[ANN] loofah and loofah-activerecord 1.0.0

Discussion in 'Ruby' started by Mike Dalessio, Oct 26, 2010.

  1. [Note: parts of this message were removed to make it a legal post.]

    Previous versions of loofah included both basic string sanitization
    and ActiveRecord extensions. This release divides these two functions
    into separate gems.

    If you are using either of the loofah 0.4 ActiveRecord extensions, you
    should update the dependency to 'loofah-activerecord >= 1.0.0'.

    ----------------------------------------

    loofah 1.0.0 has been released!

    * <http://github.com/flavorjones/loofah>

    Loofah is a general library for manipulating and transforming HTML/XML
    documents and fragments. It's built on top of Nokogiri and libxml2, so
    it's fast and has a nice API.

    Loofah excels at HTML sanitization (XSS prevention). It includes some
    nice HTML sanitizers, which are based on HTML5lib's whitelist, so it
    most likely won't make your codes less secure. (These statements have
    not been evaluated by Netexperts.)

    ActiveRecord extensions for sanitization are available in the
    `loofah-activerecord` gem (see
    http://github.com/flavorjones/loofah-activerecord).

    Changes:

    ## 1.0.0 (2010-10-26)

    Notes:

    * Moved ActiveRecord functionality into `loofah-activerecord` gem.

    ----------------------------------------

    loofah-activerecord version 1.0.0 has been released!

    * <http://github.com/flavorjones/loofah-activerecord>

    loofah-activerecord extends loofah's HTML sanitization into Rails
    ActiveRecord models with two AR extensions:

    * Loofah::XssFoliate, an XssTerminate drop-in replacement, is an
    *opt-out* sanitizer. By default all models and attributes are
    sanitized.
    * Loofah::ActiveRecordExtension is an *opt-in* sanitizer. You must
    explicitly declare attributes to be sanitized.

    Changes:

    ## 1.0.0 (2010-10-26)

    Notes

    * ActiveRecord-related code from Loofah 0.4.7 has been moved here. See
    http://github.com/flavorjones/loofah for a historical changelog.
    * Using bundler to provide proper gem sandboxing in testing multiple rails
    versions.
    * Birthday!
    Mike Dalessio, Oct 26, 2010
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mike Dalessio

    [ANN] loofah 0.2.0 Released

    Mike Dalessio, Aug 11, 2009, in forum: Ruby
    Replies:
    0
    Views:
    109
    Mike Dalessio
    Aug 11, 2009
  2. Mike Dalessio

    [ANN] loofah 0.2.2 Released

    Mike Dalessio, Aug 31, 2009, in forum: Ruby
    Replies:
    0
    Views:
    94
    Mike Dalessio
    Aug 31, 2009
  3. Mike Dalessio

    [ANN] loofah 0.3.0 Released

    Mike Dalessio, Oct 7, 2009, in forum: Ruby
    Replies:
    0
    Views:
    91
    Mike Dalessio
    Oct 7, 2009
  4. Mike Dalessio

    [ANN] loofah 0.3.1 Released

    Mike Dalessio, Oct 13, 2009, in forum: Ruby
    Replies:
    1
    Views:
    83
    ara.t.howard
    Oct 13, 2009
  5. Mike Dalessio
    Replies:
    1
    Views:
    114
    Une BĂ©vue
    Oct 26, 2010
Loading...

Share This Page