Created
June 24, 2013 20:08
-
-
Save rantler/5853156 to your computer and use it in GitHub Desktop.
Freedom patch!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'rubygems' | |
require 'action_controller' | |
class String | |
unless respond_to?(:sanitized) | |
define_method :sanitized do | |
ActionController::Base.helpers.sanitize( | |
self || 'No name', | |
:tags => %w(h3 h4 ul ol li p a strong em br font), | |
:attributes => %w(class id name rel data-width data-height data-tip data-tip-width data-tip-position size) | |
) | |
end | |
end | |
end | |
class Model | |
def initialize(name, address) | |
@name = name | |
@address = address | |
end | |
def name | |
@name | |
end | |
def address | |
@address | |
end | |
end | |
m = Model.new('<strong>My Name</strong><script>alert(1)</script>', '<script>alert("pwned")</script><font size=23>1234</font> <em>Any</em> Street') | |
puts("name = #{m.name}") | |
puts("sanitized = #{m.name.sanitized}") | |
puts("address = #{m.address}") | |
puts("sanitized = #{m.address.sanitized}") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment