Changeset 4336
- Timestamp:
- 07/26/07 08:20:29 (1 year ago)
- Files:
-
- plugins/rails_protection/trunk/rails_protection/lib/custom_sanitizer.rb (modified) (3 diffs)
- plugins/rails_protection/trunk/rails_protection/lib/custom_sanitizer_rules/default.rb (modified) (1 diff)
- plugins/rails_protection/trunk/rails_protection/lib/custom_sanitizer_rules/tiny_mce.rb (modified) (1 diff)
- plugins/rails_protection/trunk/rails_protection/lib/rails_protection_for_csrf.rb (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
plugins/rails_protection/trunk/rails_protection/lib/custom_sanitizer.rb
r4312 r4336 1 module RailsProtection Plugin#:nodoc:1 module RailsProtection #:nodoc: 2 2 module CustomSanitizer #:nodoc: 3 3 class Base #:nodoc: … … 39 39 rule = options[:rule] 40 40 elsif options[:rule].is_a?(Symbol) 41 rule = RailsProtection Plugin::CustomSanitizer::Base.rules[options[:rule]] || {}41 rule = RailsProtection::CustomSanitizer::Base.rules[options[:rule]] || {} 42 42 else 43 43 rule = {} … … 143 143 require 'custom_sanitizer_rules/tiny_mce' 144 144 145 ::ActionView::Base.send(:include, RailsProtection Plugin::CustomSanitizer::ActionViewMethods)145 ::ActionView::Base.send(:include, RailsProtection::CustomSanitizer::ActionViewMethods) plugins/rails_protection/trunk/rails_protection/lib/custom_sanitizer_rules/default.rb
r4286 r4336 1 RailsProtection Plugin::CustomSanitizer::Base.rules[:default] = {1 RailsProtection::CustomSanitizer::Base.rules[:default] = { 2 2 :b => {}, 3 3 :blockquote => {}, plugins/rails_protection/trunk/rails_protection/lib/custom_sanitizer_rules/tiny_mce.rb
r4286 r4336 1 RailsProtection Plugin::CustomSanitizer::Base.rules[:tiny_mce] = {1 RailsProtection::CustomSanitizer::Base.rules[:tiny_mce] = { 2 2 :a => { 3 3 :class => /\A[-_a-zA-Z0-9]+\Z/mn, plugins/rails_protection/trunk/rails_protection/lib/rails_protection_for_csrf.rb
r4331 r4336 1 module RailsProtection Plugin#:nodoc:1 module RailsProtection #:nodoc: 2 2 module Csrf #:nodoc: 3 3 module ActionControllerMethods #:nodoc: 4 4 def protection_for_csrf 5 5 if request.method == :post && params[:rails_protection_session_id] != session.session_id 6 raise RailsProtection Plugin::Csrf::SessionValidateException6 raise RailsProtection::Csrf::SessionValidateException 7 7 end 8 8 end … … 62 62 end 63 63 64 ::ActionController::Base.send(:include, RailsProtection Plugin::Csrf::ActionControllerMethods)64 ::ActionController::Base.send(:include, RailsProtection::Csrf::ActionControllerMethods) 65 65 ::ActionController::Base.class_eval do 66 66 before_filter :protection_for_csrf … … 70 70 alias :form_tag_original :form_tag 71 71 end 72 ::ActionView::Base.send(:include, RailsProtection Plugin::Csrf::ActionViewMethods)72 ::ActionView::Base.send(:include, RailsProtection::Csrf::ActionViewMethods)
