API Guides

instance method contains_bad_protocols?

Ruby on Rails 3.1.12

Since v2.2.3 Last seen in v4.1.16

Available in: v2.2.3 v2.3.18 v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 

contains_bad_protocols?(attr_name, value)

No documentation comment.

Parameters

attr_name req
value req
Source 
# File actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb, line 172
    def contains_bad_protocols?(attr_name, value)
      uri_attributes.include?(attr_name) &&
      (value =~ /(^[^\/:]*):|(&#0*58)|(&#x70)|(&#x0*3a)|(%|%)3A/i && !allowed_protocols.include?(value.split(protocol_separator).first.downcase.strip))
    end

Defined in actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb line 172 · View on GitHub · Improve this page · Find usages on GitHub

Defined in HTML::WhiteListSanitizer

Type at least 2 characters to search.

↑↓ navigate · open · esc close