bofh/fetsite
9
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

thmen sanitize

Browse Source
This commit is contained in:
Andreas Stephanides
2014-10-16 21:44:22 +02:00
parent 4815f57a83
commit 33b30119ea
4 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Gemfile
View File

@@ -9,7 +9,8 @@ gem 'webrick', '1.3.1'
gem 'sqlite3' gem 'sqlite3'
gem 'execjs', '~>1.4.0' gem 'execjs', '~>1.4.0'
gem 'sanitize' gem 'sanitize', :git=>'git://github.com/rgrove/sanitize'
# Gems used only for assets and not required # Gems used only for assets and not required
# in production environments by default. # in production environments by default.
gem 'sass-rails', '~> 3.2' gem 'sass-rails', '~> 3.2'
@@ -77,7 +78,7 @@ gem 'git'
gem 'haml' gem 'haml'
gem 'RedCloth' gem 'RedCloth'
gem 'wikicloth' gem 'wikicloth'
gem 'gollum-lib' #gem 'gollum-lib'
gem 'awesome_nested_set' gem 'awesome_nested_set'
gem 'annotate', ">=2.5.0" gem 'annotate', ">=2.5.0"
gem 'carrierwave', "~>0.9.0" gem 'carrierwave', "~>0.9.0"

21
app/controllers/themen_controller.rb
View File

@@ -1,3 +1,4 @@
class ThemenController < ApplicationController class ThemenController < ApplicationController
# GET /themen # GET /themen
# GET /themen.json # GET /themen.json
@@ -19,9 +20,25 @@ class ThemenController < ApplicationController
end end
end end
def sanitize def sanitize
require 'sanitize'
@thema = Thema.find(params[:id]) @thema = Thema.find(params[:id])
@fragen=@thema.fragen @fragen = @thema.fragen
trans_icons= lambda do |env|
node=env[:node]
node_name=env[:node_name]
return if env[:is_whitelisted] || !node.element?
return unless node_name == 'span'
# return unless node["class"] =~ /.*ffi.*/
Sanitize.node!(node,{:elements=>["span"],:attributes=>{"span"=>["class","style"]},:css=>{:properties=>["color"]}})
{:node_whitelist=>[node]}
end
@thema.text = Sanitize.fragment(@thema.text, {:elements=>['table','tr','td','p','h3','h4','a','th','img','ul','li','i','b','em'],:attributes=>{'p'=>['class'],'table'=>['class'],'a'=>['href','data'],'img'=>['src','width','height'],:all=>['class']},:css=>{:properties=>['float']},:transformers=>[trans_icons]})
# # #
# #
# #
#
# @thema.text = @thema.text.sanitize
render :show
end end
def verwalten def verwalten
@thema = Thema.find(params[:id]) @thema = Thema.find(params[:id])

1
app/views/rubriken/index.html.erb
View File

@@ -20,6 +20,7 @@
<li><%= render n if can?(:show, n) %> </li> <li><%= render n if can?(:show, n) %> </li>
<% end %> <% end %>
</ul> </ul>
<div id="infinite-scrolling"> <div id="infinite-scrolling">
<%= paginate @neuigkeiten, theme:'twitter-bootstrap' %> <%= paginate @neuigkeiten, theme:'twitter-bootstrap' %>
</div> </div>

3
app/views/themen/show.html.erb
View File

@@ -1,7 +1,8 @@
<p id="notice"><%= notice %></p> <p id="notice"><%= notice %></p>
<%= link_to "Zurück", @thema.themengruppe %> <%= link_to "Zurück", @thema.themengruppe %>
<br> <br>
<div class="contentbox">
<%= render :partial=>"themen/small", :object=>@thema %> <%= render :partial=>"themen/small", :object=>@thema %>
</div>
<%= render :partial=>'layouts/pretty_toolbar' %> <%= render :partial=>'layouts/pretty_toolbar' %>