Project

inquisition

0.0
No commit activity in last 3 years
No release in over 3 years
inquisitionthumblemonks/inquisitionHomepageDocumentationSource CodeBug TrackerWiki
Inquisition is a fancy way to protect your ActiveRecord attributes from XSS
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
12,185
Stars
1
Forks
0
Watchers
4
 Releases
Current version
0.3.1
Total releases
3
First release
2009-07-06
Latest release
2009-11-11
 Development
Primary Language
Ruby
Average date of last 50 commits
2009-06-02
Reverse Dependencies
0

 Dependencies

Runtime

html5
>= 0.10.0
 Project Readme

Inquisition¶ ↑

Introduction¶ ↑

Inquisition will sanitize HTML as to help avoid cross site scripting attacks! It keeps your strings heresy-free.

How¶ ↑

Inquisition offers you three methods on Object:

cleanse_attr *attributes, options
cleanse_attr_reader *attributes, options
cleanse_attr_writer *attributes, options

These methods will wrap your getters and/or setters for an attribute through a HTML5 Sanitizer. This should help to protect against most kinds of cross site scripting attacks.

For example:

cleanse_attr :name, :allow => {:name => /(<strong>)/}

The above example will clean all values written to or read from the name attribute, but will not remove strong tags.

Installation¶ ↑ 

sudo gem install thumblemonks-inquisition

Copyright¶ ↑

lib/html5lib_sanitize.rb Copyright © Jacques Distler

Everything else is Copyright © 2009 Alexander Rakoczy. See LICENSE for details.