Skip to content
This repository has been archived by the owner on May 1, 2022. It is now read-only.

Commit

Permalink
Readme tweaks
Browse files Browse the repository at this point in the history
  • Loading branch information
gtd committed Jul 3, 2011
1 parent ad6d9bd commit a0bc6c5
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.rdoc
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@

This plugin, based on Chris Wanstrath's venerable acts_as_textiled, extends the automatic textiling functionality to sanitization as well using as its basis Ryan Grove's powerful yet simple Sanitize gem.

*Important Development Status Update* There used to be a paragraph here about why I liked this approach, but I've come to disagree with it over time. First, generally because the Rails 3 / rails_xss approach of tainted strings is ultimately better than the bandaid that this provided. But specifically because the cleverness of the solution outweighs its usefulness. It's a lot of hacking around internals simply to avoid calling a helper in a view, which while easy to forget, does not usually appear in all that many places or change all that often. Meanwhile, the internals of the model carry significantly more complexity, and suffer irredeemable breakages when you introduce something like I18n with Globalize2. Aside from that, any gains that were made are erased the minute you need to emit something other than HTML. With that in mind, I am still maintaining acts_as_sanitiled to the extent I need it, but I am no longer sanctioning the approach, and I would recommend deprecating your usage of the plugin.
<b>Important Development Status Update</b> There used to be a paragraph here about why I liked this approach, but I've come to disagree with it over time. First, generally because the Rails 3 / rails_xss approach of tainted strings is ultimately better than the bandaid that this provided. But specifically because the cleverness of the solution outweighs its usefulness. It's a lot of hacking around internals simply to avoid calling a helper in a view, which while easy to forget, does not usually appear in all that many places or change all that often. Meanwhile, the internals of the model carry significantly more complexity, and suffer irredeemable breakages when you introduce something like I18n with Globalize2. Aside from that, any gains that were made are erased the minute you need to emit something other than HTML. With that in mind, I am still maintaining acts_as_sanitiled to the extent I need it, but I am no longer sanctioning the approach, and I would recommend deprecating your usage of the plugin.

== Requirements

The officially sanctioned requirements are:

* Sanitize >1.1.0 (prior versions had a whitespace issue)
* RedCloth >4.1.0
* ActiveRecord (tested on 2.3.10)
* ActiveRecord (tested on 2.3.10 and 3.0.9)

However there are a lot of little aberrations in output when you start mixing and matching versions of the various moving parts. Most recently I am working with REE 1.8.7, Sanitize 2.0.0, RedCloth 4.2.5, and Nokogiri 1.4.4, and I make sure specs pass with that mix. With other versions things should still work but the output might be slightly different (see known issues)

Expand Down

0 comments on commit a0bc6c5

Please sign in to comment.