Sha256: c5ba70b4fd5cad7782ea3f5edb949d6f971f6b2a716e1924d872dfc62b3fe511
Contents?: true
Size: 719 Bytes
Versions: 1
Compression:
Stored size: 719 Bytes
Contents
# encoding: utf-8
require 'escape_utils_ext'
EscapeUtils.send(:extend, EscapeUtils)
module EscapeUtils
VERSION = "0.1.9"
# turn on/off the escaping of the '/' character during HTML escaping
# Escaping '/' is recommended by the OWASP - http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
# This is because quotes around HTML attributes are optional in most/all modern browsers at the time of writing (10/15/2010)
@@html_secure = true
def self.html_secure
@@html_secure
end
def self.html_secure=(val)
@@html_secure = val
end
autoload :HtmlSafety, 'escape_utils/html_safety'
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| escape_utils-0.1.9 | lib/escape_utils.rb |