scinote-web/app/helpers/input_sanitize_helper.rb

module InputSanitizeHelper
  def sanitize_input(text)
    ActionController::Base.helpers.sanitize(
      text,
      tags: Constants::WHITELISTED_TAGS,
      attributes: Constants::WHITELISTED_ATTRIBUTES
    )
  end

  def escape_input(text)
    ERB::Util.html_escape(text)
  end
end
Initial code commit [SCI-102] 2017-01-03 05:27:12 +08:00			`module InputSanitizeHelper`
			`def sanitize_input(text)`
Add list of whitelisted attributes [SCI-102] 2017-01-05 22:33:41 +08:00			`ActionController::Base.helpers.sanitize(`
			`text,`
			`tags: Constants::WHITELISTED_TAGS,`
			`attributes: Constants::WHITELISTED_ATTRIBUTES`
			`)`
Initial code commit [SCI-102] 2017-01-03 05:27:12 +08:00			`end`
Add user input sanitizing in the models [SCI-102] 2017-01-05 19:51:14 +08:00
			`def escape_input(text)`
			`ERB::Util.html_escape(text)`
			`end`
Initial code commit [SCI-102] 2017-01-03 05:27:12 +08:00			`end`