prevents body comments to accept html a tags, sanitize them out instead as well

2015-09-10 19:05:34 +02:00
parent 31cf51f07a
commit 5ecbe01d47
2 changed files with 4 additions and 3 deletions
--- a/app/helpers/text_with_links_helper.rb
+++ b/app/helpers/text_with_links_helper.rb
@@ -2,7 +2,7 @@ module TextWithLinksHelper

  def text_with_links(text)
    return unless text
-    sanitized = sanitize text, tags: %w(a), attributes: %w(href)
+    sanitized = sanitize text
    Rinku.auto_link(sanitized, :all, 'target="_blank" rel="nofollow"').html_safe
  end