wiki.ohea.xyz/gollum
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Update sanitization.md

Browse Source 
Document customization of sanitation settings; see https://github.com/gollum/gollum/issues/759
This commit is contained in:
Dawa Ometto
2014-01-23 19:29:20 +01:00
parent ff302ed842
commit 7ea45d5e89
1 changed files with 19 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/sanitization.md
+19 -18
View File
@@ -2,31 +2,32 @@ Sanitization Rules
==================
Gollum uses the [Sanitize](http://wonko.com/post/sanitize) gem for HTML
sanitization.
sanitization. Below you find the default allowed tags, attributes, and protocols, as well as directions to customize these settings.
See `lib/gollum.rb` for actual settings.
# Default Settings
## ALLOWED TAGS
a, abbr, acronym, address, area, b, big, blockquote, br, button, caption,
center, cite, code, col, colgroup, dd, del, dfn, dir, div, dl, dt, em,
fieldset, font, form, h1, h2, h3, h4, h5, h6, hr, i, img, input, ins, kbd,
label, legend, li, map, menu, ol, optgroup, option, p, pre, q, s, samp,
select, small, span, strike, strong, sub, sup, table, tbody, td, textarea,
tfoot, th, thead, tr, tt, u, ul, var
a, abbr, acronym, address, area, b, big, blockquote, br, button, caption, center, cite, code, col, colgroup, dd, del, dfn, dir, div, dl, dt, em, fieldset, font, form, h1, h2, h3, h4, h5, h6, hr, i, img, input, ins, kbd, label, legend, li, map, menu, ol, optgroup, option, p, pre, q, s, samp, select, small, span, strike, strong, sub, sup, table, tbody, td, textarea, tfoot, th, thead, tr, tt, u, ul, var
## ALLOWED ATTRIBUTES
abbr, accept, accept-charset, accesskey, action, align, alt, axis, border,
cellpadding, cellspacing, char, charoff, charset, checked, cite, class, clear,
cols, colspan, color, compact, coords, datetime, dir, disabled, enctype, for,
frame, headers, height, href, hreflang, hspace, id, ismap, label, lang,
longdesc, maxlength, media, method, multiple, name, nohref, noshade, nowrap,
prompt, readonly, rel, rev, rows, rowspan, rules, scope, selected, shape,
size, span, src, start, summary, tabindex, target, title, type, usemap,
valign, value, vspace, width
a href, abbr, accept, accept-charset, accesskey, action, align, alt, axis, border, cellpadding, cellspacing, char, charoff, class, charset, checked, cite, clear, cols, colspan, color, compact, coords, datetime, dir, disabled, enctype, for, frame, headers, height, hreflang, hspace, id, img src, ismap, label, lang, longdesc, maxlength, media, method, multiple, name, nohref, noshade, nowrap, prompt, readonly, rel, rev, rows, rowspan, rules, scope, selected, shape, size, span, start, summary, tabindex, target, title, type, usemap, valign, value, vspace, width
## ALLOWED PROTOCOLS
a href: http, https, mailto
img src: http, https
a href: http, https, mailto, ftp, irc, apt, :relative
img src: http, https, :relative
form action: http, https, :relative
# Customizing
To customize these settings, edit your `config.rb` file along the following lines (be sure to run gollum with the `--config` option):
```ruby
sanitizer = Gollum::Sanitization.new
sanitizer.protocols['a']['href'].concat ['ssh', 'vnc'] # Protocols
sanitizer.elements.concat ['customtag1', 'customtag2'] # Tags
sanitizer.attributes['a'].push 'target' # Attributes
Precious::App.set(:wiki_options, {:sanitization => sanitizer})
```