Skip to content

chebyte/simple_sanitizer_html

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
lib
lib
 
 
tasks
tasks
 
 
test
test
 
 
MIT-LICENSE
MIT-LICENSE
 
 
README
README
 
 
Rakefile
Rakefile
 
 
init.rb
init.rb
 
 
install.rb
install.rb
 
 
uninstall.rb
uninstall.rb
 
 

Repository files navigation

SimpleSanitizerHtml
===================

SimpleSanitizerHtml is a small plugin for Rails for escape html into the model after save records.


Example
=======

For example you have the following model

# ruby script/generate model Post title:string copy:text

class Post
 simple_sanitizer_html
 
end

so, if you add a post like that

$ ruby script/console 
Loading development environment (Rails 2.3.2)
p >> p = Post.new
=> #<Post id: nil, title: nil, copy: nil, created_at: nil, updated_at: nil>
>> p.title = "<script>alert('hi tuquito')</script>"
=> "<script>alert('hi tuquito')</script>"
>> p.save
=> true
>> p.title
=> "&lt;script&gt;alert(&#39;hi tuquito&#39;)&lt;/script&gt;"
>> 


this plugin can be useful for prevent XSS Injection or styles attacks

Copyright (c) 2009 [chebyte - http://www.chebyte.com.ar], released under the MIT license

About

a simple plugin for rails for escape html into model after save records

www.chebyte.com.ar

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages