[Rails] [ANN] loofah v2.2.0 released

loofah version 2.2.0 has been released! * * * Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on

[Rails] [ANN] loofah 2.1.0 released

loofah version 2.1.0 has been released! TL;DR: CSS property parsing and sanitization has been re-implemented on top of Crass: https://github.com/rgrove/crass replacing the regexes that were lifted from html5lib back in 2009. I'm relatively sure this is a good thing. Note that Loofah

[Rails] [ANN] loofah-activerecord 2.0.0 Released

loofah-activerecord version 2.0.0 has been released! * * * `loofah-activerecord` extends `loofah`'s HTML sanitization into Rails

[Rails] [ANN] loofah 2.1.0.rc1 released

loofah version 2.1.0.rc1 has been released! TL;DR: CSS property parsing and sanitization has been re-implemented on top of Crass: https://github.com/rgrove/crass replacing the regexes that were lifted from html5lib back in 2009. I'm relatively sure this is a good thing. I would very much

[Rails] Re: Nokogiri not returning attribute value verbatim

On Nov 2, 6:03 pm, David Kahn d...@structuralartistry.com wrote: On Tue, Nov 2, 2010 at 3:59 PM, David Kahn d...@structuralartistry.comwrote: On Tue, Nov 2, 2010 at 3:50 PM, David Kahn d...@structuralartistry.comwrote: On Tue, Nov 2, 2010 at 3:22 PM, Marnen Laibow-Koser

[Rails] [ANN] loofah 0.4.7 Released

loofah version 0.4.7 has been released! * http://github.com/flavorjones/loofah * http://loofah.rubyforge.org * http://rubyforge.org/projects/loofah Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's

[Rails] [Security] [ANN] Loofah has an HTML injection / XSS vulnerability, please upgrade to 0.4.6

Synopsis -- Loofah::HTML::Document#text emits unencoded HTML entities prior to 0.4.6. This was originally by design, since the output of #text is intended to be used in a non-HTML context (such as generation of human-readable text documents). However, Loofah::XssFoliate's default

[Rails] [ANN] loofah 0.4.2 Released

loofah version 0.4.2 has been released! * http://loofah.rubyforge.org * http://rubyforge.org/projects/loofah * http://github.com/flavorjones/loofah Loofah is a general library for manipulating HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a

[Rails] [ANN] loofah 0.3.1 Released

loofah version 0.3.1 has been released! * http://loofah.rubyforge.org * http://rubyforge.org/projects/loofah * http://github.com/flavorjones/loofah Loofah is an HTML sanitizer. It will always fix broken markup, but can also sanitize unsafe tags in a few different ways, and transform the markup

[Rails] [ANN] loofah 0.3.0 Released

loofah version 0.3.0 has been released! * http://loofah.rubyforge.org * http://rubyforge.org/projects/loofah * http://github.com/flavorjones/loofah Loofah is an HTML sanitizer. It will always fix broken markup, but can also sanitize unsafe tags in a few different ways, and transform the markup

[Rails] Re: difficulty in understanding the valgrind output for ror

On Nov 6, 12:33 am, Santosh Turamari [EMAIL PROTECTED] s.net wrote: Hi, I am trying with bleak_house... it gives the dump... but in dump analyze I am getting the following output...I am not able to track this output also..pls help me out. bleak /tmp/bleak.6524.0.dump Displaying top 20

[Rails] Re: difficulty in understanding the valgrind output for ror app.

On Nov 5, 1:09 am, Santosh Turamari [EMAIL PROTECTED] wrote: Hi, I am facing the difficulty in understanding the output of valgrind memory leaks. How to interpret it. pls help me out. For the ruby interpreter, you should probably think about running valgrind with the following options: