Remove redundant HTML sanitisation

We don't need to run the sanitiser each time we read an attribute. It's a waste of time.
2026-03-01 02:03:22 +00:00 · 2024-10-24 08:46:33 +11:00
parent 169e1cf288
commit d2e5087668
6 changed files with 0 additions and 30 deletions
--- a/app/models/custom_tab.rb
+++ b/app/models/custom_tab.rb
@@ -5,11 +5,6 @@ class CustomTab < ApplicationRecord

  validates :title, presence: true, length: { maximum: 20 }

-  # Remove any unsupported HTML.
-  def content
-    HtmlSanitizer.sanitize(super)
-  end
-
  # Remove any unsupported HTML.
  def content=(html)
    super(HtmlSanitizer.sanitize(html))
--- a/app/models/enterprise_group.rb
+++ b/app/models/enterprise_group.rb
@@ -74,11 +74,6 @@ class EnterpriseGroup < ApplicationRecord
    permalink
  end

-  # Remove any unsupported HTML.
-  def long_description
-    HtmlSanitizer.sanitize_and_enforce_link_target_blank(super)
-  end
-
  # Remove any unsupported HTML.
  def long_description=(html)
    super(HtmlSanitizer.sanitize_and_enforce_link_target_blank(html))
--- a/app/models/spree/product.rb
+++ b/app/models/spree/product.rb
@@ -279,11 +279,6 @@ module Spree
    end
    # rubocop:enable Metrics/AbcSize

-    # Remove any unsupported HTML.
-    def description
-      HtmlSanitizer.sanitize(super)
-    end
-
    # Remove any unsupported HTML.
    def description=(html)
      super(HtmlSanitizer.sanitize(html))
--- a/spec/models/custom_tab_spec.rb
+++ b/spec/models/custom_tab_spec.rb
@@ -18,10 +18,5 @@ RSpec.describe CustomTab do
      subject.content = "Hello <script>alert</script> dearest <b>monster</b>."
      expect(subject.content).to eq "Hello alert dearest <b>monster</b>."
    end
-
-    it "sanitises existing HTML in content" do
-      subject[:content] = "Hello <script>alert</script> dearest <b>monster</b>."
-      expect(subject.content).to eq "Hello alert dearest <b>monster</b>."
-    end
  end
 end
--- a/spec/models/enterprise_group_spec.rb
+++ b/spec/models/enterprise_group_spec.rb
@@ -124,10 +124,5 @@ RSpec.describe EnterpriseGroup do
      subject.long_description = "Hello <script>alert</script> dearest <b>monster</b>."
      expect(subject.long_description).to eq "Hello alert dearest <b>monster</b>."
    end
-
-    it "sanitises existing HTML in long_description" do
-      subject[:long_description] = "Hello <script>alert</script> dearest <b>monster</b>."
-      expect(subject.long_description).to eq "Hello alert dearest <b>monster</b>."
-    end
  end
 end
--- a/spec/models/spree/product_spec.rb
+++ b/spec/models/spree/product_spec.rb
@@ -707,11 +707,6 @@ module Spree
        subject.description = "Hello <script>alert</script> dearest <b>monster</b>."
        expect(subject.description).to eq "Hello alert dearest <b>monster</b>."
      end
-
-      it "sanitises existing HTML in description" do
-        subject[:description] = "Hello <script>alert</script> dearest <b>monster</b>."
-        expect(subject.description).to eq "Hello alert dearest <b>monster</b>."
-      end
    end
  end