Open
Description
html5lib/sanitizer.rb hints that users can subclass HTMLSanitizer and
define their own constants for the array of allowable elements, attributes,
CSS properties, &c. But a subclass that defines its own constants for any
of these arrays doesn't override the built-in constants. I think this has
to do with the way Ruby looks up constants from methods defined in modules.
In any case, one fix is to use the Module#const_get method in place of
direct constant access where they appear in the
HTMLSanitizeModule#sanitize_token and HTMLSanitizeModule#sanitize_css methods.
Original issue reported on code.google.com by paulsm...@gmail.com on 20 Jun 2007 at 11:25
Attachments: