Sanitize the contents of HTML attachments before display0.12.0.7 hotfix/0.12.0.7

author: Louise Crow <louise.crow@gmail.com> 2014-12-22 10:55:30 +0000
committer: Louise Crow <louise.crow@gmail.com> 2014-12-22 17:21:55 +0000
commit: 66a15c472dd2b09f3aa6e8933749c1bd1dca2632 (patch)
tree: 6e8a25cbe5b0e6cbc88b2e0fb5f7c6639d619f51 /config/application.rb
parent: b3cfe8d72ce339f5125df87fd2772de97d224d9f (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/config/application.rb b/config/application.rb
index 92fd30685..005d81225 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -35,6 +35,9 @@ module Alaveteli
     # JavaScript files you want as :defaults (application.js is always included).
     # config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
 
+    # Allow some extra tags to be whitelisted in the 'sanitize' helper method
+    config.action_view.sanitized_allowed_tags = 'html', 'head', 'body', 'table', 'tr', 'td', 'style'
+
     # Configure the default encoding used in templates for Ruby 1.9.
     config.encoding = "utf-8"
author	Louise Crow <louise.crow@gmail.com>	2014-12-22 10:55:30 +0000
committer	Louise Crow <louise.crow@gmail.com>	2014-12-22 17:21:55 +0000
commit	66a15c472dd2b09f3aa6e8933749c1bd1dca2632 (patch)
tree	6e8a25cbe5b0e6cbc88b2e0fb5f7c6639d619f51 /config/application.rb
parent	b3cfe8d72ce339f5125df87fd2772de97d224d9f (diff)