raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-02-12 23:27:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
dcc8556470355282b4fa05562e1e2eb6faa63fcd
openfoodnetwork/app/services/html_sanitizer.rb
Maikel Linke f089c0eff3 Keep HTML line breaks 
They do appear in long_description on au_prod.
2024-05-14 12:40:58 +10:00

16 lines
467 B
Ruby
Raw Blame History

# frozen_string_literal: true
# Keeps only allowed HTML.
#
# We store some rich text as HTML in attributes of models like Enterprise.
# We offer an editor which supports certain tags but you can't insert just any
# HTML, which would be dangerous.
class HtmlSanitizer
def self.sanitize(html)
@sanitizer ||= Rails::HTML5::SafeListSanitizer.new
@sanitizer.sanitize(
html, tags: %w[h1 h2 h3 h4 p br b i u a], attributes: %w[href target],
)
end
end
Reference in New Issue View Git Blame Copy Permalink