Contents

class CmsSnippet < ActiveRecord::Base
  acts_as_versioned
  
  def content=(value)
    if value && value.is_a?(String)
      # filter suspicious content... go overboard for now, fine-tune later perhaps
      value.gsub!(/<(%.*?(exec|system)\s?\(.*?\s*%)>/, '&lt;\1&gt;')
      value.gsub!(/<(%.*?\%x\s?\[.*?\s*%)>/, '&lt;\1&gt;')
      value.gsub!(/<(%.*?`.*?\s*%)>/, '&lt;\1&gt;')
    end
    super(value)
  end
  
end

Version data entries

19 entries across 19 versions & 1 rubygems

Version	Path
imagine_cms-5.2.6	app/models/cms_snippet.rb
imagine_cms-5.2.5	app/models/cms_snippet.rb
imagine_cms-5.2.4	app/models/cms_snippet.rb
imagine_cms-5.2.3	app/models/cms_snippet.rb
imagine_cms-5.2.2	app/models/cms_snippet.rb
imagine_cms-5.2.1	app/models/cms_snippet.rb
imagine_cms-5.2.0	app/models/cms_snippet.rb
imagine_cms-4.2.4	app/models/cms_snippet.rb
imagine_cms-4.1.4	app/models/cms_snippet.rb
imagine_cms-4.2.3	app/models/cms_snippet.rb
imagine_cms-4.2.2	app/models/cms_snippet.rb
imagine_cms-4.2.1	app/models/cms_snippet.rb
imagine_cms-4.2.0	app/models/cms_snippet.rb
imagine_cms-4.1.3	app/models/cms_snippet.rb
imagine_cms-4.1.2	app/models/cms_snippet.rb
imagine_cms-4.1.1	app/models/cms_snippet.rb
imagine_cms-4.1.0	app/models/cms_snippet.rb
imagine_cms-4.0.1	app/models/cms_snippet.rb
imagine_cms-4.0.0	app/models/cms_snippet.rb