safe_anchor 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6abab9c16c62163459b03bc2666641b5b96d8279b4bebcb0f4eb6de806cc6075
|
4
|
+
data.tar.gz: ed5aee9747035a3a7f17eab0ff4744eb99b63d979d6d0a1d9a2a8232cd442e2f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '08c6bcc92a1d352ce3269e2ecfff4cb2428817de44f41d3f1830f24172c2399a148585c1ac16601b94cb4ed60d11b78984cdd7204ba923fb15314757fac89476'
|
7
|
+
data.tar.gz: dcb9f2d0c1a3c0b27e8561dd28daf69eabea223fb4ebc1592f01ec937947c1681d1f6f446ce6176cc64ba9b9ad17117ca3469b591d2a7014fd641d4f57e78302
|
data/README.md
CHANGED
@@ -1,5 +1,8 @@
|
|
1
1
|
# SafeAnchor
|
2
2
|
|
3
|
+
## This is experimental, try at your own risk.
|
4
|
+
|
5
|
+
|
3
6
|
SafeAnchor wraps around Rails's default link_to helper and sanitize method to output always output a sanitized anchor tag.
|
4
7
|
|
5
8
|
This follows a secure-by-default principle and can be turned off by passing an optional argument `keep_dirty: true` when using the `link_to` helper.
|
@@ -23,13 +26,13 @@ Or install it yourself as:
|
|
23
26
|
## Usage
|
24
27
|
|
25
28
|
SafeAnchor is secure-by-default.
|
26
|
-
```
|
29
|
+
```ruby
|
27
30
|
<%= link_to "Dangerous Anchor", "javascript: alert('Boo!')" %>
|
28
31
|
# <a>Dangerous Anchor</a>
|
29
32
|
```
|
30
33
|
|
31
34
|
Turning off sanitization.
|
32
|
-
```
|
35
|
+
```ruby
|
33
36
|
<%= link_to "Dangerous Anchor", "javascript: alert('Boo!')", keep_dirty: true %>
|
34
37
|
# <a keep_dirty="true" href="javascript: alert('Boo!')">Dangerous Anchor</a>
|
35
38
|
```
|
data/lib/safe_anchor.rb
CHANGED
data/lib/safe_anchor/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: safe_anchor
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jeffrey Soong
|
@@ -27,10 +27,11 @@ files:
|
|
27
27
|
- LICENSE.txt
|
28
28
|
- README.md
|
29
29
|
- Rakefile
|
30
|
-
- app/helpers/safe_anchor_helper.rb
|
31
30
|
- bin/console
|
32
31
|
- bin/setup
|
33
32
|
- lib/safe_anchor.rb
|
33
|
+
- lib/safe_anchor/railtie.rb
|
34
|
+
- lib/safe_anchor/safe_anchor_url_helper.rb
|
34
35
|
- lib/safe_anchor/version.rb
|
35
36
|
- safe_anchor.gemspec
|
36
37
|
homepage: https://github.com/WoodyDark/SafeAnchor
|