Removed some of the tags that does not make sense to allow per default in the whitelist

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8269 5ecf4fe2-1ee6-0310-87b1-e25e094e27de

Removed some of the tags that does not make sense to allow per default in the whitelist
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8269 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
0aec2423 · David Heinemeier Hansson · cfa31c30 · 0aec2423
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb ...b/action_controller/vendor/html-scanner/html/sanitizer.rb +2 -2

未找到文件。
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
@@ -72,9 +72,9 @@ class WhiteListSanitizer < Sanitizer
    self.bad_tags               = Set.new(%w(script))
    
    # Specifies the default Set of tags that the #sanitize helper will allow unscathed.
-    self.allowed_tags           = Set.new(%w(strong em b i p code pre tt output samp kbd var sub 
+    self.allowed_tags           = Set.new(%w(strong em b i p code pre tt samp kbd var sub 
      sup dfn cite big small address hr br div span h1 h2 h3 h4 h5 h6 ul ol li dt dd abbr 
-      acronym a img blockquote del ins fieldset legend))
+      acronym a img blockquote del ins))

    # Specifies the default Set of html attributes that the #sanitize helper will leave 
    # in the allowed tag.