Skip to content

Commit b98af6c

Browse files
flavorjonesflavorjones
authored
Merge pull request #167 from rails/flavorjones-best-supported-vendor-method
feat: introduce Rails::HTML::Sanitizer.best_supported_vendor
2 parents 5419017 + e953444 commit b98af6c

File tree

3 files changed

+22
-1
lines changed

3 files changed

+22
-1
lines changed

CHANGELOG.md

+4-1
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
## 1.6.0.rc1 / 2023-05-24
22

3-
* Sanitizers that use an HTML5 parser are now available on platforms supported by
3+
* HTML5 standards-compliant sanitizers are now available on platforms supported by
44
Nokogiri::HTML5. These are available as:
55

66
- `Rails::HTML5::FullSanitizer`
@@ -13,6 +13,9 @@
1313
Note that for symmetry `Rails::HTML4::Sanitizer` is also added, though its behavior is identical
1414
to the vendor class methods on `Rails::HTML::Sanitizer`.
1515

16+
Users may call `Rails::HTML::Sanitizer.best_supported_vendor` to get back the HTML5 vendor if it's
17+
supported, else the legacy HTML4 vendor.
18+
1619
*Mike Dalessio*
1720

1821
* Module namespaces have changed, but backwards compatibility is provided by aliases.

lib/rails/html/sanitizer.rb

+4
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,10 @@ def html5_support?
99

1010
@html5_support = Loofah.respond_to?(:html5_support?) && Loofah.html5_support?
1111
end
12+
13+
def best_supported_vendor
14+
html5_support? ? Rails::HTML5::Sanitizer : Rails::HTML4::Sanitizer
15+
end
1216
end
1317

1418
def sanitize(html, options = {})

test/rails_api_test.rb

+14
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,20 @@ def test_html_scrubber_class_names
1717
assert(Rails::Html::Sanitizer)
1818
end
1919

20+
def test_best_supported_vendor_when_html5_is_not_supported_returns_html4
21+
Rails::HTML::Sanitizer.stub(:html5_support?, false) do
22+
assert_equal(Rails::HTML4::Sanitizer, Rails::HTML::Sanitizer.best_supported_vendor)
23+
end
24+
end
25+
26+
def test_best_supported_vendor_when_html5_is_supported_returns_html5
27+
skip("no HTML5 support on this platform") unless Rails::HTML::Sanitizer.html5_support?
28+
29+
Rails::HTML::Sanitizer.stub(:html5_support?, true) do
30+
assert_equal(Rails::HTML5::Sanitizer, Rails::HTML::Sanitizer.best_supported_vendor)
31+
end
32+
end
33+
2034
def test_html4_sanitizer_alias_full
2135
assert_equal(Rails::HTML4::FullSanitizer, Rails::HTML::FullSanitizer)
2236
assert_equal("Rails::HTML4::FullSanitizer", Rails::HTML::FullSanitizer.name)

0 commit comments

Comments
 (0)