API Guides

instance method process_attributes_for

Ruby on Rails 4.1.16

Since v2.2.3 Last seen in v4.1.16

Available in: v2.2.3 v2.3.18 v3.0.20 v3.1.12 v3.2.22.5 v4.0.13 v4.1.16 

process_attributes_for(node, options)

No documentation comment.

Parameters

node req
options req
Source 
# File actionview/lib/action_view/vendor/html-scanner/html/sanitizer.rb, line 170
    def process_attributes_for(node, options)
      return unless node.attributes
      node.attributes.keys.each do |attr_name|
        value = node.attributes[attr_name].to_s

        if !options[:attributes].include?(attr_name) || contains_bad_protocols?(attr_name, value)
          node.attributes.delete(attr_name)
        else
          node.attributes[attr_name] = attr_name == 'style' ? sanitize_css(value) : CGI::escapeHTML(CGI::unescapeHTML(value))
        end
      end
    end

Defined in actionview/lib/action_view/vendor/html-scanner/html/sanitizer.rb line 170 · View on GitHub · Improve this page · Find usages on GitHub

Defined in HTML::WhiteListSanitizer

Type at least 2 characters to search.

↑↓ navigate · open · esc close