Tom Hughes
f42a7a2d8d
Make sanitize convert text alignment styles to bootstrap classes
...
The kramdown converter for markdown uses inline styles for table
column alignment which gets lost when we strip the styles so add
bootstrap classes to replace it.
2023-01-09 11:10:11 +00:00
Tom Hughes
6033359bd0
Preserve rel=me on links in rich text
...
Fixes #3859
2022-12-29 18:02:23 +00:00
Andy Allan
bb2afc3e8b
Prevent addition of style attributes to all elements
2021-03-24 20:55:30 +00:00
Andy Allan
d7eac9b5a8
Strip away class attributes from sanitized outputs
...
There's a lot of shenanigans that are possible when you can apply
arbitrary classes to the rendered output.
2021-03-24 19:15:21 +00:00
Andy Allan
f442bb9e80
Rework configuration to use Sanitize::Config.merge
...
This is the recommended approach, and works better when dealing with deeper attributes
2021-03-24 18:19:14 +00:00
Tom Hughes
d516ba5335
Add bootstrap classes to markdown tables
2020-11-19 10:17:21 +00:00
Andreas Geyer-Schulz
f6f23ed0ee
Fix typo: change 'noreferer' to 'noreferrer'
...
as the correct rel attribute in external links.
2020-01-25 20:10:23 +01:00
Tom Hughes
df232ec96f
Add noopener and noreferer to links in user generated content
2019-01-16 10:10:51 +00:00
Tom Hughes
5b33f3f8e3
Fix rubocop warnings
2017-06-02 00:08:30 +01:00
Tom Hughes
dc2a2c8ebd
Standardise on double quoted strings
2015-02-20 19:47:26 +00:00
Tom Hughes
ef7f3d800c
Fix most auto-correctable rubocop issues
2015-02-20 08:56:16 +00:00
Tom Hughes
428f379eef
Restore removal of div and style elements when sanitizing HTML
2015-01-10 17:41:17 +00:00
Tom Hughes
b1cb7bb819
Drop the contents of <script> and <style> tags when we strip them
2012-03-17 16:37:01 +00:00
Tom Hughes
94f19ce3b3
Use a better HTML sanitizer that makes sure the HTML is well formed and
...
can add rel="nofollow" to links.
2010-03-06 15:38:13 +00:00
