Home

Awesome

loofah-activerecord

Status

ci

Description

loofah-activerecord extends loofah's HTML sanitization into Rails ActiveRecord models.

See more about loofah at: http://github.com/flavorjones/loofah

Features

There are two ActiveRecord extensions included with loofah-activerecord:

ActiveRecord Extension #1: Opt-In

See Loofah::ActiveRecordExtension for full documentation. The class methods mixed into ActiveRecord are:

which are used to declare how specific string and text attributes should be scrubbed during before_validation.

# app/model/post.rb
class Post < ActiveRecord::Base
  html_fragment :body, :scrub => :prune  # scrubs `body` using the :prune scrubber
end

ActiveRecord Extension #2: Opt-Out

See Loofah::XssFoliate::ClassMethods for more documentation. The class methods mixed into ActiveRecord are:

which are used to declare how specific string and text attributes should be scrubbed during before_validation.

Attributes are scrubbed with the :strip scrubber by default, unless another scrubber is specified or the attribute is present in an :except clause.

Requirements

Support for older versions of Rails is available in loofah-activerecord < 2.0.

Installation

Unsurprisingly:

Support

The bug tracker is available here:

And the mailing list is on librelist (the general Loofah mailing list):

And the IRC channel is #loofah on freenode.

Related Links

Authors

Featuring code contributed by:

Historical Note

This library was split out of the Loofah project for version 1.0.0.

License

Distributed under the MIT License. See MIT-LICENSE.txt for details.