to blob URLs.
41 42 43 44 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 41 def decidim_rich_text(html, **) renderer = Decidim::ContentProcessor.renderer_klass(:blob).constantize.new(html) renderer.render(**) end |
#decidim_sanitize(html, options = {}) ⇒ Object
Public: It sanitizes a user-inputted string with the ‘Decidim::UserInputScrubber` scrubber, so that video embeds work as expected. Uses Rails’ ‘sanitize` internally.
html - A string representing user-inputted HTML.
Returns an HTML-safe String.
19 20 21 22 23 24 25 26 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 19 def decidim_sanitize(html, = {}) scrubber = [:scrubber] || Decidim::UserInputScrubber.new if [:strip_tags] sanitize(html, scrubber:) else sanitize(html, scrubber:) end end |
#decidim_sanitize_admin(html, options = {}) ⇒ Object
28 29 30 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 28 def decidim_sanitize_admin(html, = {}) decidim_sanitize(html, { scrubber: Decidim::AdminInputScrubber.new }.merge()) end |
#decidim_sanitize_editor(html, options = {}) ⇒ Object
46 47 48 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 46 def decidim_sanitize_editor(html, = {}) content_tag(:div, decidim_sanitize(html, ), class: %w(rich-text-display)) end |
#decidim_sanitize_editor_admin(html, options = {}) ⇒ Object
50 51 52 53 54 55 56 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 50 def decidim_sanitize_editor_admin(html, = {}) html = Decidim::IframeDisabler.new(html, ).perform decidim_sanitize_editor( decidim_rich_text(html), { scrubber: Decidim::AdminInputScrubber.new }.merge() ) end |
#decidim_sanitize_newsletter(html, options = {}) ⇒ Object
32 33 34 35 36 37 38 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 32 def (html, = {}) if [:strip_tags] sanitize(html, scrubber: Decidim::NewsletterScrubber.new) else sanitize(html, scrubber: Decidim::NewsletterScrubber.new) end end |
#decidim_sanitize_translated(text) ⇒ Object
66 67 68 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 66 def decidim_sanitize_translated(text) decidim_sanitize(translated_attribute(text)) end |
#decidim_url_escape(text) ⇒ Object
62 63 64 |
# File 'decidim-core/app/helpers/decidim/sanitize_helper.rb', line 62 def decidim_url_escape(text) decidim_html_escape(text).sub(/^javascript:/, "") end |