Commit e936b0ae7847f8ff3468d544011c81605050c5b4

Authored by Joenio Costa
1 parent efe01800

Allow 'rowspan' and 'colspan' in Noosfero's contents

thanks Braulio!
config/application.rb
@@ -20,7 +20,7 @@ module Noosfero @@ -20,7 +20,7 @@ module Noosfero
20 require 'noosfero/plugin' 20 require 'noosfero/plugin'
21 21
22 # Adds custom attributes to the Set of allowed html attributes for the #sanitize helper 22 # Adds custom attributes to the Set of allowed html attributes for the #sanitize helper
23 - config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder', 'controls', 'autoplay' 23 + config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder', 'controls', 'autoplay', 'colspan', 'rowspan'
24 24
25 # Adds custom tags to the Set of allowed html tags for the #sanitize helper 25 # Adds custom tags to the Set of allowed html tags for the #sanitize helper
26 config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe', 'audio', 'video', 'source' 26 config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe', 'audio', 'video', 'source'
test/unit/tiny_mce_article_test.rb
@@ -8,7 +8,7 @@ class TinyMceArticleTest < ActiveSupport::TestCase @@ -8,7 +8,7 @@ class TinyMceArticleTest < ActiveSupport::TestCase
8 @profile = create_user('zezinho').person 8 @profile = create_user('zezinho').person
9 end 9 end
10 attr_reader :profile 10 attr_reader :profile
11 - 11 +
12 # this test can be removed when we get real tests for TinyMceArticle 12 # this test can be removed when we get real tests for TinyMceArticle
13 should 'be an article' do 13 should 'be an article' do
14 assert_subclass TextArticle, TinyMceArticle 14 assert_subclass TextArticle, TinyMceArticle
@@ -210,7 +210,7 @@ end @@ -210,7 +210,7 @@ end
210 assert_equal true, a.notifiable? 210 assert_equal true, a.notifiable?
211 assert_equal true, a.advertise? 211 assert_equal true, a.advertise?
212 assert_equal true, a.is_trackable? 212 assert_equal true, a.is_trackable?
213 - 213 +
214 a.published=false 214 a.published=false
215 assert_equal false, a.published? 215 assert_equal false, a.published?
216 assert_equal false, a.is_trackable? 216 assert_equal false, a.is_trackable?
@@ -237,4 +237,13 @@ end @@ -237,4 +237,13 @@ end
237 assert_tag_in_string article.body, :tag => 'source', :attributes => {:src => 'http://example.ogv', :type => 'video/ogg'} 237 assert_tag_in_string article.body, :tag => 'source', :attributes => {:src => 'http://example.ogv', :type => 'video/ogg'}
238 end 238 end
239 239
  240 + should 'not sanitize colspan and rowspan attributes' do
  241 + article = TinyMceArticle.create!(:name => 'table with colspan and rowspan',
  242 + :body => "<table colspan='2' rowspan='3'><tr></tr></table>",
  243 + :profile => profile
  244 + )
  245 + assert_tag_in_string article.body, :tag => 'table',
  246 + :attributes => { :colspan => 2, :rowspan => 3 }
  247 + end
  248 +
240 end 249 end