Commit d4ef9db6 authored by Jerry Cheung's avatar Jerry Cheung

Merge pull request #50 from benubois/strip_script_contents

Strip contents of <script> tags.
parents 0cd61362 c912d6d2
......@@ -35,6 +35,7 @@ module HTML
div ins del sup sub p ol ul table blockquote dl dt dd
kbd q samp var hr ruby rt rp li tr td th
),
:remove_contents => ['script'],
:attributes => {
'a' => ['href'],
'img' => ['src'],
......
......@@ -44,4 +44,9 @@ class HTML::Pipeline::SanitizationFilterTest < Test::Unit::TestCase
stuff = '<a href="github-windows://spillthelog">Spill this yo</a> and so on'
assert_equal stuff, SanitizationFilter.call(stuff).to_s
end
def test_script_contents_are_removed
orig = '<script>JavaScript!</script>'
assert_equal "", SanitizationFilter.call(orig).to_s
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment