[ANN] loofah and loofah-activerecord 1.0.0

M

Mike Dalessio

[Note: parts of this message were removed to make it a legal post.]

Previous versions of loofah included both basic string sanitization
and ActiveRecord extensions. This release divides these two functions
into separate gems.

If you are using either of the loofah 0.4 ActiveRecord extensions, you
should update the dependency to 'loofah-activerecord >= 1.0.0'.

----------------------------------------

loofah 1.0.0 has been released!

* <http://github.com/flavorjones/loofah>

Loofah is a general library for manipulating and transforming HTML/XML
documents and fragments. It's built on top of Nokogiri and libxml2, so
it's fast and has a nice API.

Loofah excels at HTML sanitization (XSS prevention). It includes some
nice HTML sanitizers, which are based on HTML5lib's whitelist, so it
most likely won't make your codes less secure. (These statements have
not been evaluated by Netexperts.)

ActiveRecord extensions for sanitization are available in the
`loofah-activerecord` gem (see
http://github.com/flavorjones/loofah-activerecord).

Changes:

## 1.0.0 (2010-10-26)

Notes:

* Moved ActiveRecord functionality into `loofah-activerecord` gem.

----------------------------------------

loofah-activerecord version 1.0.0 has been released!

* <http://github.com/flavorjones/loofah-activerecord>

loofah-activerecord extends loofah's HTML sanitization into Rails
ActiveRecord models with two AR extensions:

* Loofah::XssFoliate, an XssTerminate drop-in replacement, is an
*opt-out* sanitizer. By default all models and attributes are
sanitized.
* Loofah::ActiveRecordExtension is an *opt-in* sanitizer. You must
explicitly declare attributes to be sanitized.

Changes:

## 1.0.0 (2010-10-26)

Notes

* ActiveRecord-related code from Loofah 0.4.7 has been moved here. See
http://github.com/flavorjones/loofah for a historical changelog.
* Using bundler to provide proper gem sandboxing in testing multiple rails
versions.
* Birthday!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,962
Messages
2,570,134
Members
46,692
Latest member
JenniferTi

Latest Threads

Top