messages_controller.rb in chatroom-0.1.1

- old
+ new

@@ -7,26 +7,15 @@
 
 		# POST /messages
 		# POST /messages.json
 		def create
 			message = message_params
-			message[:content] = prevent_script(message[:content])
 			@message = Message.create!(message)
 		end
 
 		private
 			# Never trust parameters from the scary internet, only allow the white list through.
 			def message_params
 				params.require(:message).permit(:content)
-			end
-
-			def prevent_script(text)
-				txt = text.gsub(/<(\s*)([^\d\W\s]+)(\s*)([;\-\w="'\s:\/\.]+)>/) do |s|
-					"\\<#{$1}#{$2}#{$3}#{$4}\>"
-				end
-				txt = txt.gsub(/<\/(\s*)([^\d\W\s]+)(\s*)([;\-\w="'\s:\/\.]+)>/) do |s|
-					"\\</#{$1}#{$2}#{$3}#{$4}>"
-				end
-				return txt
 			end
 	end
 end