[ANN] loofah 0.3.0 Released

M

Mike Dalessio

[Note: parts of this message were removed to make it a legal post.]

loofah version 0.3.0 has been released!

* <http://loofah.rubyforge.org>
* <http://rubyforge.org/projects/loofah>
* <http://github.com/flavorjones/loofah>

Loofah is an HTML sanitizer. It will always fix broken markup, but
can also sanitize unsafe tags in a few different ways, and transform
the markup for storage or display.

It's built on top of Nokogiri and libxml2, so it's fast. And it uses
html5lib's whitelist, so it most likely won't make your codes less
secure. *

* These statements have not been evaluated by Netexperts.

Changes:

## 0.3.0 (2009-10-06)

Enhancements:

* New ActiveRecord extension `xss_foliate`, a drop-in replacement for
xss_terminate.
* Replacement methods for ActionView's helper methods `sanitize()` and
`strip_tags()`.
* Official support (and test coverage) for Rails versions 2.3, 2.2, 2.1, 2.0
and 1.2.

Deprecations:

* The methods strip_tags, whitewash, whitewash_document, sanitize, and
sanitize_document have been deprecated. See DEPRECATED.rdoc for
details on the equivalent calls with the post-0.2 API.

== FEATURES

* _Strip_ unsafe tags, leaving behind only the inner text.
* _Prune_ unsafe tags and their subtrees, removing all traces that they ever
existed.
* _Escape_ unsafe tags and their subtrees, leaving behind lots of &lt; and
&gt; entities.
* _Whitewash_ the markup, removing all attributes and namespaced nodes.
* Format the markup as plain text.
* Two ActiveRecord extensions:
* An *opt-out* sanitizer that sanitizes all models and attributes by
default
(it's also an XssTerminate drop-in replacement).
* An *opt-in* sanitizer which sanitized the attributes you
explicitly declare to be sanitized.
* 99 44/100 % pure
* Performance compares favorably with similar libraries:
http://gist.github.com/170193
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,965
Messages
2,570,148
Members
46,710
Latest member
FredricRen

Latest Threads

Top