Use Rails or Loofah default tags and attributes

CultivateLabs / storytime

Storytime is a Rails 4+ CMS and blogging engine, with a core focus on content. It is built and maintained by @cultivatelabs

MIT License

752 stars 81 forks source link

Closed eanlain closed 9 years ago

eanlain commented 9 years ago

Depending on Rails version use the default tags and/or attributes of either the Rails WhiteListSanitizer or Loofah.

bcroesch commented 9 years ago

Just for my own knowledge, why the switch? Better list?

eanlain commented 9 years ago

It now uses the same default of tags and attributes used in Rails sanitize helper, instead of our own assortment of tags/attributes.
It's a bit cleaner than was was there before.
Allows users to easily add any missing or custom tags/attributes to the tag/attributes sets.

I also wrote a wiki entry regarding Sanitizing HTML Content.