Removed some of the tags that does not make sense to allow per default in the whitelist

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8269 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
2026-01-30 08:48:06 -05:00 · 2007-12-04 20:04:48 +00:00
parent cfa31c30b8
commit 0aec2423ed
1 changed files with 2 additions and 2 deletions
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/sanitizer.rb
@@ -72,9 +72,9 @@ module HTML
    self.bad_tags               = Set.new(%w(script))
    
    # Specifies the default Set of tags that the #sanitize helper will allow unscathed.
-    self.allowed_tags           = Set.new(%w(strong em b i p code pre tt output samp kbd var sub 
+    self.allowed_tags           = Set.new(%w(strong em b i p code pre tt samp kbd var sub 
      sup dfn cite big small address hr br div span h1 h2 h3 h4 h5 h6 ul ol li dt dd abbr 
-      acronym a img blockquote del ins fieldset legend))
+      acronym a img blockquote del ins))

    # Specifies the default Set of html attributes that the #sanitize helper will leave 
    # in the allowed tag.