vjt / sanitize-rails Goto Github PK

A commit I introduced a while back seems to have caused a bug: Normally, when you pass a ActionView helper a nil value, nil is returned. However, sanitize now raises a NoMethodError when passed nil values.

Would be nice to have the option to sanitize all relevant fields automatically without defining each one. Similar to this gem:
https://github.com/nagybence/railhead_sanitize

When using sanitize-rails with RSpec 3.1.0, I get this warning:

Deprecation Warnings:

--------------------------------------------------------------------------------
Sanitize::Rails::Matchers::SanitizeFieldsMatcher implements a legacy RSpec matcher
protocol. For the current protocol you should expose the failure messages
via the `failure_message` and `failure_message_when_negated` methods.
(Used from /Volumes/Customer/apps/application/spec/models/my_spec.rb:5:in `block (2 levels) in <top (required)>')
--------------------------------------------------------------------------------

Some companies will only use gems with a certain license.
The canonical and easy way to check is via the gemspec
via e.g.

spec.license = 'MIT'
# or
spec.licenses = ['MIT', 'GPL-2']

There is even a License Finder to help companies ensure all gems they use
meet their licensing needs. This tool depends on license information being available in the gemspec.
Including a license in your gemspec is a good practice, in any case.

How did I find you?

I'm using a script to collect stats on gems, originally looking for download data, but decided to collect licenses too,
and make issues for missing ones as a public service :)
https://gist.github.com/bf4/5952053#file-license_issue-rb-L13 So far it's going pretty well

First off, thanks for putting this gem together @vjt! It saved me a good day of work integrating the sanitize gem into my employer's codebase.

Anyway, back on topic: I'd like to introduce a change to sanitize-rails that would automatically convert all cleaned strings into a SafeBuffer. This would mark any cleaned text/attributes as HTML safe and prevent already cleaned text from being escaped a second time by default when rendering said text in rails views.

Would a pull request I make for this be accepted? I notice there aren't any tests on this gem yet, so I can introduce the beginnings of a test suite with this feature as well.

Unable to activate sanitize-rails-0.9.1, because sanitize-3.0.0 conflicts with sanitize (~> 2.0) (Gem::LoadError)

Hi,

Thanks for creating this sanitize-rails gem! I'm using it with a lot of success in a project I'm currently working on.

Here's a gist I've put together for creating matchers:

https://gist.github.com/1179448

Would you be interested at all in adding this to the project? If so, I'll hack it into my fork and send a pull request.

Thanks again,

Evan

Does this gem support different sanitization configurations on different fields? It looks like it supports only one global configuration.