-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
43 lines (25 loc) · 944 Bytes
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
= Aqueduct
+Aqueduct+ performs sandboxing on HTML, CSS and Embeds.
To install, do:
script/plugin install [email protected]:namor/aqueduct.git
== HTML sandboxing
* Append something in front of id's
* Rails sanitization: Removes bad HTML with Rails's built-in sanitize method. Bad tags are removed completely, including their content.
== Usage
class Comment < ActiveRecord::Base
html_sanitizer :field_name, :append => "sandbox" #=> id's will be appended with sandbox_
end
== CSS sandboxing
== Usage
class Comment < ActiveRecord::Base
css_sanitizer :field_name, :append => "network_" #=> CSS selectors will be appended with #network_
end
== Unique features
* Rails 2.1-ready.
* It works with migrations. Columns are fetched when model is saved, not when the class is loaded.
== TODO
* Option to prevent XML namespaced tags from being stripped
* Dynamic :append option
== Credits
== License
MIT License, just like Rails