Class: Decidim::UserInputScrubber

Inherits:
Rails::Html::PermitScrubber
  • Object
show all
Defined in:
decidim-core/app/scrubbers/decidim/user_input_scrubber.rb

Overview

Use this class as a scrubber to sanitize participant user input.

Example:

sanitize(@page.body, scrubber: Decidim::UserInputScrubber.new)

Lists of default tags and attributes are extracted from stackoverflow.com/a/35073814/2110884.

Direct Known Subclasses

AdminInputScrubber

Instance Method Summary collapse

Constructor Details

#initializeUserInputScrubber

Returns a new instance of UserInputScrubber.



13
14
15
16
17
# File 'decidim-core/app/scrubbers/decidim/user_input_scrubber.rb', line 13

def initialize
  super
  self.tags = custom_allowed_tags
  self.attributes = custom_allowed_attributes
end