Skip to content

sofer/sanitize_params

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
lib
lib
 
 
MIT-LICENSE
MIT-LICENSE
 
 
README.rdoc
README.rdoc
 
 
init.rb
init.rb
 
 

Repository files navigation

sanitize_params

Overview

This is the sanitize_params plugin written by Jay Laney, updated to work with the Sanitizer module that is now part of the Rails core.

Description

The original version of sanitize_params used Rick Olsen’s white_list plugin, but as Rick pointed out some time ago, “I recently just refactored a lot of that code into the html tokenizer library. You can now access the classes directly as HTML::Sanitizer, HTML::LinkSanitizer, and HTML::WhiteListSanitizer.”

This version of sanitize_params does exactly that. Otherwise, it is unchanged from Jay’s original code designed for scrubbing your user input clean.

Installation

script/plugin install git://github.com/sofer/sanitize_params.git

in application.rb:

before_filter :sanitize_params

Alternatively, add the filter to your controllers selectively.

Contact

The original sanitize_params plugin was written by Jay Laney and is still available at code.google.com/p/sanitizeparams/

This forked version was tweaked by Danny Sofer.

About

The sanitize_params plugin updated to work with the Sanitizer module

www.sofer.com/blog/sanitizing-input.html

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages