Pastie now auto-senses if line-wrap is a bad or good idea. Feedback?
## mark a section (Learn more)
module Blogbox module Sanitizer RELAXED = { :elements => [ 'a', 'b', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'dl', 'dt', 'em', 'i', 'img', 'li', 'ol', 'p', 'pre', 'q', 'small', 'strike', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'u', 'ul'], :attributes => { 'a' => ['href', 'title'], 'blockquote' => ['cite'], 'col' => ['span', 'width'], 'colgroup' => ['span', 'width'], 'img' => ['align', 'alt', 'height', 'src', 'title', 'width'], 'ol' => ['start', 'type'], 'q' => ['cite'], 'table' => ['summary', 'width'], 'td' => ['abbr', 'axis', 'colspan', 'rowspan', 'width'], 'th' => ['abbr', 'axis', 'colspan', 'rowspan', 'scope', 'width'], 'ul' => ['type'] }, :protocols => { 'a' => {'href' => ['ftp', 'http', 'https', 'mailto', :relative]}, 'blockquote' => {'cite' => ['http', 'https', :relative]}, 'img' => {'src' => ['http', 'https', :relative]}, 'q' => {'cite' => ['http', 'https', :relative]} } } BASIC = { :elements => [ 'a', 'b', 'blockquote', 'br', 'cite', 'code', 'dd', 'dl', 'dt', 'em', 'i', 'li', 'ol', 'p', 'pre', 'q', 'small', 'strike', 'strong', 'sub', 'sup', 'u', 'ul'], :attributes => { 'a' => ['href'], 'blockquote' => ['cite'], 'q' => ['cite'] }, :add_attributes => { 'a' => {'rel' => 'nofollow'} }, :protocols => { 'a' => {'href' => ['ftp', 'http', 'https', 'mailto', :relative]}, 'blockquote' => {'cite' => ['http', 'https', :relative]}, 'q' => {'cite' => ['http', 'https', :relative]} } } module ClassMethods def sanitize_attributes(*args) options = args.extract_options!.reverse_merge( :schema => Blogbox::Sanitizer::BASIC ) args.each do |attr| define_method("#{attr}=") do |value| self[attr] = HTMLEntities.new.decode( Sanitize.clean(value.to_s, options[:schema]) ) end end end end end end ActiveRecord::Base.extend(Blogbox::Sanitizer::ClassMethods)
This paste will be private.
From the Design Piracy series on my blog:
Pastie << self Blog