Loofah 0.2.2 Released

loofah version 0.2.2 has been released!

Loofah is an HTML sanitizer. It will always fix broken markup, but
can also sanitize unsafe tags in a few different ways, and transform
the markup for storage or display.

It’s built on top of Nokogiri and libxml2, so it’s fast. And it uses
html5lib’s whitelist, so it most likely won’t make your codes less
secure.

(These statements have not been evaluated by Internet Experts.)

This library was formerly known as Dryopteris.

Changes (since last announcement):

0.2.2 (2009-09-30)

Enhancements:

  • ActiveRecord extension scrubs fields in a before_validation callback
    (was previously in a before_save)

0.2.1 (2009-09-19)

Enhancements:

  • when loaded in a Rails app, automatically extend ActiveRecord::Base
    with html_fragment and html_document. GH #6 (Thanks Josh Nichols!)

Bugfixes:

  • ActiveRecord scrubbing should generate strings instead of Document or
    DocumentFragment objects. GH #5
  • init.rb fixed to support installation as a Rails plugin. GH #6
    (Thanks Josh Nichols!)

== SUPPORT

The bug tracker is available here:

You can also try the Nokogiri mailing list:

And the IRC channel is #nokogiri on freenode.