From afb4508e715bd6677d0d280a18d8145f0b7ee84b Mon Sep 17 00:00:00 2001 From: Andreas Stephanides Date: Wed, 17 Dec 2014 16:41:33 +0100 Subject: [PATCH 1/4] updated tinymce config --- config/tinymce.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/tinymce.yml b/config/tinymce.yml index 7a40cb3..0dfd66d 100755 --- a/config/tinymce.yml +++ b/config/tinymce.yml @@ -23,7 +23,7 @@ heading_clear_tag: p width: "100%" content_css: "/assets/tinymce.css" toolbar: - - styleselect | bold boldred_btn italic forecolor | list link image table | undo redo | fullscreen code + - styleselect removeformat | bold boldred_btn italic forecolor | list link image table | bullist numlist | alignleft aligncenter alignright alignjustify | undo redo | fullscreen code formats: boldred: {selector: "p",block: "p", classes: "mc-important"} setup: function(ed) { From 5e6a32c244ade6abbb1049b5b39a0d8a0e71a191 Mon Sep 17 00:00:00 2001 From: Andreas Stephanides Date: Wed, 17 Dec 2014 16:41:42 +0100 Subject: [PATCH 2/4] yaml_db added --- Gemfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index eb19142..12a6f4a 100755 --- a/Gemfile +++ b/Gemfile @@ -113,4 +113,5 @@ gem 'bootstrap-kaminari-views', :git=>'git://github.com/matenia/bootstrap-kamina gem 'sunspot_rails' gem 'sunspot_solr' gem 'sitemap_generator' -gem 'whenever' \ No newline at end of file +gem 'whenever' +gem 'yaml_db' From 349753106e072890626c4527b6c6c8efc402c7a2 Mon Sep 17 00:00:00 2001 From: Andreas Stephanides Date: Wed, 17 Dec 2014 16:42:06 +0100 Subject: [PATCH 3/4] gitignore data.yml --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index c80d998..11d2dcc 100755 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +/db/data.yml /db/.#initdebug.rb /usergroup.ldif /newuser.ldif From 3cddab7276d26cb9b44dabe9d83b35053e661afa Mon Sep 17 00:00:00 2001 From: Andreas Stephanides Date: Wed, 17 Dec 2014 16:44:34 +0100 Subject: [PATCH 4/4] extend whitelist sanitze --- app/controllers/themen_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/themen_controller.rb b/app/controllers/themen_controller.rb index 5f5024a..b3d1ede 100644 --- a/app/controllers/themen_controller.rb +++ b/app/controllers/themen_controller.rb @@ -32,7 +32,7 @@ class ThemenController < ApplicationController Sanitize.node!(node,{:elements=>["span"],:attributes=>{"span"=>["class","style"]},:css=>{:properties=>["color"]}}) {:node_whitelist=>[node]} end - @thema.text = Sanitize.fragment(@thema.text, {:elements=>['table','tr','td','p','h3','h4','a','th','img','ul','li','i','b','em'],:attributes=>{'p'=>['class'],'table'=>['class'],'a'=>['href','data'],'img'=>['src','width','height'],:all=>['class']},:css=>{:properties=>['float']},:transformers=>[trans_icons]}) + @thema.text = Sanitize.fragment(@thema.text, {:elements=>['table','tr','td','p','h1','h2','h3','h4','h5','a','th','img','ul','li','i','b','em','pre','code'],:attributes=>{'p'=>['class'],'table'=>['class'],'a'=>['href','data'],'img'=>['src','width','height'],:all=>['class']},:css=>{:properties=>['float']},:transformers=>[trans_icons]}) # # # # # # #