Sanitize the contents of HTML attachments before display0.13.0.6 hotfix/0.13.0.6

author: Louise Crow <louise.crow@gmail.com> 2014-12-22 10:55:30 +0000
committer: Louise Crow <louise.crow@gmail.com> 2014-12-22 17:15:22 +0000
commit: c77b4818340ab10206ef57459e830e87c576b497 (patch)
tree: 195c0f74a9ac7bad8dccc32f5903918d581759dc /config/application.rb
parent: ebf13d76efcfb60ca56e9557b0fe1e6528ee03ff (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/config/application.rb b/config/application.rb
index 92fd30685..005d81225 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -35,6 +35,9 @@ module Alaveteli
     # JavaScript files you want as :defaults (application.js is always included).
     # config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
 
+    # Allow some extra tags to be whitelisted in the 'sanitize' helper method
+    config.action_view.sanitized_allowed_tags = 'html', 'head', 'body', 'table', 'tr', 'td', 'style'
+
     # Configure the default encoding used in templates for Ruby 1.9.
     config.encoding = "utf-8"
author	Louise Crow <louise.crow@gmail.com>	2014-12-22 10:55:30 +0000
committer	Louise Crow <louise.crow@gmail.com>	2014-12-22 17:15:22 +0000
commit	c77b4818340ab10206ef57459e830e87c576b497 (patch)
tree	195c0f74a9ac7bad8dccc32f5903918d581759dc /config/application.rb
parent	ebf13d76efcfb60ca56e9557b0fe1e6528ee03ff (diff)