Class: Decidim::UserInputScrubber

Inherits:

Rails::Html::PermitScrubber

Object
Rails::Html::PermitScrubber
Decidim::UserInputScrubber

Defined in:: decidim-core/app/scrubbers/decidim/user_input_scrubber.rb

Overview

Use this class as a scrubber to sanitize participant user input.

Example:

sanitize(@page.body, scrubber: Decidim::UserInputScrubber.new)

Lists of default tags and attributes are extracted from stackoverflow.com/a/35073814/2110884.

Direct Known Subclasses

AdminInputScrubber

Instance Method Summary collapse

#initialize ⇒ UserInputScrubber constructor

A new instance of UserInputScrubber.

Constructor Details

#initialize ⇒ `UserInputScrubber`

Returns a new instance of UserInputScrubber.

# File 'decidim-core/app/scrubbers/decidim/user_input_scrubber.rb', line 13

def initialize
  super
  self.tags = custom_allowed_tags
  self.attributes = custom_allowed_attributes
end