Retrospring/config/initializers/sanitize.rb

EVIL_TAGS = {
  elements: %w(blockquote a p i strong em del pre code table tr td th br ul ol li hr),
  attributes: {
    'a' => %w(href target rel)
  },
  protocols: {
    'a' => { 'href' => ['http', 'https', :relative] }
  }
}
added sanitize initializer 2014-12-28 10:06:04 -08:00			`EVIL_TAGS = {`
changed this 2014-12-28 10:12:28 -08:00			`elements: %w(blockquote a p i strong em del pre code table tr td th br ul ol li hr),`
added sanitize initializer 2014-12-28 10:06:04 -08:00			`attributes: {`
Allow `rel` in sanitized links 2021-12-31 13:23:45 -08:00			`'a' => %w(href target rel)`
added sanitize initializer 2014-12-28 10:06:04 -08:00			`},`
			`protocols: {`
			`'a' => { 'href' => ['http', 'https', :relative] }`
			`}`
			`}`