ruby-rails-html-sanitizer - HTML sanitization for Rails applications

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe i386
Package name: ruby-rails-html-sanitizer
Package version: 1.0.3
Package release: 2
Package architecture: all
Package type: deb
Installed size: 41 B
Download size: 8.32 KB
Official Mirror:
This gem is responsible to sanitize HTML fragments in Rails applications. In Rails 4.2 and above this gem will be responsible for sanitizing HTML fragments in Rails applications, i.e. in the sanitize, sanitize_css, strip_tags and strip_links methods.



    Source package: ruby-rails-html-sanitizer

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install ruby-rails-html-sanitizer deb package:
      # sudo apt-get install ruby-rails-html-sanitizer


    • /usr/lib/ruby/vendor_ruby/rails-html-sanitizer.rb
    • /usr/lib/ruby/vendor_ruby/rails/html/sanitizer.rb
    • /usr/lib/ruby/vendor_ruby/rails/html/scrubbers.rb
    • /usr/lib/ruby/vendor_ruby/rails/html/sanitizer/version.rb
    • /usr/share/doc/ruby-rails-html-sanitizer/
    • /usr/share/doc/ruby-rails-html-sanitizer/changelog.Debian.gz
    • /usr/share/doc/ruby-rails-html-sanitizer/copyright
    • /usr/share/rubygems-integration/all/specifications/rails-html-sanitizer-1.0.3.gemspec


    2016-03-05 - Christian Hofstaedtler <> ruby-rails-html-sanitizer (1.0.3-2) unstable; urgency=medium * Team upload. [ Cédric Boutillier ] * Bump debhelper compatibility level to 9 * Use https:// in Vcs-* fields * Bump Standards-Version to 3.9.7 (no changes needed) [ Christian Hofstaedtler ] * Drop ruby-rails from Depends, as no lib code actually loads rails; makes the dependency cycle a little less bad.

    2016-01-26 - Antonio Terceiro <> ruby-rails-html-sanitizer (1.0.3-1) unstable; urgency=high * New upstream release. Contains fixes for several XSS vulnerabilities: CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 (Closes: #812814) * debian/ruby-tests.rake: re-enable test that was disabled * 0001-Skip-some-tests-under-Debian.patch: skip tests where the sanitized HTML is XSS-free but does not match the exact content expected by the upstream test suite. I suspect that is due to Nokogiri not using its own patched version of libxml2 in Debian, but can't be sure of that yet. Also, the same tests would already fail on 1.0.2 if enabled.

    2015-05-05 - Balasankar C <> ruby-rails-html-sanitizer (1.0.2-1) unstable; urgency=medium * Initial release (Closes: #784326) * Disabled a test as it required gems which have Rails > 4.2.0 in its dependency chain