@@ -27,18 +27,10 @@ module ActionView
2727 module Helpers
2828 module SanitizeHelper
2929 module ClassMethods
30- if method_defined? ( :sanitizer_vendor ) || private_method_defined? ( :sanitizer_vendor )
31- undef_method ( :sanitizer_vendor )
32- end
33-
3430 def sanitizer_vendor
3531 Rails ::Html ::Sanitizer
3632 end
3733
38- if method_defined? ( :sanitized_allowed_tags= ) || private_method_defined? ( :sanitized_allowed_tags= )
39- undef_method ( :sanitized_allowed_tags= )
40- end
41-
4234 # Replaces the allowed tags for the +sanitize+ helper.
4335 #
4436 # class Application < Rails::Application
@@ -49,10 +41,6 @@ def sanitized_allowed_tags=(tags)
4941 sanitizer_vendor . white_list_sanitizer . allowed_tags = tags
5042 end
5143
52- if method_defined? ( :sanitized_allowed_attributes= ) || private_method_defined? ( :sanitized_allowed_attributes= )
53- undef_method ( :sanitized_allowed_attributes= )
54- end
55-
5644 # Replaces the allowed HTML attributes for the +sanitize+ helper.
5745 #
5846 # class Application < Rails::Application
@@ -62,6 +50,27 @@ def sanitized_allowed_tags=(tags)
6250 def sanitized_allowed_attributes = ( attributes )
6351 sanitizer_vendor . white_list_sanitizer . allowed_attributes = attributes
6452 end
53+
54+ [ :protocol_separator ,
55+ :uri_attributes ,
56+ :bad_tags ,
57+ :allowed_css_properties ,
58+ :allowed_css_keywords ,
59+ :shorthand_css_properties ,
60+ :allowed_protocols ] . each do |meth |
61+ meth_name = "sanitized_#{ meth }
62+
63+ define_method ( meth_name ) { deprecate_option ( meth_name ) }
64+ define_method ( "#{ meth_name } ) { |_ | deprecate_option ( "#{ meth_name } ) }
65+ end
66+
67+ private
68+ def deprecate_option ( name )
69+ ActiveSupport ::Deprecation . warn "The #{ name } \
70+ "and has no effect. Until Rails 5 the old behavior can still be " \
71+ "installed. To do this add the `rails-deprecated-sanitizer` to " \
72+ "your Gemfile. Consult the Rails 4.2 upgrade guide for more information."
73+ end
6574 end
6675 end
6776 end
0 commit comments