Changeset [2a92076ebae17f14d19d16bbdf5db77a019538e7] by Jason Garber

June 30th, 2008 @ 04:44 PM

Refactor sanitize_html to sanitize it coming in so there are no loopholes.

sanitize_html causing all disallowed tags to be stripped prior to parsing is a safer approach than detecting HTML tags, even within notextile and ignore blocks, and sanitizing them then.

Committed by Jason Garber

  • M ext/redcloth_scan/redcloth_scan.rl
  • M lib/formatters/base.rb
  • M lib/formatters/html.rb
  • M lib/formatters/latex.rb
  • M test/sanitize_html.yml
New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

RedCloth is a Ruby library for converting Textile into HTML

Shared Ticket Bins