diff --git a/README.rdoc b/README.rdoc index ca77d6e..85b6bf2 100644 --- a/README.rdoc +++ b/README.rdoc @@ -2,7 +2,7 @@ This plugin, based on Chris Wanstrath's venerable acts_as_textiled, extends the automatic textiling functionality to sanitization as well using as its basis Ryan Grove's powerful yet simple Sanitize gem. -*Important Development Status Update* There used to be a paragraph here about why I liked this approach, but I've come to disagree with it over time. First, generally because the Rails 3 / rails_xss approach of tainted strings is ultimately better than the bandaid that this provided. But specifically because the cleverness of the solution outweighs its usefulness. It's a lot of hacking around internals simply to avoid calling a helper in a view, which while easy to forget, does not usually appear in all that many places or change all that often. Meanwhile, the internals of the model carry significantly more complexity, and suffer irredeemable breakages when you introduce something like I18n with Globalize2. Aside from that, any gains that were made are erased the minute you need to emit something other than HTML. With that in mind, I am still maintaining acts_as_sanitiled to the extent I need it, but I am no longer sanctioning the approach, and I would recommend deprecating your usage of the plugin. +Important Development Status Update There used to be a paragraph here about why I liked this approach, but I've come to disagree with it over time. First, generally because the Rails 3 / rails_xss approach of tainted strings is ultimately better than the bandaid that this provided. But specifically because the cleverness of the solution outweighs its usefulness. It's a lot of hacking around internals simply to avoid calling a helper in a view, which while easy to forget, does not usually appear in all that many places or change all that often. Meanwhile, the internals of the model carry significantly more complexity, and suffer irredeemable breakages when you introduce something like I18n with Globalize2. Aside from that, any gains that were made are erased the minute you need to emit something other than HTML. With that in mind, I am still maintaining acts_as_sanitiled to the extent I need it, but I am no longer sanctioning the approach, and I would recommend deprecating your usage of the plugin. == Requirements @@ -10,7 +10,7 @@ The officially sanctioned requirements are: * Sanitize >1.1.0 (prior versions had a whitespace issue) * RedCloth >4.1.0 -* ActiveRecord (tested on 2.3.10) +* ActiveRecord (tested on 2.3.10 and 3.0.9) However there are a lot of little aberrations in output when you start mixing and matching versions of the various moving parts. Most recently I am working with REE 1.8.7, Sanitize 2.0.0, RedCloth 4.2.5, and Nokogiri 1.4.4, and I make sure specs pass with that mix. With other versions things should still work but the output might be slightly different (see known issues)