I had a question about the SanitizeHtml module that is part of the
HoboFields plugin. It contains a method called sanitize which removes html
tags that are not specifically allowed. However, in the current code, it
does not mention that 'table' is an acceptable tag, and I was wondering if
this was done on purpose or if its an oversight ?
Here's the source code:
module HoboFields
module SanitizeHtml
PERMITTED_TAGS = %w(a abbr acronym address b bdo big blockquote br
caption center cite code colgroup dd del dfn dir
div dl dt em fieldset font h1 h2 h3 h4 h5 h6 i
img ins kbd label legend li map menu ol optgroup
option p pre q s samp select small span strike
strong sub sup tbody td textarea tfoot
th thead tr tt u ul var)
PERMITTED_ATTRIBUTES = %w(href title class style align name src label
target)
class Helper; include ActionView::Helpers::SanitizeHelper; extend
ActionView::Helpers::SanitizeHelper::ClassMethods; end
def self.sanitize(s)
Helper.new.sanitize(s, :tags => PERMITTED_TAGS, :attributes =>
PERMITTED_ATTRIBUTES)
end
end
end
--
You received this message because you are subscribed to the Google Groups "Hobo
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/hobousers?hl=en.
