app/controllers/solder/ui_state_controller.rb in solder-0.2.0 vs app/controllers/solder/ui_state_controller.rb in solder-0.3.0
- old
+ new
@@ -1,7 +1,9 @@
module Solder
class UiStateController < ApplicationController
+ include ActionView::Helpers::SanitizeHelper
+
before_action :set_ui_state, only: :show
around_action Solder.config[:around_action]
def show
render json: @ui_state.to_json
@@ -27,9 +29,9 @@
def records_to_touch
GlobalID::Locator.locate_many_signed parsed_attributes["data-solder-touch"]&.split(":") || []
end
def parsed_attributes
- JSON.parse(ui_state_params[:attributes])
+ JSON.parse(ui_state_params[:attributes]).deep_transform_values { sanitize(_1) }
end
end
end