Module: ConcernsOnRails::Support::HtmlSanitizers
- Defined in:
- lib/concerns_on_rails/support/html_sanitizers.rb
Overview
Memoized, feature-detected HTML sanitizer instances shared by the sanitizing concerns (currently Models::Sanitizable).
Picks the HTML5 parser (Rails::HTML5::*, the default since Rails 7.1, so it matches the host app's own ActionView sanitize/strip_tags output) when the platform supports it, and otherwise falls back to HTML4 (libgumbo / HTML5 is unavailable on JRuby) — mirroring Rails core.
The namespace decision and each sanitizer are built lazily on first use, so libgumbo / ActionView is never probed at file-load time, and the instances are reused (they are thread-safe for #sanitize) rather than re-allocated per attribute access.
We reference Rails::HTML5 / Rails::HTML4 explicitly: the bare Rails::HTML::* aliases silently resolve to the HTML4 implementation.
Class Method Summary collapse
-
.full ⇒ Object
Removes every tag, keeping the inner text.
- .link ⇒ Object
- .namespace ⇒ Object
-
.safe ⇒ Object
Rails' curated allow-list: keeps formatting tags (em / strong / a / p…), drops