Changeset [2a92076ebae17f14d19d16bbdf5db77a019538e7] by Jason Garber
June 30th, 2008 @ 04:44 PM
Refactor sanitize_html to sanitize it coming in so there are no loopholes.
sanitize_html causing all disallowed tags to be stripped prior to parsing is a safer approach than detecting HTML tags, even within notextile and ignore blocks, and sanitizing them then.
Committed by Jason Garber
- M ext/redcloth_scan/redcloth_scan.rl
- M lib/formatters/base.rb
- M lib/formatters/html.rb
- M lib/formatters/latex.rb
- M test/sanitize_html.yml
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
RedCloth is a Ruby library for converting Textile into HTML