rails-html-sanitizer 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6d6f1afa8f121b7bd01339489da71e5772d243a2
-  data.tar.gz: 3f7ff018d2079f1e09d92922f7fbbfbd18908508
+  metadata.gz: 0de608f734dd970b1714ac2d6e922cc481ad682b
+  data.tar.gz: 71d5809c45563d3a9d570d65ea3db5b0b280fb6d
 SHA512:
-  metadata.gz: d65dcca2b41249b2fa4a100731393d732de9ff62925bcf681a3b2cbd5498f8db3b913a6c9ce09c0952f5719370b2e610abe88442f365c8b15b456d234466e452
-  data.tar.gz: c4a1b21ccd375a212c1be12212c23963f7075e5b22f10a8ff470c040123f90b82c69ac8ea87041e7cc5de35b8e70fced35f7fd2d453cb37cdfe96ad8ebadc747
+  metadata.gz: 77d1633dd6754c952e333102c6f0f765180c762229966fb5fb44997062e0b48d87fb7dfc7562f8edd0df29ca9a6eca17182eb6a861e9d66629c541ffd8bc4dfd
+  data.tar.gz: fe3f6534221bce529ad63d9f5375fcf51e3a660a33ada62dddc3244b4964e04e2c14b2b495d1c7060e273897e307f8f095a71dc02df65a8b35ff1340f96f82df

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.0.1
+
+* Added support for Rails 4.2.0.beta2 and above
+
 ## 1.0.0
 
 * First release.

data/lib/rails-html-sanitizer.rb

@@ -26,12 +26,47 @@ end
 module ActionView
   module Helpers
     module SanitizeHelper
-      if method_defined?(:sanitizer_vendor) || private_method_defined?(:sanitizer_vendor)
-        undef_method(:sanitizer_vendor)
-      end
+      module ClassMethods
+        # Replaces the allowed tags for the +sanitize+ helper.
+        #
+        #   class Application < Rails::Application
+        #     config.action_view.sanitized_allowed_tags = 'table', 'tr', 'td'
+        #   end
+        #
+        def sanitized_allowed_tags=(tags)
+          sanitizer_vendor.white_list_sanitizer.allowed_tags = tags
+        end
+
+        # Replaces the allowed HTML attributes for the +sanitize+ helper.
+        #
+        #   class Application < Rails::Application
+        #     config.action_view.sanitized_allowed_attributes = ['onclick', 'longdesc']
+        #   end
+        #
+        def sanitized_allowed_attributes=(attributes)
+          sanitizer_vendor.white_list_sanitizer.allowed_attributes = attributes
+        end
+
+        [:protocol_separator,
+         :uri_attributes,
+         :bad_tags,
+         :allowed_css_properties,
+         :allowed_css_keywords,
+         :shorthand_css_properties,
+         :allowed_protocols].each do |meth|
+          meth_name = "sanitized_#{meth}"
+
+          define_method(meth_name) { deprecate_option(meth_name) }
+          define_method("#{meth_name}=") { |_| deprecate_option("#{meth_name}=") }
+        end
 
-      def sanitizer_vendor
-        Rails::Html::Sanitizer
+        private
+          def deprecate_option(name)
+            ActiveSupport::Deprecation.warn "The #{name} option is deprecated " \
+              "and has no effect. Until Rails 5 the old behavior can still be " \
+              "installed. To do this add the `rails-deprecated-sanitizer` to " \
+              "your Gemfile. Consult the Rails 4.2 upgrade guide for more information."
+          end
       end
     end
   end

data/lib/rails/html/sanitizer/version.rb

@@ -1,7 +1,7 @@
 module Rails
   module Html
     class Sanitizer
-      VERSION = "1.0.0"
+      VERSION = "1.0.1"
     end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails-html-sanitizer
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Rafael Mendonça França
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-19 00:00:00.000000000 Z
+date: 2014-09-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: loofah
@@ -118,11 +118,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.3.0
+rubygems_version: 2.2.1
 signing_key: 
 specification_version: 4
-summary: This gem is resposible to sanitize HTML fragments in Rails applications.
+summary: This gem is responsible to sanitize HTML fragments in Rails applications.
 test_files:
 - test/sanitizer_test.rb
 - test/scrubbers_test.rb
-has_rdoc: