retrospring/config/initializers/sanitize.rb

EVIL_TAGS = {
  elements: %w(blockquote a p i strong em del pre code table tr td th br ul ol li hr),
  attributes: {
    'a' => %w(href target rel)
  },
  protocols: {
    'a' => { 'href' => ['http', 'https', :relative] }
  }
}
added sanitize initializer 2014-12-28 19:06:04 +01:00			`EVIL_TAGS = {`
changed this 2014-12-28 19:12:28 +01:00			`elements: %w(blockquote a p i strong em del pre code table tr td th br ul ol li hr),`
added sanitize initializer 2014-12-28 19:06:04 +01:00			`attributes: {`
Allow `rel` in sanitized links 2021-12-31 22:23:45 +01:00			`'a' => %w(href target rel)`
added sanitize initializer 2014-12-28 19:06:04 +01:00			`},`
			`protocols: {`
			`'a' => { 'href' => ['http', 'https', :relative] }`
			`}`
			`}`