Sha256: 00b064c9620d55320130ddf2327f3d869adf94563f6804a55474da976acac048

Contents?: true

Size: 620 Bytes

Versions: 6

Compression:

Stored size: 620 Bytes

Contents

module Fields::HtmlEditorHelper
  TEMPORARY_REPLACEMENT = "https://temp.bullettrain.co/"
  def html_sanitize(string)
    return string unless string
    string = sanitize(string, tags: %w[div br strong em b i del a h1 blockquote pre ul ol li], attributes: %w[href])
    links_target_blank(string).html_safe
  end

  def links_target_blank(body)
    doc = Nokogiri::HTML(body)
    doc.css("a").each do |link|
      link["target"] = "_blank"
      # To avoid window.opener attack when target blank is used
      # https://mathiasbynens.github.io/rel-noopener/
      link["rel"] = "noopener"
    end
    doc.to_s
  end
end

Version data entries

6 entries across 6 versions & 1 rubygems

Version Path
bullet_train-fields-1.0.5 app/helpers/fields/html_editor_helper.rb
bullet_train-fields-1.0.4 app/helpers/fields/html_editor_helper.rb
bullet_train-fields-1.0.3 app/helpers/fields/html_editor_helper.rb
bullet_train-fields-1.0.2 app/helpers/fields/html_editor_helper.rb
bullet_train-fields-1.0.1 app/helpers/fields/html_editor_helper.rb
bullet_train-fields-1.0.0 app/helpers/fields/html_editor_helper.rb